[ejabberd] XMPP per-host certs

Brian Cully bcully at gmail.com
Sat Feb 9 02:58:28 MSK 2008


On 8-Feb-2008, at 17:43, Peter Saint-Andre wrote:
> Some clients (iChat etc.) let you specify that the hostname handling a
> gmail.com or googlemail.com (etc.) JID is "talk.google.com". Then when
> you're presented with a certificate for talk.google.com, the client
> considers that to be acceptable. I'll be modifying the  
> specifications to
> make it clear that this approach is one allowable authentication flow.

	I assume this is true for SRV record lookup as well? All my certs  
right now are self-signed, so I can't test this myself. I'd be curious  
about experience w/ Psi, Adium, and iChat, if anyone happens to know.

-bjc


More information about the ejabberd mailing list