[Operators] Security Test Day reminder - 4 Jan 2014
Marco Cirillo
maranda at lightwitch.org
Sat Jan 4 13:55:05 UTC 2014
Il 04/01/2014 14:39, Valérian Saliou ha scritto:
> Metronome as I noticed; Marco stated it’s related to an unproper
> StartTLS stack being running.
>
> We’re running Metronome ourselves on Jappix.com <http://Jappix.com>,
> so this might also be due to a stricter policy from Metronome, Marco?
>
> --
>
> *Valérian Saliou*
>
> Jappix <https://jappix.com/> & FrenchTouch Web Agency
> <http://frenchtouch.pro/> founder.
> Waaave <https://waaave.com/> co-founder.
> Famecoin <http://famecoin.com/> infrastructure manager.
>
> /More about me on /my personal page <https://valeriansaliou.name/>/./
>
No.
Metronome wise, it's because the server (movim.eu) isn't properly
configured. But I found the same behaviour happening from servers
running Prosody, ejabberd, OpenFire and beside the latter I think both
Prosody and ejabberd latest versions have consistently working tls.
Also, there could be only 2 things on which it is stricter (latest tip,
3.2.26):
1) is that it checks if the stream version is at least 1.0 if not it
will close down the stream with unsupported-version which I thought
being saner since those servers (GTalk on head) aren't tls capable s2s wise.
2) is that it asserts if a remote server requires starttls and if it
isn't capable of because mod_tls isn't loaded/configured or not
functioning correctly and mod_dialback is enabled it'll throw a proper
log warning and close down the stream to that host.
That's all.
--
*Marco Cirillo*
/LW.Org/LW.Org IM Owner & Head Developer/
/Metronome IM Project Mantainer/Developer/
/Jappix Mantainer/Developer/
http://lightwitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20140104/dc1bb1e4/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4512 bytes
Desc: Firma crittografica S/MIME
URL: <http://mail.jabber.org/pipermail/operators/attachments/20140104/dc1bb1e4/attachment-0001.bin>
More information about the Operators
mailing list