[Ach] question ejabberd
Pepi Zawodsky
pepi.zawodsky at maclemon.at
Sat Dec 14 19:34:34 CET 2013
On 13.12.2013, at 18:04, Adi Kriegisch <adi at kriegisch.at> wrote:
>> So, I have another question to the community of experts. How do I tell ejabberd to only use our cipher suite?
> You can't... or wait, no, patch the source! ;-)
>
> Concerning the communication that doesn't matter that much as our
> recommendation should be OTR (end-to-end security) anyways. So s2s should
> not matter that much.
Given Clients use OTR that would not matter as much, the reality sadly is that only few clients actually use OTR. (In any client I've seen this is turned off by default.)
We should certainly emphasize that updating ejabberd is _absolutely_ key to getting better crypto support for any (c2s and s2s) connection. Most ejabberd installations are somwhere between fairly to terribly outdated. (Seems people fear to touch it ever again once they got it to work.)
Best regards
Pepi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131214/0681d0f7/attachment.sig>
More information about the Ach
mailing list