[tor-bugs] #17093 [Tor Sysadmin Team]: New VM for Jabber server
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Sep 16 11:57:29 UTC 2015
#17093: New VM for Jabber server
-----------------------------------+-----------------
Reporter: dgoulet | Owner:
Type: task | Status: new
Priority: normal | Milestone:
Component: Tor Sysadmin Team | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------------+-----------------
Comment (by ioerror):
Replying to [comment:2 nickm]:
> Replying to [comment:1 ioerror]:
> > I'd like to support this effort as well - most importantly, I'd like
to make sure that this jabber server supports forward secrecy for all TLS
connections, has a Tor Hidden Service and that it also works for making
voice/video calls with clients like Jitsi.
>
> +1. (Actually, could it be made to _only_ support TLS? Plaintext-over-
TCP is so very 1980s.)
>
Yes, I think so - this is actually a jabber best practice as of this year.
> Anyway, I'm in favor here. What resources would the VM require?
I think it depends on scale - I bet we can start with 1-2GB of RAM and
minimal disk for a minimal debian TPO install.
>
> And would this be on the same VM as the contemplated mumble server, or
is that something we would want to be doing on a separate VM?
I'd like to keep them separate. I suspect that the xmpp server software is
safer and I also think we should compartmentalize our communications
risks. Ideally the xmpp server doesn't ever relay unencrypted data while
the mumble server is only relaying (internally, still TLS encrypted to
clients) unencrypted audio.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17093#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list