>The Fediverse shouldn't just be about software, it should also be about reducing toxicity.
No, the Fediverse is about communication.

The "toxicity" discourse doesn't lead anywhere, and is entirely subjective. "Positive toxicity" is also "toxicity". I'm not interested in "safe spaces", but I'm also not interested in hateful discourse.

But, I guess these people don't really see the value in communication, which is what matters for human societies.

Just had someone try to "send" me Activities through a Mastodon account without my knowledge or consent.

To "collect" what is "sent", people mentioned would have to accept Mastodon activities. I did not do this, and never will.

I am not at all comfortable seeing my username on their list of recipients, it makes it look like I use Mastodon.

For the record: I don't use any fork of Mastodon. I never have and never will, ever.

Please don't have anything to do with this, "sending" activities like this is effectively just spamming instances and filling databases. I have reported it as spam.

This is not at all nice for those of us who want to stay as far away from Mastodon as possible.

#Mastodon #PSA #Fediverse #Spam

By the way, the root of the TLS 1.2 issue is that Erlang/OTP does not support X448 and X25519 curves for TLS 1.2. If you host an instance, please make sure you don’t restrict allowed ECDHE curves to only X448 and/or X25519, or Pleroma won’t be able to connect to you (unless they have the TLS 1.3 patch)! This will cause big federation issues for you!

If you run nginx, check for ssl_ecdh_curve in your configuration (https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ecdh_curve ), and make sure it allows/supports one of the following elliptic curves:

sect571r1, sect571k1,
secp521r1, brainpoolP512r1,
sect409k1, sect409r1,
brainpoolP384r1, secp384r1,
sect283k1, sect283r1,
brainpoolP256r1, secp256k1, secp256r1,
sect239k1,
sect233k1, sect233r1,
secp224k1, secp224r1,
sect193r1, sect193r2,
secp192k1, secp192r1,
sect163k1, sect163r1, sect163r2,
secp160k1, secp160r1, secp160r2

If you don’t have a ssl_ecdh_curve directive, that means OpenSSL defaults are used (so, it shouldn’t be a problem on most distributions). If you do, I’d recommend making sure you at least have one of those from the list enabled, like this:

ssl_ecdh_curve X25519:X448:sect571r1

If you’re picky on your curves, make sure to refer to https://safecurves.cr.yp.to/ as usual (but be picky only if you really know what you’re doing; seriously!!)

This elliptic curve setting might also be referred to as “supported groups” in your software, please check for that setting!