-
DebXWoody
Maybe xmpp URI Support on Codeberg https://codeberg.org/Codeberg/Community/issues/102 :-)
-
pep.
DebXWoody, cool :)
-
pep.
You should also link to the RFC to make it easier to find maybe, https://tools.ietf.org/html/rfc5122
-
DebXWoody
pep., thanks. Done
-
pep.
Are there any companies doing some lobbying to the CA/Browser Forum btw? I was just reminded of that. Guus, you were providing hosted solutions right iirc?
-
pep.
Daniel ^
-
pep.
To get proper XMPP certs ^
-
Daniel
I'm afraid that we don't have the budget for that
-
pep.
Maybe lots of small budgets can make for a bigger one :)
-
Zash
If you put two small budgets a large distance apart they can function as one large budget! https://www.xkcd.com/1922/
-
jonas’
what kind of budget are we talking about?
-
jonas’
because this seems like some way to spend XSF funds
- Zash bookmarks https://github.com/letsencrypt/boulder/issues/1309
-
pep.
yeah that's the well-known one :)
-
pep.
That's what I get in my browser now when I start typing "boulder"
-
Daniel
In my experience posh works relatively well
-
Daniel
I'd just lobby xmpp clients to implemt that
-
Zash
But web :(
-
moparisthebest
Or public key pinning with DANE
-
moparisthebest
Just have to get everyone off the terrible .im TLD that doesn't support DNSSEC
-
Zash
Isn't that a different issue?
-
Ge0rG
moparisthebest: or shame them into finally implementing that abandoned dead end of crypto specification
-
moparisthebest
Zash: no you don't need the cert signed by a CA in that case at all
-
Zash
I don't think you really even need a cert. Not sure what the state of raw public keys in TLS is tho.
-
Zash
DANE is apparently doing pretty well in the email space tho.