[Operators] TLS, certificates, heartache, and pain.

Dave Cridland dave at cridland.net
Wed Oct 15 09:18:28 CDT 2008


On Wed Oct 15 15:10:01 2008, Pedro Melo wrote:
> Hi,
> 
> On Oct 15, 2008, at 12:41 AM, Dave Cridland wrote:
> 
>> So today, out of probably hundreds of connections, one - aside  
>> from  other Isode M-Link deployments - offered my server SASL  
>> EXTERNAL:
>> 
>> 10/14 23:47:50 xmppd    05979 (root    ) I-MBOX-Info Successfully   
>>  authenticated as dave.cridland.net to proxy.sapo.pt
> 
> melo at DogsHouse:~ $ x-dns-xmpp-records proxy.sapo.pt
> proxy.sapo.pt.		18000	IN	A	127.0.0.1
> 
> Talked with a few people at SAPO, it seems to be a long forgotten   
> domain, no longer in use.
> 
> I'll see if I can understand why he was talking to you.
> 
> 
Ah, so I was actually talking to myself. That'd explain things. :-)

I did a service discovery on sapo.pt, since I figured it probably had  
proper certificates etc, and I'd have connected to each listed  
subdomain:

  <iq from='sapo.pt' to='dwd at dave.cridland.net/Gajim' type='result'  
id='492'>
  <query xmlns='http://jabber.org/protocol/disco#items'>
  <item jid='admin.im.sapo.pt'/>
  <item jid='alertas.im.sapo.pt'/>
  <item jid='conference.im.sapo.pt'/>
  <item jid='icq.im.sapo.pt'/>
  <item jid='msn.im.sapo.pt'/>
  <item jid='passatempos.im.sapo.pt'/>
  <item jid='phone.im.sapo.pt'/>
  <item jid='proxy.sapo.pt'/>
  <item jid='services.im.sapo.pt'/>
  <item jid='sms.im.sapo.pt'/>
  <item jid='stats.im.sapo.pt'/>
  <item jid='utils.im.sapo.pt'/>
  <item jid='webmsg.im.sapo.pt'/>
  </query>
  </iq>


I should probably get the code not to connect to itself, of course.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade


More information about the Operators mailing list