On 30 okt. 2013, at 01:21, Mathieu Pasquet <mathi...@mathieui.net> wrote:
> Dropping SSLv2 is all good and I’m not even sure why SSLv2 was > supported initially (doesn’t xmpp appear after SSLv3 was standardized?), > but dropping SSLv3, while also a good idea, might cause issues with lots > of servers (not naming legacy ejabberd or openfire under old debian or > centos). Hopefully, we have some time to wake up some admins before the > dates set in the manifesto, but I hope the test days will help > troubleshooting the ones that don’t get the memo. That’s what xmpp.net is now for: helping us make these policy decisions. :) So far, two tests have shown a server supported SSLv3 but not TLS 1.0, both for c2s to palemoon.net: http://xmpp.net/result.php?id=324 http://xmpp.net/result.php?id=142 However, considering the cipher list did not finish I would assume the sever started IP banning xmpp.net, leading to inaccurate results. So from the directory list, even the servers running ejabberd 2.1.2 (released 3.5 years ago) and Openfire 3.64 (released 4.5 years ago) support TLS 1.0. How many clients don't support TLS 1.0 I do not (yet) have data of, though. Regards, Thijs
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: jdev-unsubscr...@jabber.org _______________________________________________
