email@example.comI've just opened my server to full federation (allow all). It has required ssl on c2s and s2s, only problem is I've got a self-sighned cert.
firstname.lastname@example.orgAlso I have ejabberd stuns required.
email@example.comAlso, I was at a rave last night!
firstname.lastname@example.org that's irrelevant.
email@example.comWhat do you all expect from today?
firstname.lastname@example.orgIs this where things will be co-ordinated?
email@example.comOK, I'll be back
firstname.lastname@example.orgHi again, am looking at the various results from https://xmpp.net/list.php
Andreas Olssonhas joined
Andreas Olssonhas left
email@example.comSome servers, respect client cipher ordering.. How to avoid this?
firstname.lastname@example.orgThe server I operate, ejabberd, unfortunately respects client cipher ordering.
email@example.comAnybody from ejabberd devs who can help with this?
firstname.lastname@example.orgYeah, I was hoping ejabberd might release some new software for today.
email@example.comI think the respect of client cipher ordering has to do with open ssl. Is this correct?
firstname.lastname@example.orgWell, I hope things will liven up later today.
email@example.comEjabberd 13.12 has cipher odering options. Unfortunately I am using the freebsd current port, ejabberd 2.1.13.
firstname.lastname@example.orgI see jabber.calyxinstitute.org use Prosody to enforce OTR. Can this be done with ejabberd? See https://xmpp.net/result.php?domain=jabber.calyxinstitute.org&type=client and https://twitter.com/search?q=xmpp&src=typd
email@example.comPrevious 2 messages here not showing
firstname.lastname@example.orgI didn't know that jitsi.org is part of google. Did you?
mathieuiwell, if someone were to write a module for it, maybe
email@example.comHi mathiuei, you use ejabberd?
firstname.lastname@example.orgMy messages are not visible to me unless I quit adium and restart.
mathieuiand no, I use prosody
email@example.comWere you around at the first encrypt all xmpp connections day?
mathieuinot specifically here, but yes
firstname.lastname@example.orgI've been scanning the various mailing lists but I haven't seen any particular plan or co-ordinated plan of action for today. I wasn't around on day1.
mathieuiwell, the plan is here http://xmpp.org/2014/02/second-security-test-day/
mathieuithere isn’t much to do except wait & see
email@example.comOk, maybe its early..
mathieuiand yes, US isn’t awake yet
firstname.lastname@example.org, I think I'll go for a rest and come back later. Nice to speak to you. Catch you later in the day.
email@example.comI'm in GMT, London. You? France?
firstname.lastname@example.orgCool, yeah, I just checked your xmpp profile.
email@example.comI don't know this "Poezio" client. Sounds good.
firstname.lastname@example.orgLooks ok for command line access. I've been using irssi-xmpp plugin, but not otr available there for now.
email@example.comAnyhow, only dependency on US is DNS.
SimonHow is everyone's XMPP security testing going?
firstname.lastname@example.orgSo so. I can't force OTR on the ejabberd server. I can't force server based cipher ordering via current openssl on freebsd, so not so good for me.
andolWell, my @gmail.com xmpp contacts still breaks :)
By the way, are we testing enforcing proper certs too today?
email@example.comI haven't tried xmpp to gmail/google chat. I read google weren't using s2s ssl encryption. I think part of the plan is to test valid certs, thought I haven;t got one. A big F for me.
Simongio: which xmpp server are you using?
firstname.lastname@example.org you tried ejabberd to gmail/google chat gateway?
Simonnope - tried working on Ejabberd a lot a long time ago.
Simonused it for buddycloud stuff for about a year.
email@example.com your favorite now? Prosidy?
SimonProsody for smaller sites.
firstname.lastname@example.org for bigger sites?
SimonTigase for larger sites.
SimonI know Ejabberd claims amazing scalability etc, but Tigase really delivers it.
email@example.comI am looking at tigase.org website now. It promotes it's ability to handle large-scale use. Though if general federation works not so important for small scale servers.
firstname.lastname@example.orgWhat I like is the possibilty of enforced OTR.
email@example.com my ejabberd server does not do.
firstname.lastname@example.orgAs I have very few users of my xmpp server, at what point does clustering become relevant, in terms of quantity of users? Sure I would set up a second or third xmpp back server, but on a signe server (I have never tried to stress test)
email@example.com on a single server at how many users start to slow things down, in general?
Simongio - user counts really only influence memory use. It's what the users are doing.
firstname.lastname@example.org, clustering becomes relevant when you start hittling more than thousands of concurrent users that do things, on a decent server
email@example.comWell, for now I don't need to worry!
SimonTigase and their clustering components will get you up to the 10M user mark
firstname.lastname@example.orgAlthough there is a plan to setup new open xmpp service with provisioning for jitsi client.
SimonI'd really like to include a hosted version of jitsi on the buddycloud hosted servers
Simon"sign-up for buddycloud, get hosted jitsi on your domain too."
email@example.comI see, but I don't yet understand all the advantages of provisioning.
Simonbasically it's a "just add these dns records and you will have XMPP+buddycloud+oTalk(+jitsi)."
firstname.lastname@example.orgI see, but can;t that be done on "first connection"?
Simonit would be - but it needs to be running and working for any domain that signs up.
Simonthat's the provisioning bit.
email@example.comOffering xmpp to any domain.
Sol.Pvt GlasFrosthas joined
Sol.Pvt GlasFrosthas left
aRyoSimon: is that "provisioning" thing possible?
Simonaryo: we've built it and are working to get it deployed now. If you are interested, here's the code: https://github.com/buddycloud/hosting
aRyoactually buddycloud is too much for me
aRyooffering XMPP to any registered domain, that is good idea
SimonaRyo - for sure - some will use it. Some not. Nobody is forcing anyone.
aRyoyes, it can be an option for them
hugoHi. I have a server that wanted to test for this test day, but the test service in xmpp.net is giving me " "" is not a valid domain name. "
hugoI tried with another xmpp server and its the same. Is there any problem with the tester?