If you can create and maintain the database through standard programs (sqlite
being my favorite), I don't mind the caching. But in a system that uses TLS, is
a database lookup that significant of a time sink in the whole transaction
flow.
This is interesting reading:
http://stackoverflow.com/q
Do you really have to cache something in jabberd when the data can be pulled
from the sql database? Sure the data has changed. But if you pull a fresh
record each time, I don't see the issue.
Original Message
From: Tomasz Sterna
Sent: Monday, May 30, 2016 11:40 AM
To: jabberd2@lists.xiaoka.
That is one of the beauties of programs written around standard tools like
sql. You can hook into the database and add features, or not. ;-)
In defense of web interfaces, you can hand off that administration task to
someone else without granting login access to the server. Or depending on your
Regarding item 4, seriously, does everything these days have to have a web
interface? It just increases the attack surface. Adding a web interface means
one more thing to protect against hackers, which means writing rules for the
WAF or adding something else for fail2ban or sshguard to watch.
Right. But what exactly do I update?
Original Message
From: Tomasz Sterna
Sent: Saturday, May 28, 2016 7:20 AM
To: jabberd2@lists.xiaoka.com
Reply To: jabberd2@lists.xiaoka.com
Subject: Re: jabberd-2.4.0 release
W dniu 27.05.2016, pią o godzinie 23∶57 -0700, użytkownik
li...@lazygranch.com na
Sorry for the top posting (smartphone) .
I though it would be interesting to look at how the program is compiled in
/usr/ports. (As far as I know, just look in the work directory.) The
environment is the same. The configure file looked the same except for the rev
difference. Baffling!
Anyway
I'm on freebsd 10.2
Original Message
From: Matěj Cepl
Sent: Friday, May 27, 2016 9:31 AM
To: jabberd2@lists.xiaoka.com
Reply To: jabberd2@lists.xiaoka.com
Subject: Re: jabberd-2.4.0 release
On 2016-05-27, 07:09 GMT, li...@lazygranch.com wrote:
> I get this error message:
> ---
Actually that was with a Go Daddy purchased cert, not a self signed cert.
As it stands, I have my own CA when I made my cert. I suspect I'm not putting
all the elements (ca-cert, cert, key) in the right locations.
Original Message
From: Tomasz Sterna
Sent: Saturday, May 7, 2016 8:21 AM
To: j
Ah, but the man in the middle only gets one chance to mess with your cert. That
is the first time you encounter the self signed cert, you trust it and it goes
into your root store. So don't do that first encounter over public wifi. You
could also just distribute the cert to those that need it.
I'm not following you here. You still have encryption with a self signed cert,
but no trust. But if you can't trust yourself, who else can you trust?
On public wifi without the self signed cert, the conversation could be read,
not to mention login credentials.
Take "letsencrypt" for example. P
I painfully made a self signed cert for my email with the intermediate step of
makeling a cert that mints the final cert. Basically a three step process.
Do I remember how I did this? Nope. But I should be able to do it again. I
will work on this a bit. But if you want to change the code, I'm
So the documentation on generating a self signed cert is not correct.
Isn't the key generated in that document technically the root CA?
Original Message
From: Tomasz Sterna
Sent: Tuesday, May 3, 2016 5:12 AM
To: jabberd2@lists.xiaoka.com
Reply To: jabberd2@lists.xiaoka.com
Subject: Re: se
12 matches
Mail list logo