xmpp.dk/website
1
0
Fork 0
Code Issues Releases Activity

Describe new S2S TLS requirement

Browse source
This commit is contained in:
Jesper Hess 2016-12-30 10:57:23 +01:00
parent 19099765cd
commit 91adbdb19c
Signed by: graffen
GPG key ID: 351A89E40D763F0F
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
_pages/01_connect.md
View file

@ -23,16 +23,17 @@ Simply add _username_@xmpp.dk in your client and click “register” or check t
* When connecting to the hidden service you will get a warning about the TLS certificate not matching the host name. This is OK.
## Secure Communication
The connection between your client and xmpp.net is encrypted using TLS. The server prefers secure connections to other servers, however this cannot be guaranteed.
Since you can't (and shouldn't) trust your xmpp server, I require you always enable [Off-The-Record (OTR)][off-the-record] in your chat client. This will give you end-to-end encrypted chat that cannot be decrypted while in transit
and, depending on the settings of your client, will not be logged on your local machine.
The connection between your client and xmpp.net is encrypted using TLS. The server requires TLS connections to other XMPP servers.
This means that if you can't connect to a friend, their provider is not configured to use TLS and the xmpp.dk server will refuse the connection. Your friend
should either convince their provider to enable TLS server-to-server connections, or switch to a provider that has proper encrypted transport support.
Since you can't (and shouldn't) trust your xmpp server, I require you always enable [Off-The-Record (OTR)][off-the-record] in your chat client.
This will give you end-to-end encrypted chat that cannot be decrypted while in transit and, depending on the settings of your client, will not be logged on your local machine.
## Federation
xmpp.dk allows federated connections to all other S2S TLS-enabled Jabber servers so you can chat with anyone that has a Jabber account. Note that Google Talk (has this been deprecated yet?) doesnt support S2S connections.
xmpp.dk allows federated connections to all other *S2S TLS-enabled Jabber servers* so you can chat with anyone that has a Jabber account as long as their provider supports TLS and is configured correctly.
## xmpp.net score
[![xmpp.net_score](https://xmpp.net/badge.php?domain=xmpp.dk)][xmpp.net]
[jabber-clients]: https://xmpp.org/software/clients.html
[off-the-record]: https://otr.cypherpunks.ca/
[xmpp.net]: https://xmpp.net/result.php?domain=xmpp.dk&type=client