20
edits
(6 intermediate revisions by the same user not shown) | |||
Line 13: | Line 13: | ||
=== 2010 Interop CA === | === 2010 Interop CA === | ||
The CA certificate (DER-encoded) and CRL are available from http://ca.xmpptest.com/ | The CA certificate (DER-encoded) and CRL are available from http://ca.xmpptest.com/ | ||
To install the CA certificate, copy it to /etc/ssl/certs/ and create a symlink called $HASH.0 like this: | |||
* cp ca_certificate.pem /etc/ssl/certs/xmpptest_CA.pem | |||
* openssl x509 -hash -in ca_certificate.pem | |||
* ln -s /etc/ssl/certs/xmpptest_CA.pem /etc/ssl/certs/fd0022dd.0 | |||
===== How to obtain a signed certificate ===== | ===== How to obtain a signed certificate ===== | ||
Line 50: | Line 55: | ||
** Nicolas Vérité [mailto:nverite@process-one.net Mail] = [xmpp:nverite@process-one.net IM] | ** Nicolas Vérité [mailto:nverite@process-one.net Mail] = [xmpp:nverite@process-one.net IM] | ||
* Servers | * Servers | ||
** '''ejabberd21.xmpptest.com''': ejabberd 2.1.x + EJAB-495; dev2.process-one.net ; ports 5222 (c2s) 5269 (s2s) 5280 (BOSH); IBR with CAPTCHA | ** '''ejabberd21.xmpptest.com''': ejabberd 2.1.x + EJAB-495 + EJAB-464; dev2.process-one.net ; ports 5222 (c2s) 5269 (s2s) 5280 (BOSH); IBR with CAPTCHA | ||
** ejabberd master; just planned | ** ejabberd master; just planned | ||
Line 156: | Line 161: | ||
** mlinkrelease Not participating | ** mlinkrelease Not participating | ||
** tigasetrunk Not participating - doesn't support TLS on s2s. | ** tigasetrunk Not participating - doesn't support TLS on s2s. | ||
** ejabberd21. | ** ejabberd21. Works against: mlinkrelease, mlinktrunk, prosody8, revokedcert (oooh). Fails against: psyced-db (Server down), psyced-sasl (Server down), psyced-dwd (Server down), expiredcert (Expected), mismatchcert (Expected), selfcert (Expected), tigasetrunk (Expected). | ||
** prosody8 | ** prosody8 | ||
** psyced-db Not participating | ** psyced-db Not participating | ||
** psyced-dwd Not participating | ** psyced-dwd Not participating | ||
** psyced-sasl | ** psyced-sasl Works against: mlinkrelease, mlinktrunk, prosody8, ejabberd21. Fails against: expiredcert (Expected), revokedcert (Expected), mismatchcert (Expected), selfcert (Expected), tigasetrunk (Expected) | ||
=== Client Tests === | === Client Tests === | ||
Line 169: | Line 174: | ||
=== Client Results === | === Client Results === | ||
* Test 1 | * Test 1 | ||
** Swift: Works against mlinktrunk, mlinkrelease, ejabberd21, prosody8. | ** Swift: Works against mlinktrunk, mlinkrelease, ejabberd21, prosody8. '''Failed''': tigasetrunk (Swift refuses the certificate (chain)) | ||
* Test 2 | * Test 2 | ||
** Swift: '''Failed''' (notls.xmpptest.com still offers SCRAM-SHA-1) | |||
* Test 3 | * Test 3 | ||
Line 176: | Line 182: | ||
* Gajim and OneTeam worked well with voice over Jingle, with acceptable sound quality | * Gajim and OneTeam worked well with voice over Jingle, with acceptable sound quality | ||
* The N900 client and OneTeam worked well with voice over Jingle, when the phone was on wifi, did not work the phone was on 3G | * The N900 client and OneTeam worked well with voice over Jingle, when the phone was on wifi, did not work the phone was on 3G | ||
* Modern versions of telepathy-gabble happily interoperate with M-Link Trunk's implementation of [http://mail.jabber.org/pipermail/summit/2010-February/000528.html google:queue]. Sadly, the version on the N900 does not detect M-Link's support for google:queue (because it only checks for the google:roster stream feature. Google doesn't actually advertise google:queue). |
edits