On 31 August 2014 22:28, Evgeny Khramtsov <xramt...@gmail.com> wrote:
> Sun, 31 Aug 2014 22:35:07 +0200 > Jonas Wielicki <xmpp-operat...@sotecware.net> wrote: > > > > I left the c2s-encryption-required switch in place (there would have been > > out-of-band measures to reach me if that had been a problem) > > A year ago I did some experiment on a medium size server (150,000 users > online in peak). I modified ejabberd so it added starttls <required/> > tag without actually requiring it, i.e. ignoring this tag by a client > was OK. The results were bad: about 20% of clients were ignoring it. > Mostly some versions of QIP (which is the most popular XMPP client in > Russia). > That's interesting - that's people simply ignoring <starttls/> entirely, I'd assume. Do you have the actual figures to hand? That'd be interested data to include. It's interesting for two reasons, actually - firstly, it's interesting to show that some 20% of clients in some areas don't support TLS at all, and secondly it's interesting to show that people in the community do this kind of research. Incidentally, I'm gathering the names of people who're helping me, here, and will, of course, have a "credits" slide for those helping write the presentation. The presentation will be online, eventually, but I hate putting slides etc up before I've done the talk. Dave.
