XSF: XMPP Standards Foundation  

#XSF Announcement

Recently there was an attack via so called #man_in_the_middle attack happened to an #XMPP #server.

To reduce the risk of such attacks in the future an early stage service called CertWatch has been published by our Community: certwatch.xmpp.net/

Many thanks to Stephen P. Weber (@singpolyma)!

Read two related blog posts:
blog.jmp.chat/b/certwatch/cert

snikket.org/blog/on-the-jabber

#Jabber #mitm #security #vulnerability #machine_in_the_middle #chat

1+
ruff  

@xmpp @singpolyma seems it does not follow cname? or it does not tell if domain is ok already?

1
Menel :xmpp:  

@ruff
It should work, could you tell me what name you are trying to check for debugging? (as DM of you wish)
@xmpp @singpolyma

1
ruff
Follow

@Menel @xmpp @singpolyma ok perhaps it's caching more agressively than SOA TTL, I just set tlsa and checked - it was saying i should set tlsa, waited for ttl time, rechecked - still said I need to set tlsa. But today it's ok, shows green.

· Web · 0 · 0 · 0
Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml