[Operators] Please enable Forward Secrecy for your servers!
Tim Birkefeld
mail at tim-birkefeld.de
Mon Oct 5 01:21:25 UTC 2015
+1
On Mon, 5 Oct 2015 12:04:29 +1100
Mike Barnes <mike at bremensaki.com> wrote:
> What we need to be doing is putting information about the quality of
> encryption used in a conversation in front of the users, and letting
> them make informed decisions, instead of fracturing the network
> invisibly.
>
> Is there any defined mechanism to do this? Users are accustomed to the
> little padlock icons on web URLs, can XMPP client software easily
> implement something like this or will it need server extensions to
> report back? As a temporary measure, could the server send a direct
> message to a user alerting them if the encryption on a connection they
> initiate falls below a desired threshold?
>
> Inform the users, don't cut them off from their contacts and leave
> them no path to even tell them why.
>
> On 4 October 2015 at 22:53, Vincent Lauton <vince at darkness.su> wrote:
> > At least gmail,can't say I've blocked the others but I already can't
> > communicate without forward secrecy.
> >
> > 13:52, 4 October 2015, Vincent Lauton <vince at darkness.su>:
> >
> > Actually I do...
> >
> > 10:31, 4 October 2015, Evgeny Khramtsov <xramtsov at gmail.com>:
> >
> > Sat, 03 Oct 2015 13:40:17 +0200
> > Vincent Lauton <vince at darkness.su> wrote:
> >
> >
> > Also I meant I'll block servers that don't support any forward
> > secrecy suites
> >
> >
> > Great idea, LOL. Do you have gmail.com and all its hosted domains
> > blocked already? They don't have any "secrecy" at all.
> >
> >
> >
> > --
> > Sent from Yandex.Mail for mobile
> >
> >
> >
> > --
> > Sent from Yandex.Mail for mobile
--
Tim Birkefeld <mail at tim-birkefeld.de>
More information about the Operators
mailing list