XMPP Service Operators - 2026-01-25

  1. tom

    >> Not great, Not terrible. > Low expectations for TLS 3.6 eh? CSNA deprecates aes128 https://en.wikipedia.org/wiki/Commercial_National_Security_Algorithm_Suite

  2. tom

    Suite B was retracted

  3. moparisthebest

    if NSA says something is bad it's probably good lol

  4. moparisthebest

    the reverse is certainly true

  5. tom

    You don't know what your talking about.

  6. Menel

    I think at this point everyone knows you want higher numbers in your AES. But this isn't the wrong forum for lobbying that. We use the standards that exist and are deployed in the OS used. If you want to lobby for stronger encryption..... Operators of xmpp servers won't change the tls standard. Best put your arguments to some tls developers and standardizing organisations.

  7. moparisthebest

    > You don't know what your talking about. ok, make sure you follow all the NSA recommendations then like generating all your "random" keys with https://en.wikipedia.org/wiki/Dual_EC_DRBG

  8. icebound.dev

    Is there a crypto MUC, this discussion is still continuing after many days.

  9. tom

    > I think at this point everyone knows you want higher numbers in your AES. But this isn't the wrong forum for lobbying that. We use the standards that exist and are deployed in the OS used. > If you want to lobby for stronger encryption..... Operators of xmpp servers won't change the tls standard. > > Best put your arguments to some tls developers and standardizing organisations. The cryptographic standard being used rfc 6379 suite b was set to historic in 2018. New standards have come along. And no, this isn't just about the encipherment used but the key agreement too. Arguably the key agreement is more important.

  10. tom

    > I think at this point everyone knows you want higher numbers in your AES. But this isn't the wrong forum for lobbying that. We use the standards that exist and are deployed in the OS used. > If you want to lobby for stronger encryption..... Operators of xmpp servers won't change the tls standard. > > Best put your arguments to some tls developers and standardizing organisations. The cryptographic standard being used rfc 6379 suite b was set to historic status in 2018. New standards have come along. And no, this isn't just about the encipherment used but the key agreement too. Arguably the key agreement is more important.