[jitsi-users] Fix jit.si s2s TLS?


#1

Hi,

( I'm not sure what the right address is for contacting the
administrators of jit.si, so if this is the wrong forum, I apologize. )

I setup a jabber server yesterday and found that Jit.si makes
unencrypted TLS connections to other servers.

Could someone please fix this? It would be nice if it only allowed for
encrypted s2s xmpp connections - though at the very least, it should
always try to use TLS. If it fails, the server should alert the users
that they are not securely federated.

All the best,
Jacob


#2

Hey Jacob,

Hi,

( I'm not sure what the right address is for contacting the
administrators of jit.si, so if this is the wrong forum, I apologize. )

This is the right place as far as jit.si is concerned.

I setup a jabber server yesterday and found that Jit.si makes
unencrypted TLS connections to other servers.

Could someone please fix this? It would be nice if it only allowed for
encrypted s2s xmpp connections - though at the very least, it should
always try to use TLS. If it fails, the server should alert the users
that they are not securely federated.

We did have this allowed but apparently it was set to not accept self-signed certs by default. I don't quite understand the reason for such a default: if non-TLS connections are allowed I see no reason to refuse TLS ones because the cert is not perfect.

We've just changed this. Could you please check if it works now?

Cheers,
Emil

···

On 17.06.13, 15:40, Jacob Appelbaum wrote:

All the best,
Jacob

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

--
https://jitsi.org


#3

We did have this allowed but apparently it was set to not accept
self-signed certs by default. I don't quite understand the reason for
such a default: if non-TLS connections are allowed I see no reason to
refuse TLS ones because the cert is not perfect.

It might give a false sense of security. A self-signed cert is as good as no
cert (unless you check the hash).

Ingo


#4

I hate that attitude. It is why I have to click through a dozen times on all my firewalls and routers. Self signed certs have a place, and add security. The only difference is a certificate authority, which lately is no trust at all.

Any cert, including self signed, encrypts communication so it can not be easily sniffed.

I vote for a one time warning, and a setable default of accepting self signed certs.

      Lee

···

On 06/17/2013 03:39 PM, Ingo Bauersachs wrote:

We did have this allowed but apparently it was set to not accept
self-signed certs by default. I don't quite understand the reason for
such a default: if non-TLS connections are allowed I see no reason to
refuse TLS ones because the cert is not perfect.

It might give a false sense of security. A self-signed cert is as good as no
cert (unless you check the hash).


#5

We did have this allowed but apparently it was set to not accept
self-signed certs by default. I don't quite understand the reason for
such a default: if non-TLS connections are allowed I see no reason to
refuse TLS ones because the cert is not perfect.

It might give a false sense of security.

To whom? The client doesn't know anything about it.

A self-signed cert is as good as no
cert (unless you check the hash).

My point exactly. So given that no-certs are allowed by default, I don't see why self-signed certs are not.

Emil

···

On 17.06.13, 22:39, Ingo Bauersachs wrote:

Ingo

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

--
https://jitsi.org


#6

We did have this allowed but apparently it was set to not accept
self-signed certs by default. I don't quite understand the reason for
such a default: if non-TLS connections are allowed I see no reason to
refuse TLS ones because the cert is not perfect.

It might give a false sense of security.

To whom? The client doesn't know anything about it.

Your server's logs? A sending server that tries to be smart by detecting the
destination's policy?

A self-signed cert is as good as no
cert (unless you check the hash).

My point exactly. So given that no-certs are allowed by default, I don't
see why self-signed certs are not.

"It might give a false sense of security". Loophole. Forget it :slight_smile:

Ingo

···

On 17.06.13, 22:39, Ingo Bauersachs wrote: