Remember the threads¹² about #LetsEncrypt removing a crucial key usage from certificates issued by them in predictive obedience to their premium sponsor Google?

We were at first concerned about #SMTP. While I had lived through this problem with #StartSSL by #StartCom back in 2011, I only had a vague recollection of Jabber but recalled in detail that it broke server-to-server SMTP verification (whether the receiving server acted on it or just documented it).

Well, turns out someone now reported that it indeed breaks #XMPP entirely: community.letsencrypt.org/t/do…

This means that it will soon no longer be possible at all to operate Jabber (XMPP) servers because the servers use the operating system’s CA certificate bundle for verification, which generally follows the major browsers’ root stores, which has requirements from the CA/Browser forum who apparently don’t care about anything else than the webbrowser, and so no CA whose root certificate is in that store will be allowed to issue certificates suitable for Jabber/XMPP server-to-server communication while these CAs are the only ones trusted by those servers.

So, yes, Google’s requirement change is after all breaking Jabber entirely. Ein Schelm, wer Böses dabei denkt.

Update: it also breaks the connections between domain registrars and registries, with most being unaware that there even is a problem at this time, let alone the crazily short timeframe. See the thread linked to in a self-reply, which also confirms that the CA/Browser forum is supporting Google in this (possibly by means of Google paying, my interpretation).

While nerdcert.eu/ by @jwildeboer would in theory help, it’s not existent yet, and there’s not just the question of when it will be included in operating systems’ root CA stores but whether it will be included in them at all.

Google’s policy has no listed contact point, and the CA/B forum isn’t something mere mortals can complain to, so I’d appreciate if someone who can, and who has significant skills to argument this in English and is willing to, to bring it to them.

① mine: toot.mirbsd.org/@mirabilos/sta…
② jwildeboer’s: social.wildeboer.net/@jwildebo…

Do *NOT* remove TLS Client Auth EKU!

I was also bit by this. I switched to tlsserver profile, and when my XMPP certificate got renewed today, it failed to make any S2S connections :(. I'd to revert to classic profile. Could we please keep TLS client auth EKU ? Thanks!

^{Let's Encrypt Community Support}

mirabilos

2025-05-15 00:09:50

What the actual fuck, #LetsEncrypt‽

Let’s Encrypt will no longer include the “TLS Client Authentication” Extended Key Usage (EKU) in our certificates beginning in 2026.

That makes them unusable for SMTP servers. Gah!

Anyone got a usable alternative that doesn’t ruin financially?

Update: I’m in communication with them, let’s hope they recognise the usefulness.

Update 2: turns out it’s Google forcing this down the throat of all CAs that want to be recognised by Chrome as valid. I’m sure Google only accidentally decided on a new policy that breaks some SMTP and probably all XMPP use cases… 🤬

We don’t want to spam you with posts, but the house is burning! Help us to put it out.
The world needs fair and sovereign digital and technical solutions. Here we are and we want to create one.
Please support us on this path and benefit directly through free monocles accounts. Become one of thousands of monocles users and get your privacy back.

startnext.com/en/monocles

#monocles #privacy #sovereign #xmpp #it #ethics #cloud #email #eu

monocles - Privacy is not a feature. It is a right.

Secure communication, fair cloud, ethical hardware - monocles offers a digital solution without tracking, without surveillance, without compromise.

^{startnext.com}

That's a very illuminative post!

In other words, please CMIIW:

#XMPP is an open protocol standard with various independent implementations in many programming languages for most operating systems. Almost not two #Jabber clients use the same library.

Delta Chat, OTOH, is a single vendor software framework based on various open standards. My guess: Independent implementations are possible, but maybe not encouraged, because they would sooner or later diverge too much from the original?

And here is the typical #Jabber situation: There are at least TWO #Rust #XMPP libraries! 😞

#XMPPrs: xmpp.rs/ (#MPL)

#luz: bunny.garden/luz/ (#AGPL)

Maybe more.

None of them in #Debian yet, i.e. I see a lot of work ahead 😞

For #Conversations_im I literally developed the UI first. I had a somewhat working UI before I was able to put a single #XMPP message on the wire.

A shared library between different platforms is a good thing. People are trying to do this in XMPP (Snikket SDK, Macaw, Prose) and if I were to start something new for Conversations I'd use something like Kotlin Multiplatform too.

However there is also value in diversity of implementations and the good ideas will prevail concept of XMPP.

Comparing #XMPP against #email protocols is too limited. What sets #deltachat apart is *vertical integration* and being driven by UI/UX considerations. Cross-platform Apps and Bots use the Rust core library which connects with #chatmail relays and classic email servers based on a higher level API -- abstracting over SMTP, MIME, #OpenPGP etc. See chatmail.at

#webxdc apps in turn use an even higher level stable API abstracting over email/xmpp/... see webxdc.org/docs/

Chatmail

Chatmail provides FOSS infrastructure for interoperable, secure, speedy and reliable end-to-end encrypted messaging. Check out clients as Arcane Chat, Bots or Delta Chat today!

^chatmail.at

#XMPP Events

#Berlin XMPP #Sprint: Devs from #DE, #FR & #UK featuring #Conversations, @dino, @ejabberd @kaidan #LiveDashboard, #Macaw, @Monal, #Renga and @prose
Sponsors: #XSF, Ammonit Measurement GmbH & @wikimediaDE

#chat #standards #interoperability #jabber #federation #decentralisation

I'm on my way back from the Berlin XMPP Sprint and had a fantastic time. Thank you so much @debacle for organizing it, and thank you to everyone who participated. It was especially cool to see some new faces; it's pretty amazing that the #XMPP developer community is still able to attract new talent.

I made good progress on finally being able to show full-size avatars (profile pictures) in #Conversations_im. Stay tuned to learn more about that towards the end of this week.

Our monocles crowdfunding is ongoing and we're so grateful for the support so far! Thank you!

monocles empowers you with open-source, community-driven messaging via XMPP, a privacy friendly email service, a cloud and more – for a transparent alternative for your digital life.

Help us create this real ethical digital solution, by the people, for the people. Every contribution makes a huge difference!

Be part of the journey & donate today ✊️: startnext.com/en/monocles

#xmpp #monocles #security

monocles - Privacy is not a feature. It is a right.

Secure communication, fair cloud, ethical hardware - monocles offers a digital solution without tracking, without surveillance, without compromise.

^{startnext.com}

#XMPP Community

The next XMPP #Sprint in #Berlin starts tomorrow! 23rd - 25th May 2025 - it is open to all interested.

More details: wiki.xmpp.org/web/Sprints/2025…

#jabber #chat #interoperability #rtc
#opensource #decentralization #standard

There is a job in #Berlin, related to #renewableEnergy, #embeddedSystems, #Debian, #freeSoftware, #C, #Python, #Django, #JavaScript, and even #XMPP.

ammonit.com/about-us/career/

Disclaimer: It's my company/employer.

EDIT: It's not necessary to tick ALL the boxes. There is always time to learn.

EDIT²: Due to a change of the website, the offer is gone atm.

EDIT³: Website is fixed!

#Ammonit #greenJobs #fediJobs #fediHire #windEnergy #solarEnergy

🎉 Exciting news! Converse 11.0.0 is finally here 🚀

This is a major update which brings many new features and enhancements to make XMPP webchat better and more powerful than ever.

Check the release notes here: github.com/conversejs/converse…

Try out Converse 11 at chat.conversejs.org or download the desktop app from github.com/conversejs/converse…

#Converse #XMPP #WebChat #OpenSource

Release 11.0.0 (2025-05-21) · conversejs/converse-desktop

11.0.0 Update to Converse 11.0.0 Update to Electron 36.2.1 Update other dependencies as well

^GitHub

Monal 6.4.11 (Build 1040, PR #1416) released.

To see the complete list of bugfixes and improvements, check our releases page: github.com/monal-im/Monal/rele…

#Monal #ios #macos #xmpp #im #chat #messaging

Release Monal 6.4.11 (Build 1040, PR #1416) · monal-im/Monal

Properly open links in external browser, if configured to do so Fix accidental reordering of chats when opening a chat Fixed display of back button in omemo keys view Fixed display of back button i...

^GitHub

Youhou, la version 2.2.0 de Gajim vient de sortir !

Il y a maintenant :

- La rétractation de messages
- La gestion des images de profil pour les groupes de discussions
- La possibilité de bloquer des personnes dans les discussions de groupes et de synchroniser cette liste de blocage entre tous vos appareils qui ont Gajim

#XMPP

@rl_dane @ShinjiLE if you or someone else wants to help argue, the thread is at community.letsencrypt.org/t/do… (Discourse, so JS webbrowser), I’m exhausted.

#LetsEncrypt #SSL #TLS #certificates #X509 #X509v3 #sendmail #SMTP #XMPP #Jabber

Do *NOT* remove TLS Client Auth EKU!

Re. Ending TLS Client Authentication Certificate Support in 2026 Do not remove that! It is required for SMTP (the sending MTA must have that in its certificate for the receiving MTA to consider it a both-sides-authenticated connection).

^{Let's Encrypt Community Support}

Gajim 2.2.0 has been released 🥳

This release brings three new features:
message retraction ↩️ , blocking participants in group chats 🛡️, and updated support for modern group chat avatars 🖼️.

Thank you for all your contributions! ❤️

Support Gajim's development: liberapay.com/Gajim

#gajim #xmpp #chat

gajim.org/post/2025-05-15-gaji…

Gajim's profile - Liberapay

Gajim is a fully-featured XMPP client.

^Liberapay

A friend invited me to an #XMPP MUC (group chat) but instead of popping a confirmation to accept and join I just got auto-added to it.

Now I need to find which client did this - either Gajim or Monocles. ​

📢 Big news for Yunohost users!

Prosody is now packaged for Yunohost, replacing Metronome.

Prosody is a lightweight and easy-to-use XMPP (Jabber) server.

With Prosody, you can easily host your own instant messaging service, giving you full control over your data and privacy.

Thanks a lot to every contributors!

#Yunohost #Prosody #XMPP #Jabber #OpenSource #SelfHosting

apps.yunohost.org/app/prosody

#XMPP Community

XMPP #Sprint in #Berlin on 23rd - 25th May 2025! It is open to all interested.

More details: wiki.xmpp.org/web/Sprints/2025…

#jabber #chat #interoperability #rtc
#opensource #decentralization #standard

The #XMPP Newsletter for April 2025 is out!

Read about the latest XMPP universe updates and the latest updates on our #standards!

xmpp.org/2025/05/the-xmpp-news…

Enjoy reading! 📰 ☕

#jabber #chat #interoperability #rtc
#opensource #decentralization

Did you know that movim was the first XMPP client to support Stories? ✨

From all your devices you can share your everyday moments with your contacts through photos that disappear after 24 hours. 😊

Everything is stored on your own XMPP account and the feature has been standardized as a protocol extension: xmpp.org/extensions/xep-0501.h… 🔒

It looks like a few other XMPP clients are looking to integrate it in the future 👀

#xmpp #stories #features #movim @joinjabber @xmpp

One thing that could help: #XMPP client devs using slidcord so they can improve the features discord users enjoy.

OK this was a shameless plug and is definitely not the most important thing. 😏

codeberg.org/slidge/slidcord/

slidcord

A feature-rich Discord to XMPP gateway

^Codeberg.org

What would it take for XMPP to be the next discord?

#discord #xmpp #jabber

Vabljeni na c| srečanje №25: Mostovanje

Dobimo se v _četrtek_, 15.5., ob 17.00 v @muzej|u

Tokratno srečanje bomo posvetili konsolidaciji komunikacije znotraj skupnosti:

• premostili različne klepetalnice(#IRC, #XMPP, #Matrix, itd.)
• vzpostavili sistem za opravila, naloge in urejanje kode
• začeli novo spletno stran
• planet, letaki, forum, grafična podoba, idr.

Vabljeni vsi, ki bi radi sodelovali pri temu!

dogodki.kompot.si/events/bd84c…
👆 več info & pofočkaj se

#Kiberpipa #Cyberpipe #skupnost

I knew @MapComplete could add ratings to Mangrove Reviews...but YIL it can add reviews too! (The OSM POI search on Mangrove Reviews' own site is mysteriously broken.)

In future mapping parties we're _so_ going to be using this to add reviews of the places we eat at! Heck, I've already asked participants of the last two parties to add them 🙂

This information brought to you courtesy of the #OpenStreetMap #XMPP channel - join today 😉
xmpp.link/#openstreetmap@confe…

Hab gerade ein Problem das sich #Conversations nicht mit meinem Server verbinden will...

#blabberIM auf demselben Gerät tuts aber... 🥴

Ich weiß das ich noch Probleme mit dem Zertifikat am Server habe, aber dennoch würde ich bis ich das gefixt habe kommunizieren können...

Bis vor kurzem hat es auch noch funktioniert 😵‍💫

Hat ein Update da irgendwas geändert oder wie kann ich mein Problem lösen?

#XMPP
@daniel @blabber

Tout ce que vous ratez les gens qui sont pas sur XMPP. Comment vos vies doivent être fades.

#XMPP

So installed prosody on my small personal instance and finally run my own #XMPP server. This was surprisingly simple and seems pretty lightweight . Well I don’t know if I did it right 😅 but it seems to work.

You can reach me on XMPP with santiago@lema.@org just like my email.

The next #XMPP Developer Sprint is coming up.

📍 Wikimedia Offices, Berlin, Germany

📆 Friday, May 23rd - Sunday, May 25th 2025

❓ Sprints (aka Hackathons) are a great opportunity for interoperability testing, planning new features, meeting other XMPP developers and generally having a good time.

BYOP (Bring your own Project)

🌐 wiki.xmpp.org/web/Sprints

Boom, Movim 0.30.1 is out! ✨

In this new release you'll find a new avatar and banner configuration panel, animated GIF support in the picture proxy and some more improvements in the internal color palette management 🎨

Movim is also now supports the XEP-0392: Consistent Color Generation that allows you to have the same default color for your contacts between all the XMPP clients ☺️!

And as always bug fixes and improvements 😌

The complete release note on our blog: mov.im/community/pubsub.movim.…

#xmpp #release #movim

Conversations 2.18.2 is available on Google Play and has client side mitigations for a server side security issue that was recently discovered and fixed in #ejabberd¹ and #OpenFire²

Go update your server. But just in case that takes a minute Conversations has your back too!

This release also fixes an issue with restoring (importing) backups on recent Android versions.

¹: process-one.net/blog/ejabberd-…
²: github.com/igniterealtime/Open…

#XMPP #Conversations_im

ejabberd 25.04

Just a few weeks after previous release, ejabberd 25.04 is published with an important security fix, several bug fixes and a new API command.

^{Jérôme Sautret (ProcessOne)}

After the Code of Conduct and the Mediation process, the Core Governance document is now ready for wider feedback.

This document describes what JoinJabber does and what we aim to achieve. It also describes what our values are and a way to make proposals to the entire community.

Feel free to share and read/respond to the document.
codeberg.org/joinjabber/collec…

#xmpp #permacomputing #consent #jabber

collective/Governance/Governance.md at governance

collective - Resources and meta issue tracker

^Codeberg.org

Finally have my Prosody server all compliant!

I had an epiphany last night about something in the nginx config and after sorting that, all the optional XEP listed also pass!

Now to convince wife and kids to use it for our group chat... they really don't want to install any more apps, because I'm "being difficult" because they already use whatsapp 😑

The main reason I'm impressed with it over matrix, is reliable notifications. It just works. So far, anyway.

Thank you to the people that replied to my post last week suggesting I try xmpp after the matrix server we used shut down. I had written it off as an old platform for nerds, but it's... actually really good ❤️

#prosody #xmpp #chat #nginx #matrix