Wednesday, July 13, 2016

vHost & CertFP Changes

This is a quick announcement that shouldn't really affect anyone in a negative way, except for the 3 users (including me) that use certificate fingerprints for NickServ authentication, as well as SASL EXTERNAL.


By default, when you register a nick on Techtronix you get a default vhost in the form of accountname.user. Due to the ever-changing list of ICANN accepted domain names (think .website, etc), I'm changing user vhosts to be in the form of user/accountname.


This is a bit of an oversight by me, but Techtronix has been using MD5 (I know, I know...) for client certificate fingerprints due to me not paying too much attention to the GnuTLS configuration on the network. I'll be moving to sha1, which is widely used on other networks as well. InspIRCd 2.2 (whenever that is released) will support sha256 and perhaps offer other options, but I'll cross that bridge whenever the network moves to 2.2.

Users who use /ns cert will have their certificate fingerprint list reset. Thankfully, the other 2 out of 3 users who have a certfp entry on the network are no longer active, which leaves just me.