> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of Dirk Meyer > Sent: Thursday, August 21, 2008 9:20 PM > To: XMPP Security > Subject: Re: [Security] TLS-SRP Questions > > Jonathan Dickinson wrote: > > And my hard-laboured formatting got messed up. > > :) > > > Initiator opens connection > > Target gets connection and presents certificate > > Initiator verifies certificate with IC -> Fail if invalid > > Initiator presents certificate > > Target verifies certificate -> Fail if invalid > > Success > > > > The point is, from what I can tell, TLS supports all of that. > > Yes, but the question is how to verify a certificate from someone you > do not know which is not signed by a CA. Or I'm I missing something in > your argumentation?
We can have xmpp.net as the IC. > > Dirk > > > -- > A bad random number generator: 1, 1, 1, 1, 1, 4.33e+67, 1, 1, 1...
