SSLv3 vulnerability
With the recent vulnerability in SSLv3 (POODLE attacks) I’m currently lookint into disabling SSLv3. This shouldn’t effect anything but really old clients.
With the recent vulnerability in SSLv3 (POODLE attacks) I’m currently lookint into disabling SSLv3. This shouldn’t effect anything but really old clients.
The server went down over night last night and the service provider took a while before they could find the problem. They have now fixed the problem and all services should be running as normal again.
Jabber.org.uk was not affected by this bug. We are using an older version of the OpenSSL library which did not have this bug.
[Update 04/01/2014] Have switched over to new certificates. You should not get any errors about “self-signed certificates” any more and there should be no further interruptions of service. I’m replacing the SSL certificates on both jabber.org.uk and xmpp.org.uk. This is to replace old self-signed certificate with certificates from a CA (Certificate Authority). It should eliminate Read More …
There are some upcoming configuration changes that I am going to implement to increase security. The key change that may impact users is that you will be required to use c2s (Client to Server) encryption. Most clients will use this automatically so should not be effected. If you are having problems please use the contact Read More …