Tigase Forge
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
Martin
Code
Pull Requests
Issues
List
Boards
Iterations
Builds
Statistics
Child Projects
OneDev 10.9.4
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects tigase _libraries Martin Issues #112
Add support for DNSSEC (#112)
Open
Andrzej Wójcik (Tigase) opened 2 years ago

It would be good to add support for DNSSEC validation of DNS SRV records resolved to discover XMPP server endpoints. That would increase security and would allow us later on to add support for DANE, which would allow the usage of a single TLS certificate for server hosting multiple domains (those domains would just need a correct TLSA records).
Andrzej Wójcik (Tigase) commented 2 years ago

I've tried to implement this feature (as it looked fairly simple), however due to bugs in macOS and iOS implementation of DNSSEC for SRV records, this do not work properly.
Andrzej Wójcik (Tigase) commented 2 years ago

Issue was reported to Apple using Feedback Assistant with id FB11916531
issue 1 of 1
Type
Task
Priority
Normal
Assignee
Andrzej Wójcik (Tigase)
Issue Votes (0)
Login to vote
Watchers (0)
Reference
tigase/_libraries/Martin#112
Please wait...
Page is in error, reload to recover