Cert pinning

Richard Laager rlaager at wiktel.com
Thu Mar 28 22:37:48 UTC 2019


On 3/28/19 5:29 PM, Gary E. Miller via devel wrote:
> Tell that to the pidgin folks.
I haven't been active in a while, but I'm a Pidgin developer.

> I've seen it for years on many
> workstations.  If there is a setting for it, I can't find it...

I have my Gmail XMPP account setup this way:

Basic tab:
  Protocol: XMPP
  Username: rlaager
  Domain: gmail.com
Advanced tab:
  Connection security: Require encryption
  [ ] Allow plaintext auth over unencrypted streams
   ^ That is UNchecked.
  Connect port: 5222
  Connect server: (blank)

>> Is this for XMPP?
> 
> Yup.  XMPP to talk.google.com

My guess is that you have a "Connect server" of talk.google.com
specified. It's been a long time, but perhaps that was previously a
default or previously recommended or previously required. But if the SRV
records are setup correctly on the domain (for me, gmail.com), it should
not be necessary to specify the "Connect server".

-- 
Richard

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190328/30ebde74/attachment-0001.bin>


More information about the devel mailing list