(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Disroot.org - xmpp servers, e-mail hosting provider, diaspora hub, pastebin provider, forum


  • Site: https://disroot.org
  • Register: Send request to administrator
  • Admin contact (e-mail): support@disroot.org
  • ECC s2s: Yes
  • RSA s2s: Yes
  • Sertificate: RSA 4096-bit
  • Hash authorization c2s: no (Note: admin Disroot disagree that the password is stored in plain text, password no stored in hash, but the password is transmitted in plain text and can be intercepted in the logs. XMPP password hashes do not transmitted plain text of passwords, for this reason "Hash authorization c2s: no" is indicated.)
  • Sofware: Prosody

Protest agains spam protection and secure S2S connections

Disroot admin claims that it respects the anti-spam manifest and the manifest to use secure internet connections, but refuses to sign both manifest.

 - "After smearing campaign, bullying and blackmailing into submission disroot.org does not want to have anything to do with this "manifest" nor it wants to be mentioned in it."  (muppeth) 
- "Do you consider the public coverage of your server’s security policy blackmail? The presence or absence of your server in the manifest does not entail any consequences.However, I think that users of other servers should know whether your server uses 100% valid certificates or not. This information is not only relevant to your server, but also to others servers.(Users of other servers connect to your server via s2s and their connections can use untrusted certificates)This is just a list of servers security policies. I think it is necessary to change the word manifest to another, because it scares some administrators." (E-404) 

Full Github discussion https://github.com/E-404/Manifestos/pull/5