Ukucinywa konxibelelwano lwe-TLS ngoguqulelo oluntsonkothileyo lweprotocol yemiyalezo ekhawulezileyo ye-XMPP (Jabber) (uhlaselo lwe-Man-in-the-Middle) ichongiwe kwiiseva zenkonzo ye-jabber.ru (aka xmpp.ru) kubanikezeli bokusingatha iHetzner kunye neLinode eJamani. .
Umhlaseli ukhuphe izatifikethi ezininzi ze-TLS usebenzisa i-Let Encrypt service, esetyenziselwe ukuthintela uqhagamshelo olufihliweyo lwe-STARTTLS kwi-port 5222 usebenzisa i-proxy ye-MiTM ecacileyo. Uhlaselo lwafunyanwa ngenxa yokuphelelwa kwesinye sezatifikethi ze-MiTM, ezingazange ziphinde zikhutshwe.
Akukho zimpawu zokuhlaselwa kwe-server okanye ukuhlaselwa kwe-spoofing kufunyenwe kwicandelo lothungelwano; endaweni yoko, ngokuchaseneyo: ukuhanjiswa kwetrafikhi kwalungiselelwa kwinethiwekhi yomnikezeli wokusingatha.
umthombo: linux.org.ru