[Operators] Suspicion of Jabbim services being hacked

Sam Whited sam at samwhited.com
Sat Dec 20 02:43:45 UTC 2014



On 12/19/2014 06:22 PM, Dave Cridland wrote:
> A clear message like this, perhaps:
> 
> http://wiki.xmpp.org/web/Plain_Stupid
> 
> (Yeah, everything needs a catchy name these days).


Sounds good; step two is to convince TLS stack maintainers to actually
give us access to the client final message so we can do `tls-uniqe'
channel binding without resorting to bundling our own TLS stacks
(seriously; everything uses tls-unique for channel binding, and it seems
like very few stacks actually give you access to the info you need for it).

—Sam

-- 
Sam Whited
pub 4096R/54083AE104EA7AD3
https://blog.samwhited.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20141219/d66b0fbe/attachment.sig>


More information about the Operators mailing list