[potentially taking us off-topic for this list, let me know] On Fri, Nov 1, 2013, at 02:32 AM, Peter Saint-Andre wrote: > If I understand your scenario correctly, I think this is where POSH > would help:
Interesting, I'd not heard of POSH before. If I'm understanding this correctly (from a _very_ quick skim through the spec), its rather like DANE except using HTTPS instead of DNSSEC for distribution of certificate material, right? In any case it doesn't look particularly useful for us, because for most of our domains we actually do basic web hosting as well (we're mostly a consumer-grade service) and we don't have valid certificates for those either (the cost of certs and IP addresses would be prohibitive). Neither do we have the demand. DANE is better for us because we usually host the DNS. Even the 30+ domains we own ourselves don't get their own certs (eg https://fastmail.co.uk/). We're likely to do something with DANE next year for email, and I'll take a proper look at what's happening with XMPP then (a quick search looks like there's been a fair bit of movement in this area in the last couple of years, so I've got a lot to catch up on, which I don't have time for right now). Client support is likely to be the killer. Our Jabber service is very much a niche service, not heavily used. Its already hard to justify the time to work on it. If I can't do something that's going to benefit everyone using it then its probably not going to happen. If someone wants to give me a quick rundown on the state the various specs for XMPP virtual hosting support I'd really appreciate it (maybe off-list). I haven't paid much attention to XMPP since about 2006, and I'd like to get roughly up to speed if I'm going to seriously support our server (which it appears I might be, hah). Cheers, Rob N.
