-
Maranda
> <search.jabber.network> Maranda, you're responsible for conference.lightwitch.org, right? If so, please see above. (also, I cannot reach conference.lightwitch.org right now, otherwise I would have pinged you in the support channel over there) Added
-
MattJ
edhelas, movim.eu cert may be expired
-
MattJ
Confirmed, expired 30 minutes ago
-
edhelas
Fixed, it was not correctly deployed in ejabberd
-
MattJ
Thanks!
-
Wojtek
Hi! sorry for late response: there is MUC support room tigase@muc.tigase.org (.org!) and MIX channel to which we tried migrate to (but MIX is kinda frawn upon so there's that), even though you can use muc-compatibility : tigase@mix.tigase.im (.im!); two different deployments :)
-
Wojtek
> Bet that's an error almost nothing implements, and a security vulnerability if you follow it before TLS has started 🙃 good call, we will have to improve that :)✎ -
Wojtek
> Bet that's an error almost nothing implements, and a security vulnerability if you follow it before TLS has started 🙃 good call, we will have to improve that :) (as for not implementig - it's part of the standard ;) ) ✏
-
Wojtek
> tigase's clustering solution emits that Hmm, it's more for load-balancing. You can use clustering without that. ✏
-
Wojtek
> Does that ask for connecting to another one of the three IPs of tigase.me or to that amazon address? those are individual IPs of the machines and not AWS LB
-
moparisthebest
Martin: I found it https://www.rfc-editor.org/rfc/rfc6120#section-4.9.3.19 originally defined https://xmpp.org/extensions/xep-0051.html which triggers my pet peeve: > 3. Security Considerations¶ > > To follow. Narrator: they never followed
-
moparisthebest
thankfully the RFC does mention that TLS cert verification MUST use the original hostname, but waffles on whether you should emit or follow that before TLS negotiation with a weak MAY
-
moparisthebest
Add this to the list of things that MUST cause fallback to the next SRV record but that I'm guessing mostly isn't implemented that way 😔
-
tom
I'm going to be taking the server offline for a while. I am getting out of a red state (Missouri) before the inauguration as it is unsafe for lgbt people and there has been absolutely zero opportunity here. I am going to Washington state. I will be homeless for a while and will not have a place to run the servers. Help with a job related to IT or network infrastructure would be appreciated. Nuegia.net will come back up when my life is stable again. No data is expected to be lost. I don't know how long this is going to be. Announcements will be made here: https://sk.unix.dog/@nuegia