SSL certificate verification feature
I would like see some SSL certificate handling in some of next version of gajim. Somewhere i found about jabber system: They tells you about secure communication, but (almost) every client doesnt handle any kind of certificate, so its not secure at all. I have to say that this man was true - Jabber IM system has SSL feature very long time. Its good that not everyone can read your communication. But SSL itself is only secure transport channel from one host to another. Without any certificate checking, you never know what is your true remote host. You can have secure channel to hacker, which is intersted in your love postings with your girlfriend, or worse your passwords to some thing. Anyone who has access to router between you and your server can listen to your secure traffic if he know how simple it is. If you really want present SSL layer to user with lock icon, remember they think they are protected. But they are protected as if you lock front door of your house, but leave unlocked doors to garden. Anyone can redirect your traffic to himself, read it and send encrypted to server. Anything he needs - iptables and stunnel. Really almost every can spoof your ssl. If you bother with SSL layer, you should make it valuable - really protecting its users.
Best way to do - use strong ciphers (use by default often), and check that you talk to right server. Each certificate has some issuer. You can do a little for any certificate.
If server has self-signed certificate, there is not much to do. You cannot verify validity of certificate. But you can check, if certificate had not changed. This does not prevent attacker from reading your traffic, if he is there all the time. But if you are lucky, you connected when there was no attacker in way. So you saw certificate of real server, and you saw its fingerprint. You save it for later use. Then, if attacker comes, he send you another certificate for same server. Here, you can notify user that something changed. That something is not as should be. You can do this without any preinstalled certificates or access to system certificates. You can simply check fingerprints for change. As SSH do. Its not perfect, but it is some protection.
The best way is to use root certificates and try checking their source. Check if this certificate is valid. It it is, you are sure this is your server. Unless jabber server was compromited and keys lost. Nobody's perfect. :)
Most of jabber servers dont have signed certificate from public certificate authority, because it costs money. But you should not use Psi's aproach - ignore any SSL errors. Instead, save receiver certificate and in next connection you are able to validate certificate about change. Have you seen install button in web browser? Yes, they check it too. You may install even self-signed.
So, please, let us have best IM solution really secure. :) So, please, it would be good if: for self-signed, verify thats has not changed. Check certificate hostname if it matches with server name and save with fingerprint for next connection. for cert with CA - allow saving CA certificate or/and try to use some from browser or system to validate. check if SSL hierarchy is valid, and top most can be validated from your certificates. If not, allow saving of server's certificate fingerprint or allowing topmost CA to be trustworthy. When saving new certificate, it is good habit to show user fingerprint. Most of them will simply press OK. But they will see it only first time, and get bonus protection from that. I think it is worth to consider.
Sorry for spamming, its long. I repeat myself, but i think checking certificate is good thing.