[jdev] [ANN] Bad XMPP - Connectivity test suite

Jonas Schäfer jonas at wielicki.name
Sun Mar 29 11:15:09 UTC 2020

On Samstag, 28. März 2020 19:55:15 CEST Kim Alvefur wrote:
> Suggestions for additional tests are welcomed.

I have a few!

- Outright bogus DNSSEC
- Expired DNSSEC
- SRV record pointing at the root zone (`.`) mixed into other SRV records
- Only a single SRV record pointing at the root zone (`.`)
- Only DH suites with short (<1024 bits) DH parameters
- Only "export" ciphers

Not necessarily bad, but would be good as test cases either way:

- DNSSEC-signed SRV record pointing at a hostname different from the domain 
name and the service only has a certificate for that hostname. This is valid 
from my understanding, but probably without widespread support.
- No SRV record, only A/AAAA records.

Echo-ing what moparisthebest suggested in xsf@:´

- xmpps-server records where one of which points at an HTTPS port (with a 
valid one pointing at XMPPS)

Thanks for this service!

kind regards,

More information about the JDev mailing list