I second this a little bit.
In my case I need to upgrade from Debian wheezy to jessie to get PFS, so
there is more work involved. And I'd expect a decent number of servers
to be in the same situation. Jessie came out in April, so it's not brand
new. But it is still fairly recent and you can't just expect everyone to
have upgraded already.
On the other hand, there will never be a perfect time to make such a
switch and I do appreciate the push for more security.
~David
On 2015-07-27 07:46, Eric Koldeweij wrote:
Yes, my server would be one of those who cannot reach jabber.ccc.de any
more.
I did not get around to turning it on yet, I need a software upgrade
for that.
I understand the need for extra security but enforcing it right away
without giving fellow operators time to upgrade as well will only hurt
the community. I thought I had until end of september for this.
Not happy.
Eric.
On 07/27/15 15:07, Peter Schwindt wrote:
Hi Mike,
On 07/10/2015 01:11 PM, Mike Barnes wrote:
Do you have any details on which client software and versions you've
tested, Mathias? I've been looking at doing this but I've been more
concerned about the client experience than s2s issues.
At jabber.ccc.de, I had (forcing Forward Secrecy for a week now) not a
single person experiencing (and messaging me about it) client issues.
But, and that's quite a lot more than Mathias observed, we're missing
about 1/3 of all the S2S connections.
Best,
Peter
