XMPP server-to-server connection with ddg.gg is unencrypted

[Old Forum jonas] anonymous
Created: 4 years and 8 months ago
Hi everyone,

I recently added the im@ddg.gg bot to my XMPP roster. Checking back on the encryption status of the server-to-server (s2s) links in my XMPP server, I found out that ddg.gg does not use TLS encryption.

This seems to conflict with the privacy foucs that service has and should, in my opinion, be fixed soon.

regards,
jw

This forum has been archived

Thank you all for the many comments, questions and suggestions. Particular thanks go to user x.15a2 for constantly monitoring, replying and helping so many users here. To continue these discussions, please head over to the DuckDuckGo subreddit.


anonymous
 Good observation. Please, keep it up. Some times good things happen, because someone bother's to notice something, and does not like what they see. And does not keep it a secret!
posted by [Old Forum guest] • 4 years and 8 months ago Link
anonymous
Hi,
Just wanted to ask is there any progress on fixing above mentioned?
posted by [Old Forum guest] • 4 years and 8 months ago Link
zac
Still looking into this---thanks for the bump!


-Zac

DuckDuckGo
posted by zac Staff4 years and 8 months ago Link
anonymous
Ah thanks for looking into it. I only got a notification mail now (possibly because the other posts were guest posts?).

If you need any help debugging or just someone watching the encryption status, let me know.

regards,
jw
posted by [Old Forum guest] • 4 years and 8 months ago Link
anonymous
I just noticed this as well. This should indeed be fixed.

ddg.gg is using ejabberd if I am not mistaken. So just adding

{s2s_use_starttls, true}. 
{s2s_certfile, "/path/to/ssl.pem"}.

And a restart should do the trick.

posted by [Old Forum guest] • 4 years and 8 months ago Link
anonymous
Yesterday the rest of the world except Google's and DuckDuckGo's XMPP servers switched to mandatory encryption of c2s and s2s connections. Please update your server.

https://github.com/stpeter/manifesto/blob/master/manifesto.txt

http://wiki.xmpp.org/web/Securing_XMPP

Cheers.
posted by <hidden> • 3 years and 11 months ago Link
anonymous
I have created a new post : https://duck.co/forum/thread/5205/merge-....
posted by <hidden> • 4 years and 2 months ago Link