[Operators] Security Test Day reminder - 4 Jan 2014

Marco Cirillo maranda at lightwitch.org
Sat Jan 4 13:55:05 UTC 2014


Il 04/01/2014 14:39, Valérian Saliou ha scritto:
> Metronome as I noticed; Marco stated it’s related to an unproper 
> StartTLS stack being running.
>
> We’re running Metronome ourselves on Jappix.com <http://Jappix.com>, 
> so this might also be due to a stricter policy from Metronome, Marco?
>
> -- 
>
> *Valérian Saliou*
>
> Jappix <https://jappix.com/> & FrenchTouch Web Agency 
> <http://frenchtouch.pro/> founder.
> Waaave <https://waaave.com/> co-founder.
> Famecoin <http://famecoin.com/> infrastructure manager.
>
> /More about me on /my personal page <https://valeriansaliou.name/>/./
>

No.

Metronome wise, it's because the server (movim.eu) isn't properly 
configured. But I found the same behaviour happening from servers 
running Prosody, ejabberd, OpenFire and beside the latter I think both 
Prosody and ejabberd latest versions have consistently working tls.

Also, there could be only 2 things on which it is stricter (latest tip, 
3.2.26):
1) is that it checks if the stream version is at least 1.0 if not it 
will close down the stream with unsupported-version which I thought 
being saner since those servers (GTalk on head) aren't tls capable s2s wise.
2) is that it asserts if a remote server requires starttls and if it 
isn't capable of because mod_tls isn't loaded/configured or not 
functioning correctly and mod_dialback is enabled it'll throw a proper 
log warning and close down the stream to that host.

That's all.

-- 

*Marco Cirillo*
/LW.Org/LW.Org IM Owner & Head Developer/
/Metronome IM Project Mantainer/Developer/
/Jappix Mantainer/Developer/
http://lightwitch.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20140104/dc1bb1e4/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4512 bytes
Desc: Firma crittografica S/MIME
URL: <http://mail.jabber.org/pipermail/operators/attachments/20140104/dc1bb1e4/attachment-0001.bin>


More information about the Operators mailing list