MSN SSL problems again

David Woolley forums at david-woolley.me.uk
Wed Nov 24 17:32:56 EST 2010


Zacknafain Do'Urden wrote:
> So what is it?  Has microsoft decided to make a play for propritary tech
> or something?

In this case, it is probably a case of being reckless about Pidgin, 
etc., but, if you actually read the terms of use you agree to when you 
sign up to the MSN service, you will find that you agree not to use 
Pidgin or any other client not in a short list of approved clients.

Part of this will be for protection against misoperating clients, but a 
major factor will be protecting the business model on which the service 
is based.  For example, a recent comment was that Pidgin avoided the 
adverts that you get with Live Messenger, but one of the reasons 
Microsoft will operate that service free of charge to end users will be 
the advertising revenue that they obtain.

In this case, the change was probably made for valid security reasons, 
but it seems to have taken short cuts which rely on an updated client 
having information coded into it that the server would have to provide, 
in other cases, such as accessing https URLs.  The Microsoft client will 
have this update done, but until they make the change, unofficial 
clients may have no reason to believe that the client has been prepared 
for such a change.
-- 
David Woolley
Emails are not formal business letters, whatever businesses may want.
RFC1855 says there should be an address here, but, in a world of spam,
that is no longer good advice, as archive address hiding may not work.



More information about the Support mailing list