Jonathan Schleifer wrote: > Am 25.08.2008 um 12:05 schrieb Dirk Meyer: > >> But where to put the fingerprint? IMHO that is needed to know if we >> can use that mechanism. The information that the other side supports >> X.509 is useless when I have no way to verify the key. The only option >> I see it the 'name': >> >> <item jid='urn:xmpp:c2ctls:x509' >> name='fingerprint'/> >> >> Looks kind of strange. On the other hand, the fingerprint is some sort >> of name of the certificate. > > Can you please explain me why you want a fingerprint there? That's > totally useless IMO, the server could forge that.
It is only some sort of hint. It makes no sense to use a mechanism when you can not verify the key. I added the fingerprint to the <offer> in my proposal (also unsecure at that point) to give the peer a hint what it will get as certificate when choosing X.509. The same for OpenPGP. If we do not add it somewhere in disco#query we will get the same problem. Both clients support X.509 and they open a c2c link because it is a common feature. Now in the TLS handshake the realize that the peer uses self-signed certificates they can not verify. IMHO they should find out about that sooner to switch to OpenPGP or SRP. Dirk -- You sound reasonable...Time to up my medication.
