[Operators] May 19th - Permanent encrypted XMPP network and Open Discussion Day

Mikael Nordfeldth mmn at hethane.se
Mon May 19 11:43:30 UTC 2014


2014-05-19 13:19 skrev Kevin Smith:
> As mentioned earlier in this thread, this isn't the case, and whether
> people trust individual CAs or not is tangential. Today's change is to
> require encryption, not to do authentication with the provided certs.

Thanks.

Yeah, I noticed now that there were two separate settings for this in my 
prosody config for s2s TLS. They are now configured to the following:

    s2s_require_encryption = true
    s2s_secure_auth = false

Which I believe is what me and perhaps quite a lot of others who have 
not actively participated in the TLS transition might have missed.

I can only assume other software have the same kind of separation of TLS 
configuration.

-- 
Mikael Nordfeldth
http://blog.mmn-o.se/
XMPP/mail: mmn at hethane.se


More information about the Operators mailing list