Ingo is currently unable to access e-mail so he has asked me to resend these on his account:
-------- Original Message --------
Subject: RE: [jitsi-dev] "The State of TLS on XMPP" by Thijs Alkemade
Date: Fri, 4 Oct 2013 14:53:44 +0000
From: Ingo Bauersachs
- Yes, we do use the Java defaults - which explains the Linux/Windows differences
- I don't like the idea of having different sets of TLS settings for every protocol. Heck, even having a specific RFC for a/every protocol using SSL/TLS is ridiculous. This should be (and AFAIK is) part of a generic TLS RFC. So with all the respect to Peter, this RFC should IMO be withdrawn.
- The configurable options sound nice, but should be protocol independent (which gets difficult because jain-sip mingles with the defaults set to the JRE).
- Concerning the specific use of insecure ciphers on Linux, this should probably be brought to the attention of the JRE package maintainers as it affects all software using Java's TLS.
Mit freundlichen Grüssen
Maklerzentrum Schweiz AG
MSc FHNW in Computer Sciences
Informatik, System Integration
Falls Sie diese Nachricht irrtümlicherweise erhalten haben, bitten wir Sie, die absendende Person zu kontaktieren und diese Nachricht mit allen Anhängen von Ihrem System zu löschen.
From: firstname.lastname@example.org [mailto:email@example.com] On Behalf Of Andreas Kuckartz
Sent: Donnerstag, 5. September 2013 11:53
To: Jitsi Developers
Subject: [jitsi-dev] "The State of TLS on XMPP" by Thijs Alkemade
The recent three-part series "The State of TLS on XMPP" by Thijs Alkemade are interesting for some Jitsi developers:
Part 3 is evaluating XMPP clients (including Jitsi) but the other parts are also very relevant regarding security.