-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Trejkaz wrote: > Gary Burd wrote: >> A couple of snips from the conversation: >> >>> For hosting providers it's usually an up-sell to your >>> customers to add security >> >>> because it's each domain owner's responsibility to >>> manage their own certificate. >> >> Extra cost and responsiblity can impede XMPP adoption. > > Look, if people don't want TLS, we're not forcing them to use it.
Well, but we want people to use TLS. If it's too difficult, then we'll have a less secure network. And that seems like a Bad Thing even if it's not our fault. > There are other ways to streamline these things, such as making it > easier for people running an XMPP server to get a certificate. > > As far as "cost", http://www.cacert.org/ -- use it, love it, urge > everyone to add their root certificate. Yes, CAcert is great and I've been working with them to get support for id-on-xmppAddr into their certs. But that doesn't necessarily make it easier for people who are hosting a *lot* of XMPP domains to support TLS. Peter - -- Peter Saint-Andre Jabber Software Foundation http://www.jabber.org/people/stpeter.shtml -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEBjMfNF1RSzyt3NURArkfAJ4nBianzS/6O8hMqAO6hWQxfbg0ugCghJEo i9QdOduxMWNmN0cJwNogV4Y= =jWZG -----END PGP SIGNATURE-----
smime.p7s
Description: S/MIME Cryptographic Signature