First Pidgin is great. Thanks. My question is related to TLS implementation of xmpp client functionality that I think is unspecific to pidgin
As u know a xmpp domain may have more than 1 server handling c2s connections. Perhaps that is the original reason why when a client connects to server via TLS it check to see if ssl cert is issued in domain name not server name; that way a domain can use 1 cert in all servers. In the opposite case of one server handling multiple virtual domains this is undesirable since otherwise one cert suffices Moreover assuming DNS is safe (big assumption in the past & some will say now) should client not do DNS look up and then use server cert to verify authenticity of it Just curios in general about how xmpp client authors decide to check domain name with the SSL certificate I have tested aidium psi empathy ichat beem in addition to pidgin on windows and linux HTTP and smtp does not work like that
_______________________________________________ Support@pidgin.im mailing list Want to unsubscribe? Use this link: http://pidgin.im/cgi-bin/mailman/listinfo/support
