Kurt Zeilenga wrote: > On Aug 21, 2008, at 1:38 PM, Jonathan Dickinson wrote: > >>> -----Original Message----- >>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On >>> Behalf Of Kurt Zeilenga >>> Sent: Thursday, August 21, 2008 10:32 PM >>> To: XMPP Security >>> Subject: Re: [Security] TLS-SRP Questions >>> >>> >>> On Aug 21, 2008, at 12:19 PM, Dirk Meyer wrote: >>> >>>> ... >>> >>> Why would there be any need to otherwise "verify" A's certificate? >> >> So B knows who they are talking to ;). > > Does B care to who A is more than its the person that asserted they > were some jabberid?
Yes, I want mutal trust. Maybe the server is compromised or I do not have a server (link local messaging). We need trust in both directions. Dirk -- Black holes are where God divided by zero.
