-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 8/28/13 10:33 AM, Peter Saint-Andre wrote:
On 8/28/13 10:28 AM, Matthew Wild wrote:
On 28 August 2013 17:14, Simon Tennant si...@buddycloud.com
wrote:
I'm attempting to gather the details in one place on how to
secure XMPP servers C2S and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 8/28/13 10:14 AM, Simon Tennant wrote:
I'm attempting to gather the details in one place on how to secure
XMPP servers C2S and S2S traffic:
http://wiki.xmpp.org/web/Securing_XMPP
Thanks.
As you've seen from the news over the last 24 hours,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 9/6/13 10:40 AM, Peter Saint-Andre wrote:
On 8/28/13 10:14 AM, Simon Tennant wrote:
I'm attempting to gather the details in one place on how to
secure XMPP servers C2S and S2S traffic:
http://wiki.xmpp.org/web/Securing_XMPP
Thanks.
As
On 6 sep. 2013, at 20:04, Peter Saint-Andre stpe...@stpeter.im wrote:
On 9/6/13 10:40 AM, Peter Saint-Andre wrote:
On 8/28/13 10:14 AM, Simon Tennant wrote:
I'm attempting to gather the details in one place on how to
secure XMPP servers C2S and S2S traffic:
On Fri, Sep 6, 2013 at 7:16 PM, Thijs Alkemade th...@xnyhps.nl wrote:
However, a large number of clients do not prioritize (EC)DHE above the non-
ephemeral variants. To enforce that these are used, it is therefore
required
to either disable all non-ephemeral suites or configure the server to
Hi Dave,
El 2013-09-06 21:24:39, Dave Cridland escribió:
I may be talking rubbish, but shouldn't the server be overriding the
client's order by default anyway?
Default is the client's priority list. But as the selection is done by
the server, you can override this. In GnuTLS this is done with
On 6 September 2013 21:43, Matthias Wimmer m...@tthias.eu wrote:
Hi Dave,
El 2013-09-06 21:24:39, Dave Cridland escribió:
I may be talking rubbish, but shouldn't the server be overriding the
client's order by default anyway?
Default is the client's priority list. But as the selection is
On 6 sep. 2013, at 22:24, Dave Cridland d...@cridland.net wrote:
I may be talking rubbish, but shouldn't the server be overriding the client's
order by default anyway?
Practically no server overrides the client's preference. I noticed only ~3
non-public servers do it.
I'm really not sure
29 aug 2013 kl. 03:27 skrev Peter Saint-Andre stpe...@stpeter.im:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 8/28/13 12:42 PM, Olle E. Johansson wrote:
28 aug 2013 kl. 18:33 skrev Peter Saint-Andre
stpe...@stpeter.im:
DANE/DNSSEC is great for that, or will be when it is more
On 28 August 2013 18:28, Matthew Wild mwi...@gmail.com wrote:
http://wiki.xmpp.org/web/Securing_XMPP
Only feedback so far: you might want to clarify the single
domain/multiple domain thing - DANE is not a requirement for
securely hosting multiple domains on a single server. I think that
On 29 August 2013 10:00, Simon Tennant si...@buddycloud.com wrote:
On 28 August 2013 18:28, Matthew Wild mwi...@gmail.com wrote:
http://wiki.xmpp.org/web/Securing_XMPP
Only feedback so far: you might want to clarify the single
domain/multiple domain thing - DANE is not a requirement for
I'm attempting to gather the details in one place on how to secure XMPP
servers C2S and S2S traffic:
http://wiki.xmpp.org/web/Securing_XMPP
The DANE stuff is all pretty new and I'm struggling to find working
examples of how we'd ensure that servers and DNS are setup to only use SSL.
Is there
On 28 August 2013 17:14, Simon Tennant si...@buddycloud.com wrote:
I'm attempting to gather the details in one place on how to secure XMPP
servers C2S and S2S traffic:
http://wiki.xmpp.org/web/Securing_XMPP
Only feedback so far: you might want to clarify the single
domain/multiple domain
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 8/28/13 10:28 AM, Matthew Wild wrote:
On 28 August 2013 17:14, Simon Tennant si...@buddycloud.com
wrote:
I'm attempting to gather the details in one place on how to
secure XMPP servers C2S and S2S traffic:
On 28 aug. 2013, at 18:33, Peter Saint-Andre stpe...@stpeter.im wrote:
On 8/28/13 10:28 AM, Matthew Wild wrote:
On 28 August 2013 17:14, Simon Tennant si...@buddycloud.com
wrote:
I'm attempting to gather the details in one place on how to
secure XMPP servers C2S and S2S traffic:
28 aug 2013 kl. 18:33 skrev Peter Saint-Andre stpe...@stpeter.im:
DANE/DNSSEC is great for that, or will be when it is
more generally available, but IMHO we might need to wait *years* for
that to happen.
Peter,
If you keep repeating this statement it will become true...
I don't think we're
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 8/28/13 12:42 PM, Olle E. Johansson wrote:
28 aug 2013 kl. 18:33 skrev Peter Saint-Andre
stpe...@stpeter.im:
DANE/DNSSEC is great for that, or will be when it is more
generally available, but IMHO we might need to wait *years* for
that to
17 matches
Mail list logo