SSLv3 vulnerability
With the recent vulnerability in SSLv3 (POODLE attacks) I’m currently lookint into disabling SSLv3. This shouldn’t effect anything but really old clients.
With the recent vulnerability in SSLv3 (POODLE attacks) I’m currently lookint into disabling SSLv3. This shouldn’t effect anything but really old clients.
[Update 04/01/2014] Have switched over to new certificates. You should not get any errors about “self-signed certificates” any more and there should be no further interruptions of service. I’m replacing the SSL certificates on both jabber.org.uk and xmpp.org.uk. This is to replace old self-signed certificate with certificates from a CA (Certificate Authority). It should eliminate Read More …
There are some upcoming configuration changes that I am going to implement to increase security. The key change that may impact users is that you will be required to use c2s (Client to Server) encryption. Most clients will use this automatically so should not be effected. If you are having problems please use the contact Read More …
This jabber service will have to be restarted shortly to upgrade SSL keys as per Debian Security Advisory 1571 . Update: Key has been updated and everything is back running again.