XMPP Service Operators - 2026-05-08

jabber.cz: Server-to-server connection failed: Remote server's certificate has expired

Perhaps an opinion that's incompatible with the design of XMPP: but does anyone else wish there was a means of "requiring" certain features be enabled from the server side? Example, if I have an muc that's invite only, require a minimum version of OMEMO be enabled for participation. Or, not quite that extreme, but if a connected client supports DNSSEC/DANE enforcement then "suggest" to the client that it be enabled. The biggest one would be the encryption requirement. To me, things should be encrypted by default in 2026, but not every client agrees and, especially with new users, needing to walk them through enabling it, as well as different clients presenting it in different ways, is something that can make for friction. Makes sense to me that if I'm hosting the muc, whether it uses encryption or not would be something I could choose. 🤷‍♂️

DNSSEC enablement would absolutely cause issues if the client implements it globally, rather than per-server... so that's probably a non-starter, but there's a lot of agency put on the clients

Ideally if everyone you onboard wants the same experience you get them all on the same app. Then you have one thing to explain. A MUC csn absolutely refuse so-called “unencrypted” messages though

> Ideally if everyone you onboard wants the same experience you get them all on the same app. Then you have one thing to explain. > > A MUC csn absolutely refuse so-called “unencrypted” messages though hmm that's interesting... I'm not sure any of my clients expose that option. I'll need to look into that ↺

seems like a very manual config, not actually a XEP. Basically just making a filter that only lets encrypted messages through; something I'll need to experiment with when I have more time to break things. That explains why it's not an option in any clients 😁 ✏

Yeah I don't know if anyone has implemented that or not but would be easy to do.