firstname.lastname@example.orgI've just opened my server to full federation (allow all). It has required ssl on c2s and s2s, only problem is I've got a self-sighned cert.
email@example.comAlso I have ejabberd stuns required.
firstname.lastname@example.orgAlso, I was at a rave last night!
email@example.com that's irrelevant.
firstname.lastname@example.orgWhat do you all expect from today?
email@example.comIs this where things will be co-ordinated?
firstname.lastname@example.orgOK, I'll be back
email@example.comHi again, am looking at the various results from https://xmpp.net/list.php
Andreas Olssonhas joined
Andreas Olssonhas left
firstname.lastname@example.orgSome servers, respect client cipher ordering.. How to avoid this?
email@example.comThe server I operate, ejabberd, unfortunately respects client cipher ordering.
firstname.lastname@example.orgAnybody from ejabberd devs who can help with this?
email@example.comYeah, I was hoping ejabberd might release some new software for today.
firstname.lastname@example.orgI think the respect of client cipher ordering has to do with open ssl. Is this correct?
email@example.comWell, I hope things will liven up later today.
firstname.lastname@example.orgEjabberd 13.12 has cipher odering options. Unfortunately I am using the freebsd current port, ejabberd 2.1.13.
email@example.comI see jabber.calyxinstitute.org use Prosody to enforce OTR. Can this be done with ejabberd? See https://xmpp.net/result.php?domain=jabber.calyxinstitute.org&type=client and https://twitter.com/search?q=xmpp&src=typd
firstname.lastname@example.orgPrevious 2 messages here not showing
email@example.comI didn't know that jitsi.org is part of google. Did you?
mathieuiwell, if someone were to write a module for it, maybe
firstname.lastname@example.orgHi mathiuei, you use ejabberd?
email@example.comMy messages are not visible to me unless I quit adium and restart.
mathieuiand no, I use prosody
firstname.lastname@example.orgWere you around at the first encrypt all xmpp connections day?
mathieuinot specifically here, but yes
email@example.comI've been scanning the various mailing lists but I haven't seen any particular plan or co-ordinated plan of action for today. I wasn't around on day1.
mathieuiwell, the plan is here http://xmpp.org/2014/02/second-security-test-day/
mathieuithere isn’t much to do except wait & see
firstname.lastname@example.orgOk, maybe its early..
mathieuiand yes, US isn’t awake yet
email@example.com, I think I'll go for a rest and come back later. Nice to speak to you. Catch you later in the day.
firstname.lastname@example.orgI'm in GMT, London. You? France?
email@example.comCool, yeah, I just checked your xmpp profile.
firstname.lastname@example.orgI don't know this "Poezio" client. Sounds good.
email@example.comLooks ok for command line access. I've been using irssi-xmpp plugin, but not otr available there for now.
firstname.lastname@example.orgAnyhow, only dependency on US is DNS.
SimonHow is everyone's XMPP security testing going?
email@example.comSo so. I can't force OTR on the ejabberd server. I can't force server based cipher ordering via current openssl on freebsd, so not so good for me.
andolWell, my @gmail.com xmpp contacts still breaks :)
By the way, are we testing enforcing proper certs too today?
firstname.lastname@example.orgI haven't tried xmpp to gmail/google chat. I read google weren't using s2s ssl encryption. I think part of the plan is to test valid certs, thought I haven;t got one. A big F for me.
Simongio: which xmpp server are you using?
email@example.com you tried ejabberd to gmail/google chat gateway?
Simonnope - tried working on Ejabberd a lot a long time ago.
Simonused it for buddycloud stuff for about a year.
firstname.lastname@example.org your favorite now? Prosidy?
SimonProsody for smaller sites.
email@example.com for bigger sites?
SimonTigase for larger sites.
SimonI know Ejabberd claims amazing scalability etc, but Tigase really delivers it.
firstname.lastname@example.orgI am looking at tigase.org website now. It promotes it's ability to handle large-scale use. Though if general federation works not so important for small scale servers.
email@example.comWhat I like is the possibilty of enforced OTR.
firstname.lastname@example.org my ejabberd server does not do.
email@example.comAs I have very few users of my xmpp server, at what point does clustering become relevant, in terms of quantity of users? Sure I would set up a second or third xmpp back server, but on a signe server (I have never tried to stress test)
firstname.lastname@example.org on a single server at how many users start to slow things down, in general?
Simongio - user counts really only influence memory use. It's what the users are doing.
email@example.com, clustering becomes relevant when you start hittling more than thousands of concurrent users that do things, on a decent server
firstname.lastname@example.orgWell, for now I don't need to worry!
SimonTigase and their clustering components will get you up to the 10M user mark
email@example.comAlthough there is a plan to setup new open xmpp service with provisioning for jitsi client.
SimonI'd really like to include a hosted version of jitsi on the buddycloud hosted servers
Simon"sign-up for buddycloud, get hosted jitsi on your domain too."
firstname.lastname@example.orgI see, but I don't yet understand all the advantages of provisioning.
Simonbasically it's a "just add these dns records and you will have XMPP+buddycloud+oTalk(+jitsi)."
email@example.comI see, but can;t that be done on "first connection"?
Simonit would be - but it needs to be running and working for any domain that signs up.
Simonthat's the provisioning bit.
firstname.lastname@example.orgOffering xmpp to any domain.
Sol.Pvt GlasFrosthas joined
Sol.Pvt GlasFrosthas left
aRyoSimon: is that "provisioning" thing possible?
Simonaryo: we've built it and are working to get it deployed now. If you are interested, here's the code: https://github.com/buddycloud/hosting
aRyoactually buddycloud is too much for me
aRyooffering XMPP to any registered domain, that is good idea
SimonaRyo - for sure - some will use it. Some not. Nobody is forcing anyone.
aRyoyes, it can be an option for them
hugoHi. I have a server that wanted to test for this test day, but the test service in xmpp.net is giving me " "" is not a valid domain name. "
hugoI tried with another xmpp server and its the same. Is there any problem with the tester?