XMPP Service Operators - 2024-12-04


  1. Maranda

    > <search.jabber.network> Maranda, you're responsible for conference.lightwitch.org, right? If so, please see above. (also, I cannot reach conference.lightwitch.org right now, otherwise I would have pinged you in the support channel over there) Added

  2. MattJ

    edhelas, movim.eu cert may be expired

  3. MattJ

    Confirmed, expired 30 minutes ago

  4. edhelas

    Fixed, it was not correctly deployed in ejabberd

  5. MattJ

    Thanks!

  6. Wojtek

    Hi! sorry for late response: there is MUC support room tigase@muc.tigase.org (.org!) and MIX channel to which we tried migrate to (but MIX is kinda frawn upon so there's that), even though you can use muc-compatibility : tigase@mix.tigase.im (.im!); two different deployments :)

  7. Wojtek

    > Bet that's an error almost nothing implements, and a security vulnerability if you follow it before TLS has started 🙃 good call, we will have to improve that :)

  8. Wojtek

    > Bet that's an error almost nothing implements, and a security vulnerability if you follow it before TLS has started 🙃 good call, we will have to improve that :) (as for not implementig - it's part of the standard ;) )

  9. Wojtek

    > tigase's clustering solution emits that Hmm, it's more for load-balancing. You can use clustering without that.

  10. Wojtek

    > Does that ask for connecting to another one of the three IPs of tigase.me or to that amazon address? those are individual IPs of the machines and not AWS LB

  11. moparisthebest

    Martin: I found it https://www.rfc-editor.org/rfc/rfc6120#section-4.9.3.19 originally defined https://xmpp.org/extensions/xep-0051.html which triggers my pet peeve: > 3. Security Considerations¶ > > To follow. Narrator: they never followed

  12. moparisthebest

    thankfully the RFC does mention that TLS cert verification MUST use the original hostname, but waffles on whether you should emit or follow that before TLS negotiation with a weak MAY

  13. moparisthebest

    Add this to the list of things that MUST cause fallback to the next SRV record but that I'm guessing mostly isn't implemented that way 😔

  14. tom

    I'm going to be taking the server offline for a while. I am getting out of a red state (Missouri) before the inauguration as it is unsafe for lgbt people and there has been absolutely zero opportunity here. I am going to Washington state. I will be homeless for a while and will not have a place to run the servers. Help with a job related to IT or network infrastructure would be appreciated. Nuegia.net will come back up when my life is stable again. No data is expected to be lost. I don't know how long this is going to be. Announcements will be made here: https://sk.unix.dog/@nuegia