Secure Communications Week
Security matters! But it doesn't happen unless we make it happen. Some large Jabber services on the Internet are working to require encrypted communications in time for the 10th anniversary of Jabber technologies on January 4, 1999. In preparation, we're planning to hold a Secure Communications Week, October 4 - October 11, 2008. Read on for details.
Help, I Can't Log In!!!
Which IM Services are Participating?
- jabber.fr and im.apinc.org
How Can End Users Prepare?
Upgrade your client to the most recent version. In general, the most recent versions of all major Jabber clients support encryption. That includes:
- Adium 1.2.7
- Coccinella 0.96.8
- Exodus 0.10
- Gajim 0.11 (and 0.12 alpha)
- Kopete 0.50
- Miranda 0.7.8
- Pandion 2.5
- Pidgin 2.4.3 (in the past:Gaim)
- Psi 0.11 and 0.12
- Trillian Trillian 3.1.10
How Can Services Prepare?
Simply require SSL or TLS connections for client-to-server connections and install a digital security certificate. You can obtain a FREE domain certificate from the XMPP Intermediate Certificate Authority.
Step by Step guides for Jabber Servers:
How Can Client Developers Prepare?
Build support for TLS (SSL) and SASL into your client as defined in RFC 3920 and rfc3920bis. Support for certificates issued by the XMPP Intermediate Certificate Authority is also very helpful, because many Jabber services on the Internet use the free certificates issued by the XMPP ICA.