hi Thijs,
Thijs Alkemade wrote:
>
> On 26 jul. 2014, at 05:18, shm...@riseup.net wrote:
>> i dont know what's up with the s2s though
>>
>>
>
> It’s still unimplemented because I didn’t have any server to test against
> when I set it up.
i tried mqas.net again s2s but froze again completing only the cert score
>
> �There’s also the minor issue that I’m not sure exactly how to grade ECDSA
> keys, but I think giving them all 100 points makes sense (equivalent to 4096
> bit RSA).
>
> Your TLSA records are for your domain, not for your SRV target. That doesn’t
> match draft-ietf-dane-srv.
much thanks - the RRs were ammended
>
> Thijs
>
still testing s2s with problems & some debug output received is as
follows - if you think any more could be useful let me know for reply
socket debug ssl handshake error: unknown protocol
socket debug closing client with id: da9860 unknown protocol
s2sindc5010 debug s2s disconnected: observatory.xmpp.net->mqas.net
(unknown protocol)
s2sindc5010 debug Destroying incoming session
observatory.xmpp.net->mqas.net: unknown protocol
socket debug handshake failed because: unknown protocol
s2sindcee30 debug certificate chain validation result: invalid
s2sindcee30 debug certificate error(s) at depth 0: self signed
certificate
mod_s2s warn Forbidding insecure connection to/from observatory.xmpp.net
s2sindcee30 info incoming s2s stream observatory.xmpp.net->mqas.net
closed: Your server's certificate
is invalid, expired, or not trusted by mqas.net
s2sindcee30 debug Destroying incoming session
observatory.xmpp.net->mqas.net:
Your server's certificate is invalid, expired, or not trusted by mqas.net
socket debug try to close client connection with
id: dcf7b0
socket debug closing delayed until writebuffer is emptysocket
debug closing client after
writing socket debug closing client with id: dcf7b0
