TLS Everywhere, jabber

Ralf Skyper Kaiser skyper at thc.org
Thu Nov 14 08:04:33 EST 2013


FYI,..

sounds good. move into the right direction to make pervasive surveillance
harder and protect jabber/XMPP communication.

- -------- Original Message --------
Subject: [jdev] TLS Everywhere
Date: Sun, 27 Oct 2013 21:23:08 -0600
From: Peter Saint-Andre <stpeter at stpeter.im>
Reply-To: Jabber/XMPP software development list <jdev at jabber.org>
To: jdev at jabber.org

Almost 15 years have passed since my friend Jeremie Miller released
the initial version of the jabberd IM server, launching the Jabber
open-source community and the technology we know today as XMPP. Yet,
all that time, hop-by-hop encryption using SSL/TLS has been optional
on the XMPP network. A number of server operators and software
developers in the XMPP community have decided that needs to change for
the better. Based on discussions at the XMPP Summit last week in
Portland, Oregon, I have drafted a plan for upgrading the XMPP network
to always-on, mandatory, ubiquitous encryption. You can find it here:

https://github.com/stpeter/manifesto

In short: we owe it to those who use XMPP technologies to improve the
security of the network (and thanks to Thijs Alkemade, we now have
better ways to test such security, using the newly-launched "IM
Observatory" at xmpp.net). Although we know that channel encryption is
not the complete answer, it's the right thing to do because it will
help to protect people's communications from prying eyes.

If you or your organization develop XMPP-compatible software or run a
service that's connected to the XMPP network, I encourage you to sign
the statement by following the instructions in the README at the URL
shown above.

Thanks!

Peter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/pipermail/support/attachments/20131114/b1f1662e/attachment.html>


More information about the Support mailing list