https://www.ejabberd.im/node/3112 en https://www.ejabberd.im/node/3112#comment-53370 <p>Support for client certificates would be cool:</p> <p>Example use case:<br /> 1) Users buy a unique client certificate that is signed by the private key of the server. The price is very low (micro payment) and is only to make it impossible for abusers to register lots of accounts (well, they still can but then it will cost them a lot).<br /> 2) Users install their unique client certificate in their client<br /> 3) When connecting the server verifies if the client certificate is valid (signed by the private key of the server and not revoked). Only when it succeeds the connection is establised.<br /> 4) If the server admin detects abuse by accounts, the admin can easily revoke the client certificate of this user (it will become invalid). In this way the abuser is punished: he needs to buy a new certificate.</p> <p>Note: collecting the money and distributing the certificates can be done, for instance, by using a service such as Paypal or eBay (the second also allows the admin to limit the number of users and to control the growth by selling only a limited amount of certificates in a time period!)</p> <p>--<br /> sander</p> Wed, 02 Jul 2008 12:17:44 +0000 sander comment 53370 at https://www.ejabberd.im https://www.ejabberd.im/node/3112#comment-53359 <p>To use STARTTLS encryption when connecting to the Jabber server, the Jabber server must have a certificate installed and ejabberd configured to use it. The client doesn't need to have another certificate.</p> <p>You can try to connect using desktop Jabber clients like Psi or Gajim to see if you have ejabberd configured correctly.</p> Tue, 01 Jul 2008 16:57:25 +0000 mfoss comment 53359 at https://www.ejabberd.im