-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2014-08-22 23:33, Skhaen wrote:
Ohai everybody!
We need an upgrade for xmpp.net: if a server is running with SSLv3 or
without PFS, the score *must* be downgraded to B.
I also wanted to chime in and say that you shouldn't be punishing
Hey folks,
I've been running prosody for a little while now, and although I'm happy with
the c2s/s2s security of the connections it makes, I'm running into a different
security issue which is potentially a much larger problem.
The problem is: spammers and otherwise abusive users. There is no
On 03/02/2014 14:54, Simon Tennant wrote:
If would help if you could describe the abusive behavior you are seeing.
I was sure fellow operators would be familiar with the normal range of abuse
an XMPP server sees, but maybe a few examples are in order:
* Automated registrations by bots (in-band
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi folks,
Despite the lack of configurability comfort, I've transitioned from Openfire
to Prosody to fix outbound S2S and cipher limitations. I still hate manual
editing of config files with a passion, but I think user's security and
proper
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/01/2014 20:39, Leho Kraav wrote:
I'm also considering OpenFire - something move, because for one crucial
feature OpenFire doesn't support being logged in with multiple
resources. http://issues.igniterealtime.org/browse/OF-103 seems
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/01/2014 21:15, Leho Kraav wrote:
Maybe it's a stale bug status, but logging in with multiple resources
on a single account most *definitely* works on OpenFire - I use it all
the time on my 3.8.2 install, no issues. It even nicely lists the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sorry if I'm sidestepping here but in the end, reading all the recent
discussions about bandwidth, parsers, Google not cooperating with encryption
of traffic, etc., I'll have to let go here.
Until things are sorted at the political/XMPP-net
On 28/11/2013 13:44, Solomon Peachy wrote:
The second is that every XMPP service operator is required to pay for a
third-party for a TLS certificate. This isn't a large cost in absolute
terms, but does raise the bar for entry, and represents an ongoing cost.
(Anectdotally, most smaller
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2013-11-22 7:31 AM, Solomon Peachy wrote:
But I can't sign the manifesto, because I strongly believe committing
to a hard cut-off date for non-encrypted S2S traffic is
counterproductive.
I agree that a hard cut-off date needs to be carefully
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Folks,
Although there's some merit to Aryo's suggestions, there's a problem with it:
Most people should primarily be looking for an XMPP server that is in their
region of the world, not necessarily one that scores highest. Sorting by
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marco,
On 01/11/2013 14:02, Marco Cirillo wrote:
Security is not favoritism, you can suitably support 112/128 bits
ciphers
I wasn't debating that.
I was saying that using one single criterion (in this case the security
score) to push servers to
://palemoon.net) for it, instead of just
the related forum post.
Might want to update my listing request with that data.
TIA,
Moonchild/Mark.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (MingW32)
iQEcBAEBAgAGBQJSLX9hAAoJEKxqDlWrbd266YIH/jfF78lpfv3ZaVzeGuDYaY36
12 matches
Mail list logo