20 aug 2008 kl. 02.10 skrev Florian Zeitz:
Another issue with certificates in general (that Justin Karneges
already
brought up) is that there should be only one certificate per JID. That
means you have to get this certificate to all machines you use that
account with. One solution would be to store the certificate on the
server (doesn't really sound like a good idea). The other would be to
leave it to the user to transfer the certificate from machine to
machine, which probably falls in to the "to hard" category.
This is no issue with the certificate. I think you're mixing the
certificate
and the private key. The private key is needed on all systems, as is
the public key. The certificate is a signed wrapper around the public
key and can be distributed freely.
You don't want a third party like your server to store the private key.
(remember WAP security ;-) )
Just a small clarification.
We do need to start the wiki docs :-)
/O
