[Pidgin] #14614: Google Talk with different domains doesn't set talk.google.com
Pidgin
trac at pidgin.im
Sun Sep 18 22:32:00 EDT 2011
#14614: Google Talk with different domains doesn't set talk.google.com
---------------------+------------------------------------------------------
Reporter: Skinkie | Owner: deryni
Type: defect | Status: closed
Milestone: | Component: XMPP
Version: 2.10.0 | Resolution: wontfix
Keywords: |
---------------------+------------------------------------------------------
Comment(by darkrain42):
The situation regarding certificates is actually a bit complex (tl;dr --
large hosting providers and delegated trust isn't a solved problem yet for
XMPP).
For STARTTLS-based XMPP connections, Google servers up a few (at least
two) different certificates, depending on the domain being connected to.
* If the domain is "gmail.com" (or probably googlemail.com), they serve
up a cert for that domain.
* If the domain is something else (e.g. it's GAfYD), they serve up
"talk.google.com".
This led to a conflict. If Pidgin adds the Connect Server, gmail.com
accounts generate a cert warning. If Pidgin doesn't add the Connect
Server, other domains (may fail to connect, and) generate a cert warning.
All in all, the appropriate step is to add the appropriate SRV records
(and fix broken DNS servers as needed), and if your domain isn't google-
owned, validate the certificate the first time you connect (or, yes, add
the Connect Server)
--
Ticket URL: <http://developer.pidgin.im/ticket/14614#comment:4>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list