EmailDiscussions.com - View Single Post - chat.messagingengine.com

brong · 11 Aug 2008, 05:55 PM

http://209.85.175.104/search?q=cache...ient=firefox-a

Ahh, I see. I'd post the direct link, but trac is returning 500 errors.

Basically, you need to explicitly enter chat.messagingengine.com as your server to use SSL, since the RFC is being difficult. Makes it impossible to support multiple domains on a single server just like HTTP all over again. Lovely.

I can see their point (otherwise you could just poison SRV records in DNS and make the user verify against an SSL certificate anywhere). Silly SSL.

The really stupid thing with SSL in general is you don't want to certify so much "is this the server at foo.bar.com" as you want to certify "am I talking to the same server I was talking to last time". SSH gets this right.

11 Aug 2008, 05:55 PM	#6
brong The "e" in e-mail Join Date: Jul 2004 Location: Melbourne, Australia Posts: 2,696 Representative of: Fastmail.fm	http://209.85.175.104/search?q=cache...ient=firefox-a Ahh, I see. I'd post the direct link, but trac is returning 500 errors. Basically, you need to explicitly enter chat.messagingengine.com as your server to use SSL, since the RFC is being difficult. Makes it impossible to support multiple domains on a single server just like HTTP all over again. Lovely. I can see their point (otherwise you could just poison SRV records in DNS and make the user verify against an SSL certificate anywhere). Silly SSL. The really stupid thing with SSL in general is you don't want to certify so much "is this the server at foo.bar.com" as you want to certify "am I talking to the same server I was talking to last time". SSH gets this right.