[Operators] S2S problems

Thijs Alkemade thijs at xnyhps.nl
Thu Sep 19 19:01:58 UTC 2013


There you go:

https://xnyhps.nl/~thijs/xmppoke/client-mayplaces.com.html

I don't know much about configuring servers other than Prosody. I think it would be wiser to add such suggestions to http://wiki.xmpp.org/web/Securing_XMPP.

Thijs

On 19 sep. 2013, at 20:31, Aryo Sandiyudo wrote:

> Hi Thijs,
> 
> Thanks for the explanation, and yes please re run it :)
> 
> Just an idea: is it possible with this kind of a scoring tools there is also features called a "suggestions" what fix that admin should change/add to their server based on their XMPP/OS server type. I'm sure it would be great :)
> 
> Thanks,
> Aryo S.
> 
> 
> On Sep 20, 2013, Thijs Alkemade <thijs at xnyhps.nl> wrote:
> Hi Aryo,
> 
> The first list are the c2s results, the second one is for s2s.
> 
> If I remember correctly, mayplaces.com failed for c2s because at the time there were two SRV records for it, one with port 5222 and one with 5223. It tried connecting to port 5223 with STARTTLS instead of legacy SSL, which failed, and I could not be bothered to try to force a connect host and port.
> 
> The xmpp-client SRV record looks correct now, do you want me to rerun the test?
> 
> Regards,
> Thijs
> 
> On 19 sep. 2013, at 17:11, Aryo Sandiyudo wrote:
> 
>> Anyone got an idea why i can't find mayplaces.com on https://xnyhps.nl/~thijs/xmppoke/2013-08-26/scores.html ?
>> but instead i found it on https://xnyhps.nl/~thijs/xmppoke/2013-08-28/scores.html
>> 
>> What is the difference between the two lists of scores?
>> 
>> Best,
>> Aryo S.
>> 
>> http://mayplaces.com - It's not XMPP, it's MayPlaces
>> 
>> 
>> On Sep 19, 2013, Thomas Camaran <camaran at gmail.com> wrote:
>> you can try connect with me to admin at chatme.im my jabber account in my server?
>> 
>> 
>> 2013/9/19 Mathias Ertl <mati at fsinf.at>
>> On Sat, Sep 14, 2013 at 08:49:09PM +0700, Aryo Sandiyudo wrote:
>> > Interesting blog post, this will be a tremendous input for people who
>> > manage a XMPP server, XMPP server developers and XMPP client developers.
>> > Good job!
>> 
>> I also noted we're literally the only server enforcing s2s TLS encyrption.
>> I hope this doesn't violate specs (otherwise the specs should be updated).
>> jabber.at has been on TLS-only for years and apart from gmail.com (which
>> will end its federation anyway, AFAIR), there are no interop issues. I can
>> only encourage everyone to require TLS on all connections.
>> 
>> greetings, Mati
>> (jabber.at)
>> 
>> --
>> I only read plain text mail! I prefer pgp|gpg signed & encrypted mails!
>> 
>> 
>> -- 
>> Sent from my Android tablet.
> 
> 
> -- 
> Sent from my Android tablet.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20130919/058b6f0e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.jabber.org/pipermail/operators/attachments/20130919/058b6f0e/attachment.pgp>


More information about the Operators mailing list