If you can create and maintain the database through standard programs (sqlite
being my favorite), I don't mind the caching. But in a system that uses TLS, is
a database lookup that significant of a time sink in the whole transaction
flow.
This is interesting reading:
Do you really have to cache something in jabberd when the data can be pulled
from the sql database? Sure the data has changed. But if you pull a fresh
record each time, I don't see the issue.
Original Message
From: Tomasz Sterna
Sent: Monday, May 30, 2016 11:40 AM
To:
That is one of the beauties of programs written around standard tools like
sql. You can hook into the database and add features, or not. ;-)
In defense of web interfaces, you can hand off that administration task to
someone else without granting login access to the server. Or depending on your
Regarding item 4, seriously, does everything these days have to have a web
interface? It just increases the attack surface. Adding a web interface means
one more thing to protect against hackers, which means writing rules for the
WAF or adding something else for fail2ban or sshguard to watch.
Right. But what exactly do I update?
Original Message
From: Tomasz Sterna
Sent: Saturday, May 28, 2016 7:20 AM
To: jabberd2@lists.xiaoka.com
Reply To: jabberd2@lists.xiaoka.com
Subject: Re: jabberd-2.4.0 release
W dniu 27.05.2016, pią o godzinie 23∶57 -0700, użytkownik
li...@lazygranch.com
I'm on freebsd 10.2
Original Message
From: Matěj Cepl
Sent: Friday, May 27, 2016 9:31 AM
To: jabberd2@lists.xiaoka.com
Reply To: jabberd2@lists.xiaoka.com
Subject: Re: jabberd-2.4.0 release
On 2016-05-27, 07:09 GMT, li...@lazygranch.com wrote:
> I get this error message:
>
Actually that was with a Go Daddy purchased cert, not a self signed cert.
As it stands, I have my own CA when I made my cert. I suspect I'm not putting
all the elements (ca-cert, cert, key) in the right locations.
Original Message
From: Tomasz Sterna
Sent: Saturday, May 7, 2016 8:21 AM
To:
I'm not following you here. You still have encryption with a self signed cert,
but no trust. But if you can't trust yourself, who else can you trust?
On public wifi without the self signed cert, the conversation could be read,
not to mention login credentials.
Take "letsencrypt" for example.
So the documentation on generating a self signed cert is not correct.
Isn't the key generated in that document technically the root CA?
Original Message
From: Tomasz Sterna
Sent: Tuesday, May 3, 2016 5:12 AM
To: jabberd2@lists.xiaoka.com
Reply To: jabberd2@lists.xiaoka.com
Subject: Re: