On Wed May 24 23:49:23 2006, Peter Saint-Andre wrote:
I haven't started to think about client-side certs much yet, since
end
users find them awfully confusing. I think it would be good for
clients
to support them, but right now I'm more focused on making sure that
both
clients and servers correctly handle server certs (and that we start
using server certs much more widely).
Well, I think people ought to be authenticating the server. Whether
that's done by placing your trust in Verisign, or by the more direct
mutual authentication provided by SASL mechanisms like DIGEST-MD5,
doesn't really matter so much. For XMPP clients, I'd personally say
that SASL-based mutual auth is a better fit.
Dave.
--
Dave Cridland - mailto:[EMAIL PROTECTED] - xmpp:[EMAIL PROTECTED]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade