How to check if ejabberd is running in well-encrypted coding environment and how to check the encryption for xmpp? And in ejabberd 'General Features', I saw a message,
"Encryption in client connections
SASL authentication, STARTTLS encryption and old SSL"
But I have no idea what the "old SSL" is and if it has a security problem, like critical bugs or errors?
Re: to check ejabberd running in well-secured environment and to
How to check if ejabberd is running in well-encrypted coding environment and how to check the encryption for xmpp?
Login with a Jabber client that supports those features and it will not complain. Additionally, you can observe the network traffic using Ethereal, for example.
And in ejabberd 'General Features', I saw a message,
"Encryption in client connections
SASL authentication, STARTTLS encryption and old SSL"
But I have no idea what the "old SSL" is and if it has a security problem, like critical bugs or errors?
Probably not, but XMPP's TLS method supersedes the old SSL, and most clients already support both of them. Once all your users get XMPP clients (with TLS support) you can disable SSL and close port 5223 on the server.