SSH-style fingerprint matching
Since there is no interest in implementing certificates at this time (#720 (closed)), it would be nice to at least have SSH-style fingerprint matching. When a user makes a secure connection to the server for the first time, the certificate's fingerprint is stored in the local configuration, and next time it is compared against the server key. If there's a mismatch, the user gets a warning. This would help a lot against MITM attacks, which Gajim currently doesn't defend against at all.
I don't even mind if the option is turned off by default. (Keys do change from time to time, and Joe Blow doesn't know what to do with that kind of warning.) However, in that case I'd like to see a "Match SSL/TLS fingerprint" checkbox in the Connection tab in the server settings, so advanced users are aware of this option. (Or maybe Security should have its own tab?) If it's going to be turned on by default, it would be okay if it's in advanced configuration only. (The user can turn it off from the warning dialog.)