[Operators] May 19th - Permanent encrypted XMPP network and Open Discussion Day
Mikael Nordfeldth
mmn at hethane.se
Mon May 19 11:43:30 UTC 2014
2014-05-19 13:19 skrev Kevin Smith:
> As mentioned earlier in this thread, this isn't the case, and whether
> people trust individual CAs or not is tangential. Today's change is to
> require encryption, not to do authentication with the provided certs.
Thanks.
Yeah, I noticed now that there were two separate settings for this in my
prosody config for s2s TLS. They are now configured to the following:
s2s_require_encryption = true
s2s_secure_auth = false
Which I believe is what me and perhaps quite a lot of others who have
not actively participated in the TLS transition might have missed.
I can only assume other software have the same kind of separation of TLS
configuration.
--
Mikael Nordfeldth
http://blog.mmn-o.se/
XMPP/mail: mmn at hethane.se
More information about the Operators
mailing list