[Operators] Please enable Forward Secrecy for your servers!

Mathias Ertl mati at fsinf.at
Sat Sep 12 16:55:06 UTC 2015


Hi everybody,

Just a quick reminder, this is less then a month from now:

On 2015-07-10 11:47, Mathias Ertl wrote:
> We at jabber.at would like to announce that we will exclusively support
> forward secrecy[1] enabled ciphers starting *October 1st, 2015*. Servers
> that do not support any of those ciphers by then, will not be able to
> federate with us until they upgrade.

jabber.ccc.de does this already right now. So if your server does not
support PFS, this will only get worse. Test if you're ready:

> You can test if you're ready at https://xmpp.net. If you support any
> forward secrecy cipher, you are fine. If you use the versions of
> ejabberd and Prosody that ship with the current Debian Stable or Ubuntu
> LTS, you're fine as well. If you use e.g. Debian Squeeze, you definitely
> should update.

greetings, Mati

-- 
twitter: @mathiasertl | xing: Mathias Ertl | email: mati at er.tl
I only read plain-text mail!  I prefer signed/encrypted mail!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6064 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20150912/198d4fd1/attachment.bin>


More information about the Operators mailing list