[Operators] Security Test Day reminder - 4 Jan 2014

Marco Cirillo maranda at lightwitch.org
Sat Jan 4 13:55:05 UTC 2014

Il 04/01/2014 14:39, Valérian Saliou ha scritto:
> Metronome as I noticed; Marco stated it’s related to an unproper 
> StartTLS stack being running.
> We’re running Metronome ourselves on Jappix.com <http://Jappix.com>, 
> so this might also be due to a stricter policy from Metronome, Marco?
> -- 
> *Valérian Saliou*
> Jappix <https://jappix.com/> & FrenchTouch Web Agency 
> <http://frenchtouch.pro/> founder.
> Waaave <https://waaave.com/> co-founder.
> Famecoin <http://famecoin.com/> infrastructure manager.
> /More about me on /my personal page <https://valeriansaliou.name/>/./


Metronome wise, it's because the server (movim.eu) isn't properly 
configured. But I found the same behaviour happening from servers 
running Prosody, ejabberd, OpenFire and beside the latter I think both 
Prosody and ejabberd latest versions have consistently working tls.

Also, there could be only 2 things on which it is stricter (latest tip, 
1) is that it checks if the stream version is at least 1.0 if not it 
will close down the stream with unsupported-version which I thought 
being saner since those servers (GTalk on head) aren't tls capable s2s wise.
2) is that it asserts if a remote server requires starttls and if it 
isn't capable of because mod_tls isn't loaded/configured or not 
functioning correctly and mod_dialback is enabled it'll throw a proper 
log warning and close down the stream to that host.

That's all.


*Marco Cirillo*
/LW.Org/LW.Org IM Owner & Head Developer/
/Metronome IM Project Mantainer/Developer/
/Jappix Mantainer/Developer/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20140104/dc1bb1e4/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4512 bytes
Desc: Firma crittografica S/MIME
URL: <http://mail.jabber.org/pipermail/operators/attachments/20140104/dc1bb1e4/attachment-0001.bin>

More information about the Operators mailing list