-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 8/26/09 2:39 PM, Justin Karneges wrote: > On Wednesday 26 August 2009 13:31:13 Peter Saint-Andre wrote: >> As a result, it is possible that admins might feel the need to request >> multiple Class 1 certs in order to deploy an XMPP service (if they are >> not able to obtain a Class 2 certificate). For example, at the >> jabber.org service we might use one Class 1 certificate for the domain >> name "jabber.org" and another Class 1 certificate for the domain name >> "conference.jabber.org". This would require our XMPP server software to >> present the "jabber.org" certificate when a peer server attempts to open >> an s2s connection to the jabber.org domain, whereas it would present the >> "conference.jabber.org" certificate when someone from a peer server >> attempts to join a chatroom at the conference.jabber.org MUC service. I >> do not know of any XMPP server software that can present two (or more) >> different certs for s2s connections depending on the domain name >> specified by the peer server. > > You can put many names into one cert. For a short set of domains, this ought > to be practical.
True, as long as your CA honors the CSR you provide. So perhaps this is a non-issue... Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkqVoCYACgkQNL8k5A2w/vwi2ACdHjC3ErGDaEfqInRdbhGuMbGc YWUAoPOwS689kKVoIBb7THczjtp41zgb =hmfV -----END PGP SIGNATURE----- _______________________________________________ JDev mailing list Forum: http://www.jabberforum.org/forumdisplay.php?f=20 Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
