Secure Communications Week

From XMPP WIKI
Jump to navigation Jump to search

Security matters! But it doesn't happen unless we make it happen. Some large Jabber services on the Internet are working to require encrypted communications in time for the 10th anniversary of Jabber technologies on January 4, 1999. In preparation, we're planning to hold a Secure Communications Week, October 4 - October 11, 2008. Read on for details.

Help, I Can't Log In!!!

For real-time help, visit the webchat interface to the jabber@conference.jabber.org chat room.

Or post to the JUser discussion list via email or web forum.

Which IM Services are Participating?

  • jabber.org
  • darkskies.za.net
  • bergnetworks.com
  • im.flosoft.biz
  • jabber.fr and im.apinc.org

How Can End Users Prepare?

Upgrade your client to the most recent version. In general, the most recent versions of all major Jabber clients support encryption. That includes:

How Can Services Prepare?

Simply require SSL or TLS connections for client-to-server connections and install a digital security certificate. You can obtain a FREE domain certificate from the XMPP Intermediate Certificate Authority.

Step by Step guides for Jabber Servers:

How Can Client Developers Prepare?

Build support for TLS (SSL) and SASL into your client as defined in RFC 3920 and rfc3920bis. Support for certificates issued by the XMPP Intermediate Certificate Authority is also very helpful, because many Jabber services on the Internet use the free certificates issued by the XMPP ICA.