+1 >> but we >> desperately need the equivalent of the old email "non-delivery report" >> going back when connections are refused or non-technical users on >> older servers are never going to even know there's anything wrong. All >> they'll see is less people on their roster and they'll install some >> other app that actually seems to work for them.
David. On 5 Oct 2015, at 10:04, Mike Barnes <[email protected]> wrote: > I don't believe you'd even get user requests from people who can't > contact someone. How many will seek out their server administrator to > check what's going on, and how many will just go and use Facebook or > Hangouts or something and forget about XMPP entirely? > > It's great to have some specialised servers that take encryption > really seriously and make it their priority, it is. I love it - but we > desperately need the equivalent of the old email "non-delivery report" > going back when connections are refused or non-technical users on > older servers are never going to even know there's anything wrong. All > they'll see is less people on their roster and they'll install some > other app that actually seems to work for them. > > Users on neglected servers need information, not isolation. > > On 5 October 2015 at 19:03, Vincent Lauton <[email protected]> wrote: >> I completely agree,though I do not think there are planned mechanisms for >> this purpose. Though I put it harshly I'm only blocking servers I already >> can't communicate with.However I personally make sure to answer any user >> requests and so far anyone that had contacted me asking why certain servers >> couldn't be contacted has received a clear,polite explanation.Server lists >> tend to show SSL rating or information which is a good thing too.I will >> happily implement any mechanisms that allow me to increase the security and >> knowledge of my users though. >> >> 03:11, 5 October 2015, Mike Barnes <[email protected]>: >> >> What we need to be doing is putting information about the quality of >> encryption used in a conversation in front of the users, and letting >> them make informed decisions, instead of fracturing the network >> invisibly. >> >> Is there any defined mechanism to do this? Users are accustomed to the >> little padlock icons on web URLs, can XMPP client software easily >> implement something like this or will it need server extensions to >> report back? As a temporary measure, could the server send a direct >> message to a user alerting them if the encryption on a connection they >> initiate falls below a desired threshold? >> >> Inform the users, don't cut them off from their contacts and leave >> them no path to even tell them why. >> >> On 4 October 2015 at 22:53, Vincent Lauton <[email protected]> wrote: >> >> At least gmail,can't say I've blocked the others but I already can't >> communicate without forward secrecy. >> >> 13:52, 4 October 2015, Vincent Lauton <[email protected]>: >> >> Actually I do... >> >> 10:31, 4 October 2015, Evgeny Khramtsov <[email protected]>: >> >> Sat, 03 Oct 2015 13:40:17 +0200 >> Vincent Lauton <[email protected]> wrote: >> >> >> Also I meant I'll block servers that don't support any forward >> secrecy suites >> >> >> Great idea, LOL. Do you have gmail.com and all its hosted domains >> blocked already? They don't have any "secrecy" at all. >> >> >> >> -- >> Sent from Yandex.Mail for mobile >> >> >> >> -- >> Sent from Yandex.Mail for mobile >> >> >> >> -- >> Sent from Yandex.Mail for mobile
signature.asc
Description: Message signed with OpenPGP using GPGMail
