Users of Gajim have probably noticed a few notifications about changed TLS certificates on our servers.

Due to our transition to Let's Encrypt, our certificates no longer change once every two years, but every two to three months. We thus no longer explicitly publish fingerprints on our homepage, since it is an additional burden and only Gajim users are affected by it. Gajim itself removes this check in the next version, since it not really gives any security benefit. Our domains are secured with DNSSec and DANE and the used certificate can easily be verified in a cryptographically secure manner e.g. using xmpp.net.