undefined | Better HN

0 pointsaccount422mo ago0 comments

But it does mean that the CA/B requirement change has zero positive effect on security of anything and only causes pointless work and breakage.

Or to put it another way, the pragmatic response of the XMPP community shows that the effect of the change is not to remove the clientAuth capability from any certs but to effectively add it to all serverAuth certs no matter what the certificate says.

0 comments

Avamander2mo ago

Relying on an accidental feature and its removal causing work is a perfect example why it shouldn't be there in the first place.

The XMPP community can continue to adapt other infrastructure for their purposes and do the thing they do. It does not mean it has to be catered to.

j / k navigate · click thread line to collapse

0 comments

Avamander2mo ago

Relying on an accidental feature and its removal causing work is a perfect example why it shouldn't be there in the first place.

The XMPP community can continue to adapt other infrastructure for their purposes and do the thing they do. It does not mean it has to be catered to.

j / k navigate · click thread line to collapse