I doubt someone arguing that ssh is more widely used (either in terms of traffic or in terms of users) than SSL/TLS, or even than just the https usage of SSL/TLS, would be taken very seriously.
If Jabber servers had started with S2S defaulting to SSL, then trusted issuers would be the only way to make the server administration scale. Since we did not, servers really can only require SSL in environments where you are pairing with a limited number of other servers; for these environments, using manually entered self-signed certificates is usually the way to go. -David Waite On Fri, 12 Nov 2004 11:36:12 -0700, Peter Saint-Andre <[EMAIL PROTECTED]> wrote: > Precisely. And one can argue that ssh is the most-used encryption > technology on the planet. Perhaps "opportunistic cryptography" is not a > bad model to follow? Even the IETF seems to be moving in the direction > of recognizing reality on this issue -- see the "Better Than Nothing > Security" BOF at IETF 61 this week: > > http://www.financialcryptography.com/mt/archives/000247.html#more > > Peter > > > > _______________________________________________ > jdev mailing list > [EMAIL PROTECTED] > http://mail.jabber.org/mailman/listinfo/jdev > _______________________________________________ jdev mailing list [EMAIL PROTECTED] http://mail.jabber.org/mailman/listinfo/jdev
