[jdev] [ANN] Bad XMPP - Connectivity test suite
Jonas Schäfer
jonas at wielicki.name
Sun Mar 29 11:15:09 UTC 2020
On Samstag, 28. März 2020 19:55:15 CEST Kim Alvefur wrote:
> Suggestions for additional tests are welcomed.
I have a few!
- Outright bogus DNSSEC
- Expired DNSSEC
- SRV record pointing at the root zone (`.`) mixed into other SRV records
- Only a single SRV record pointing at the root zone (`.`)
- Only DH suites with short (<1024 bits) DH parameters
- Only "export" ciphers
Not necessarily bad, but would be good as test cases either way:
- DNSSEC-signed SRV record pointing at a hostname different from the domain
name and the service only has a certificate for that hostname. This is valid
from my understanding, but probably without widespread support.
- No SRV record, only A/AAAA records.
Echo-ing what moparisthebest suggested in xsf@:´
- xmpps-server records where one of which points at an HTTPS port (with a
valid one pointing at XMPPS)
Thanks for this service!
kind regards,
Jonas
More information about the JDev
mailing list