Hi everyone,
thank you for your explanations. I'm still fairly new to this so thank
you for your patience...!
Am Tue, 19 Jul 2016 19:25:11 +0100
schrieb Dave Cridland :
> Yes, in RFC 5280, RFC 6125, and RFC 6120. But they're relatively tough
> reading (especially 5280).
I'm out for a longer read
On 20 July 2016 at 10:15, Dave Cridland wrote:
>
>
> On 20 July 2016 at 10:07, Simon Josefsson wrote:
>
>> Sam Whited writes:
>>
>> > On Tue, Jul 19, 2016 at 4:53 AM, Simon Josefsson
>> wrote:
>> >> I wonder if people really care about this usage any more -- it does not
>> >> scale well (all d
On 20 July 2016 at 10:07, Simon Josefsson wrote:
> Sam Whited writes:
>
> > On Tue, Jul 19, 2016 at 4:53 AM, Simon Josefsson
> wrote:
> >> I wonder if people really care about this usage any more -- it does not
> >> scale well (all domains have to be encoded in the same cert => big
> >> certs)
Sam Whited writes:
> On Tue, Jul 19, 2016 at 4:53 AM, Simon Josefsson wrote:
>> I wonder if people really care about this usage any more -- it does not
>> scale well (all domains have to be encoded in the same cert => big
>> certs) and introduces an indirection which often leaves room for
>> att
On 20 July 2016 at 08:58, Florian Schmaus wrote:
> For the near future, I hope that certificates using only srvNames will
> become more common. But if you want to stay super "compatible" with all
> sorts of XMPP software out there, then you probably want to put your
> XMPP domain in the CN too. W
On 19.07.2016 18:36, Marvin Gülker wrote:
> Am Tue, 19 Jul 2016 16:15:40 +0200
> schrieb Florian Schmaus :
>> Isn't one problem that a cert with CN "example.org" will be valid for
>> all services found on example.org (simply speaking), whereas when
>> using SRV-ID restricts the cert to a particular