Projects tigase _server server-core Issues #273
grade-C, xmpp.net score of jabber.me (#273)
xmpp texting FTW opened 1 decade ago

your test result is not inspiring compared to other free public xmpp texting servers:

https://xmpp.net/result.php?id=10927

from their about page:

Every server is given a grade from A to F, both for their client-to-server and server-to-server TLS configuration. The grades are based on the same principles as the tests of SSL Labs, https://ssllabs.com/projects/rating-guide/index.html for details. Scoring 100 on every test is not the goal: this will lead to incompatibility with many XMPP clients. Scoring an A, on the other hand, does not mean that security cannot be improved. For instance: mandatory channel encryption, forward secrecy, and DNSSEC do not (yet) count toward the grade.

--quote-ends--

Artur Hefczyc commented 1 decade ago

Thank you for the report. We are aware of it and in fact we have much improved version currently under tests. The new Tigase code offers even a special hardened mode.

We will be upgrading the service very soon. Actually I think the new code is mature enough and tested so we could put it on the jabber.me and tigase.im system.

Wojciech, could you please have a look whether we can easily upgrade our public service with the new version, whether there are any compatibility issues? If you think we are OK with code update you can create a ticket for Eric but please assist him as he has not upgraded the installation before.

wojciech.kapcia@tigase.net commented 1 decade ago

The only issues I can think of would be

  • changing JDK from OpenJDK to Oracles as the hardened mode may cause some issues on OpenJDK;

  • small upgrade to MUC database schema.

Ticket #1689 created.

Artur Hefczyc commented 1 decade ago

Sounds good, please go ahead with update. Just make sure the MUC schema is updated in a correct DB as this installation uses quite a few different DBs for different domains.

Artur Hefczyc commented 1 decade ago

Ok, from our side the problem is fixed, software is improved and Tigase runs in a hardened mode. The domain however belongs to Florian Jensen so we has to obtain a better SSL certificate for it.

issue 1 of 1
Type
Bug
Priority
Normal
Assignee
RedmineID
1688
Issue Votes (0)
Watchers (0)
Reference
tigase/_server/server-core#273
Please wait...
Page is in error, reload to recover