Dear all,As Peter Saint-Andre announced on this list in October 2013, the XMPP community has charted out an ambitious plan to encrypt all server-to-server communications by May 19, 2014.[1] Currently jabber.ietf.org is using a certificate that expired seven months ago, does not support TLSv1.2, allows known-weak ciphers to be used and does not support forward secrecy:
https://xmpp.net/result.php?domain=jabber.ietf.org&type=serverCould the admins please renew the cert, support TLS 1.2, limit the ciphersuite to keep out known-weak ciphers, and ensure that server-to-server traffic is encrypted?
http://wiki.xmpp.org/web/Securing_XMPP#ejabberd Thanks. Cheers, Pranesh [1]: https://github.com/stpeter/manifesto/blob/master/manifesto.txt -- Pranesh Prakash Policy Director, Centre for Internet and Society T: +91 80 40926283 | W: http://cis-india.org ------------------- Access to Knowledge Fellow, Information Society Project, Yale Law School M: +1 520 314 7147 | W: http://yaleisp.org PGP ID: 0x1D5C5F07 | Twitter: https://twitter.com/pranesh_prakash
signature.asc
Description: OpenPGP digital signature
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
