XMPP Service Operators - 2024-07-07


  1. Martin

    > Establishing a secure connection from mdosch.de to a-lec.org failed. Certificate hash: 19e62da294f5c4caed6cf4766eac346f88f0cc03dd890948e3ee3a71bd0563d6. Error with certificate 0: no matching DANE TLSA records.

  2. Polarian

    > > Establishing a secure connection from mdosch.de to a-lec.org failed. Certificate hash: 19e62da294f5c4caed6cf4766eac346f88f0cc03dd890948e3ee3a71bd0563d6. Error with certificate 0: no matching DANE TLSA records. Martin, your server forces DANE?

  3. Martin

    My servers checks dane if there is an tlsa record.

  4. nuegia.net

    are we at the point we can get rid of certificate authorities for xmpp yet?

  5. Polarian

    > are we at the point we can get rid of certificate authorities for xmpp yet? not everyone agrees with DANE, I have seem people complain about it

  6. Polarian

    I think DANE is a good thing to validate if it exists... but it shouldn't be mandatory anytime soon

    👆 1
  7. Polarian

    Guus: I don't think Openfire even supports DANE validation, right?

  8. Guus

    Polarian: correct

  9. Polarian

    > Polarian: correct Guus: might be a good todo for 4.9.x?