Thiessen.IM

A certificate will be replaced this week since it has been expired.

This is a list of fingerprints in order to make sure you know it’s safe to accept the new one:

thiessen.im:
SHA1 Fingerprint=9F:57:4E:D7:14:74:8B:99:C7:57:5D:DD:DF:79:DE:34:27:FF:61:8A
MD5 Fingerprint=93:B2:7E:AB:C2:6D:05:F0:50:20:89:9C:7B:FD:97:4B

This post will be updated once the new certificate is in place. As always, please let us know if you encounter any kind of problems.

Recently Prosody gained the ability to store passwords in a hashed form.
With the upcoming upgrade next weekend this feature will be enabled.

It’s an important change as a possible attacker wouldn’t be able to look at users passwords anymore even if he gained access to the server.

This is possible due to a new authentication mechanism called SCRAM. For the best possible security use a client that supports SCRAM (such support is already being added to most of the popular clients). In the meantime Prosody will allow clients to use the standard PLAIN mechanism, and perform the SCRAM calculations on the server side.

The code has been contributed by jefferai, thanks!

Update: Done

A couple of certificates will be replaced today since they have been expired.

This is a list of fingerprints in order to make sure you know it’s safe to accept the new ones:

thiessen.it and im.thiessen.it:
SHA1 Fingerprint=B6:61:1A:41:6E:94:1F:11:C1:CD:53:EE:66:BB:DF:36:B9:1E:BA:01
MD5 Fingerprint=35:D0:93:20:86:89:A5:4D:FE:5F:F6:E8:7F:3F:80:B0

jabber.thiessen.it:
SHA1 Fingerprint=5D:72:1C:D2:15:5A:64:5C:73:9A:68:6A:04:4C:A0:3E:B3:BD:29:D0
MD5 Fingerprint=28:81:BD:CB:0E:68:08:1F:E9:B5:6B:1F:C2:A7:47:CB

thiessen.org:
SHA1 Fingerprint=0F:C4:17:FE:1D:CB:46:0E:39:A8:BF:69:F3:87:8D:57:4E:B8:42:EC
MD5 Fingerprint=8C:FA:B4:E8:2B:41:02:0C:61:2E:83:47:7B:7F:6A:CB

This post will be updated once the new certificates are in place. As always, please let us know if you encounter any kind of problems.

Update: The new certificates have been applied.

The host this service is running on hasn’t been reachable since around 4pm today. The hoster has been informed and we hope it will be available again soon. Thanks again for your patience.

Update: The machine is back up. The service wasn’t reachable for around two hours. According to our hoster it was caused by a power outage.

For some time now Spectrum made itself a name for being a fast and reliable transport between XMPP and “legacy networks”. After moving from ejabberd to Prosody XMPP-wise, switching away from the python based transport has been a task on our to-do list for far too long.

The most visible differences for end-users will be another domain being used and more choice in regard to supported protocols. Namely aim gg icq irc msn qq simple xmpp and yahoo. The current transports located at “im.thiessen.it” will be available under “thiessen.im” along with the new ones in the future. The necessary changes in your roster are being done automatically and should not result in more than a short disconnect.

Update: The migration has been completed successfully. In some cases users may ended up with the wrong encoding for their country. If you should experience problems please contact us in support@conference.thiessen.im (webchat).

Update 2: We currently experience a problem where the transport suddenly stops reacting. Spectrum’s development team has been informed and we expect a fix by the end of the week. If you notice connection problems, please use the chatroom mentioned above to let us know.

Last night we experienced an unexpected crash of Prosody. The service wasn’t available for about two hours from 3am. Unfortunately the Prosody team couldn’t find the cause yet which is why we are going to restart the deamon in debug mode tonight. That will hopefully give us more information in case it happens again. The expected downtime is less than a minute.

Update: The issue has been identified and a fix is being worked on.

Prosody turned 1 today. Congratulations to the development team and everyone involved making Prosody the favorite XMPP Server for many people.

On Nov. 25th the 0.6 branch was released and brought a bunch of interesting new features
such as multi-session support in MUC, stream compression, encryption for server-to-server connections and per-host SSL/TLS certificates.
About a week later the 0.7 release seems to be just around the corner. Next to several bug-fixes it will add support for libevent, XEP-0065 (known as proxy65) and SASL SCRAM.

The Prosody team summarized the project’s history and published some graphs showing commit activity, lines of code and so on. Keep up the good work.

The provider hosting our machines recently informed us about planned maintenance work. We expect they won’t be reachable a couple of times during late night hours CET (UTC +1).

Tonight this will affect de2.xmpp.thiessen.org which is currently hosting:

• thiessen.im and its conference
• thiessen.org
• conference.spectrum.im

On sunday, november 1st de1.xmpp.thiessen.org will be affected which is currently hosting:

• thiessen.it and its subdomains jabber.thiessen.it and im.thiessen.it
• icq.im.thiessen.it
• msn.im.thiessen.it

We are sorry for the inconvinience.

Today we enabled a module (mod_privacy) which implements XEP-0016 in Prosody.

This specification defines an XMPP protocol extension for enabling or disabling communication with other entities on a network. The protocol, which was first standardized in Section 10 of RFC 3921, can be used to block communication with unknown or undesirable entities. Blocking can be based on Jabber Identifier, subscription state, or roster group. The blocked stanzas can be messages, IQs, inbound or outbound presence stanzas, or all stanzas. The protocol also enables an entity to create, modify, or delete its privacy lists, apply different lists to different connected resources, define a default list, and decline the use of any privacy list during a particular communications session.

We thank Thilo Cestonaro for his work, he is currently working on mod_proxy65 (implementing XEP-0065, supposed to ease filetransfers), which is likely to be followed by a logging plugin. It will enable MUC owners to enable logging for their room.

But not only are there more and more plugins contributed by the growing Prosody community, Prosody itself is close to a release candidate of version 0.6.
As always it will include a lot of bug fixes as well as major new features, this time including S2S TLS support.

Not long ago we announced thiessen.org requiring C2S encryption.
We consider enabling the option for the thiessen.it domains as well and would like your opinion.

 Loading ...

Update: Sometime next week we will enable the option and update this post accordingly. done
Thanks for voting!