Difference between revisions of "Secure Communications Week"

From XMPP WIKI
Jump to navigation Jump to search
m
 
(12 intermediate revisions by 3 users not shown)
Line 1: Line 1:
Security matters! But it doesn't happen unless we make it happen. Some large Jabber services on the Internet are working to require encrypted communications in time for the 10th anniversary of Jabber technologies on January 4, 1999. In preparation, we're planning to hold a Secure Communications Week, October 4 - October 11, 2008. Read on for details.
Security matters! But it doesn't happen unless we make it happen. Some large Jabber services on the Internet are working to require encrypted communications in time for the 10th anniversary of Jabber technologies on January 4, 1999. In preparation, we're planning to hold a Secure Communications Week, October 4 - October 11, 2008. Read on for details.
== Help, I Can't Log In!!! ==
For real-time help, visit the [http://speeqe.com/room/jabber@conference.jabber.org/ webchat interface] to the [xmpp:jabber@conference.jabber.org?join jabber@conference.jabber.org] chat room.
Or post to the [http://mail.jabber.org/mailman/listinfo/juser JUser discussion list] via email or [http://jabberforum.org/forumdisplay.php?f=21 web forum].


== Which IM Services are Participating? ==
== Which IM Services are Participating? ==
* jabber.org
* jabber.org
* darkskies.za.net
* bergnetworks.com
* im.flosoft.biz
* jabber.fr and im.apinc.org


== How Can End Users Prepare? ==
== How Can End Users Prepare? ==
Upgrade your client to the most recent version. In general, the most recent versions of all major Jabber clients support encryption. That includes:
Upgrade your client to the most recent version. In general, the most recent versions of all major Jabber clients support encryption. That includes:
 
* [http://www.adium.im/ Adium] 1.2.7
* [http://www.adiumx.com/ Adium] 1.2.7
* [http://coccinella.im/ Coccinella] 0.96.8
* [http://code.google.com/p/exodus/ Exodus] 0.10
* [http://code.google.com/p/exodus/ Exodus] 0.10
* Gaim is now [http://www.pidgin.im/ Pidgin] -- time to upgrade!
* [http://www.gajim.org/ Gajim] 0.11 (and [http://trac.gajim.org/wiki?lang=en 0.12 alpha])
* [http://www.gajim.org/] 0.12
* [http://kopete.kde.org/ Kopete] 0.50
* [http://kopete.kde.org/] 0.50
* [http://www.miranda-im.org/ Miranda] 0.7.8
* [http://www.miranda-im.org/ Miranda] 0.7.8
* [http://www.pandion.be/] 2.5
* [http://pandion.im/ Pandion] 2.5
* [http://www.pidgin.im/ Pidgin] 2.4.3
* [http://www.pidgin.im/ Pidgin] 2.4.3 (in the past:Gaim)
* [http://psi-im.org/ Psi] 0.11 and 0.12
* [http://psi-im.org/ Psi] 0.11 and 0.12
* [http://www.ceruleanstudios.com/] Trillian 3.1.10
* [http://www.trillian.im/ Trillian] Trillian 3.1.10


== How Can Services Prepare? ==
== How Can Services Prepare? ==
Simply require SSL or TLS connections for client-to-server connections and install a digital security certificate. You can obtain a FREE domain certificate from the [http://xmpp.net/ XMPP Intermediate Certificate Authority].


Simply require SSL or TLS connections for client-to-server connections and install a digital security certificate. You can obtain a FREE domain certificate from the [https://www.xmpp.net/ XMPP Intermediate Certificate Authority].
Step by Step guides for Jabber Servers:
* [[sslonly ejabberd|ejabberd]]
* [[sslonly jabberd2|Jabberd2]]
* [[sslonly jabberd14|Jabberd14]]
* [[sslonly openfire|Openfire]]
* [[sslonly tigase|Tigase]]


== How Can Client Developers Prepare? ==
== How Can Client Developers Prepare? ==
 
Build support for TLS (SSL) and SASL into your client as defined in [http://xmpp.org/rfcs/rfc3920.html RFC 3920] and [http://xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-06.html rfc3920bis]. Support for certificates issued by the [http://xmpp.net/ XMPP Intermediate Certificate Authority] is also very helpful, because many Jabber services on the Internet use the free certificates issued by the XMPP ICA.
Build support for TLS (SSL) and SASL into your client as defined in [http://www.xmpp.org/rfcs/rfc3920.html RFC 3920] and [http://www.xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-06.html rfc3920bis]. Support for certificates issued by the [https://www.xmpp.net/ XMPP Intermediate Certificate Authority] is also very helpful, because many Jabber services on the Internet use the free certificates issued by the XMPP ICA.

Latest revision as of 10:43, 24 July 2010

Security matters! But it doesn't happen unless we make it happen. Some large Jabber services on the Internet are working to require encrypted communications in time for the 10th anniversary of Jabber technologies on January 4, 1999. In preparation, we're planning to hold a Secure Communications Week, October 4 - October 11, 2008. Read on for details.

Help, I Can't Log In!!!

For real-time help, visit the webchat interface to the jabber@conference.jabber.org chat room.

Or post to the JUser discussion list via email or web forum.

Which IM Services are Participating?

  • jabber.org
  • darkskies.za.net
  • bergnetworks.com
  • im.flosoft.biz
  • jabber.fr and im.apinc.org

How Can End Users Prepare?

Upgrade your client to the most recent version. In general, the most recent versions of all major Jabber clients support encryption. That includes:

How Can Services Prepare?

Simply require SSL or TLS connections for client-to-server connections and install a digital security certificate. You can obtain a FREE domain certificate from the XMPP Intermediate Certificate Authority.

Step by Step guides for Jabber Servers:

How Can Client Developers Prepare?

Build support for TLS (SSL) and SASL into your client as defined in RFC 3920 and rfc3920bis. Support for certificates issued by the XMPP Intermediate Certificate Authority is also very helpful, because many Jabber services on the Internet use the free certificates issued by the XMPP ICA.