Getting Strict

When Chinwag first went live, we made the decision to be as current with our use of standard XMPP features as possible. We still do this. Your experience when using a Chinwag account for communication should give you the best experience possible with whatever client software you chose. However, we also recognised that not the whole federated network of servers out there in the world was totally up to date in the same way and there’s not a lot we could do about that.

So, with that situation in mind, we made the decision to be highly liberal about what we’d accept from a peer, while preferring best practices ourselves. The main peer we had in mind when setting this policy back then was Google Talk, which did not mandate encryption for server-to-server communications while the rest of the world had gone down that path. We figured at the time that cutting off Google and any other server was not a good idea, especially as there was no reliable mechanism to communicate to the end user that this was happening.

Of course, Google have since cut themselves off, and the proliferation of poorly-maintained and implemented servers out there are proving a fantastic environment for abuse and spam. Our configuration is being revisited as a result.

From this week, we will be getting very strict about the standards of services we federate with. Invalid or expired certificates will no longer be accepted and support for some older encryption standards will be dropped. This will cause some contacts you may have to become unreachable. Please let us know if this happens. We’ll try to contact other server admins where possible and see if we can resolve issues.

 

Leave a Reply

Your email address will not be published. Required fields are marked *