From 91adbdb19cc15ce9c7ac9fad57a7d08f5d4d4e27 Mon Sep 17 00:00:00 2001
From: Jesper Hess Nielsen <jesper@graffen.dk>
Date: Fri, 30 Dec 2016 10:57:23 +0100
Subject: [PATCH] Describe new S2S TLS requirement

---
 _pages/01_connect.md | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/_pages/01_connect.md b/_pages/01_connect.md
index a5253d8..5be213e 100644
--- a/_pages/01_connect.md
+++ b/_pages/01_connect.md
@@ -23,16 +23,17 @@ Simply add _username_@xmpp.dk in your client and click “register” or check t
 * When connecting to the hidden service you will get a warning about the TLS certificate not matching the host name. This is OK.
 
 ## Secure Communication
-The connection between your client and xmpp.net is encrypted using TLS. The server prefers secure connections to other servers, however this cannot be guaranteed. 
-Since you can't (and shouldn't) trust your xmpp server, I require you always enable [Off-The-Record (OTR)][off-the-record] in your chat client. This will give you end-to-end encrypted chat that cannot be decrypted while in transit
-and, depending on the settings of your client, will not be logged on your local machine. 
+The connection between your client and xmpp.net is encrypted using TLS. The server requires TLS connections to other XMPP servers.
+This means that if you can't connect to a friend, their provider is not configured to use TLS and the xmpp.dk server will refuse the connection. Your friend
+should either convince their provider to enable TLS server-to-server connections, or switch to a provider that has proper encrypted transport support. 
+Since you can't (and shouldn't) trust your xmpp server, I require you always enable [Off-The-Record (OTR)][off-the-record] in your chat client. 
+This will give you end-to-end encrypted chat that cannot be decrypted while in transit and, depending on the settings of your client, will not be logged on your local machine. 
 
 ## Federation
-xmpp.dk allows federated connections to all other S2S TLS-enabled Jabber servers so you can chat with anyone that has a Jabber account. Note that Google Talk (has this been deprecated yet?) doesn’t support S2S connections.
+xmpp.dk allows federated connections to all other *S2S TLS-enabled Jabber servers* so you can chat with anyone that has a Jabber account as long as their provider supports TLS and is configured correctly. 
 
 ## xmpp.net score
 [![xmpp.net_score](https://xmpp.net/badge.php?domain=xmpp.dk)][xmpp.net]
 
-[jabber-clients]: https://xmpp.org/software/clients.html
 [off-the-record]: https://otr.cypherpunks.ca/
 [xmpp.net]: https://xmpp.net/result.php?domain=xmpp.dk&type=client
\ No newline at end of file