-------- Original Message --------
Subject: [jdev] TLS Everywhere
Date: Sun, 27 Oct 2013 21:23:08 -0600
From: Peter Saint-Andre
Reply-To: Jabber/XMPP software development list
To: jdev@jabber.org
Almost 15 years have passed since my friend Jeremie Miller released
the initial version of the jabberd IM server, launching the Jabber
open-source community and the technology we know today as XMPP. Yet,
all that time, hop-by-hop encryption using SSL/TLS has been optional
on the XMPP network. A number of server operators and software
developers in the XMPP community have decided that needs to change for
the better. Based on discussions at the XMPP Summit last week in
Portland, Oregon, I have drafted a plan for upgrading the XMPP network
to always-on, mandatory, ubiquitous encryption. You can find it here:
https://github.com/stpeter/manifesto
In short: we owe it to those who use XMPP technologies to improve the
security of the network (and thanks to Thijs Alkemade, we now have
better ways to test such security, using the newly-launched "IM
Observatory" at xmpp.net). Although we know that channel encryption is
not the complete answer, it's the right thing to do because it will
help to protect people's communications from prying eyes.
If you or your organization develop XMPP-compatible software or run a
service that's connected to the XMPP network, I encourage you to sign
the statement by following the instructions in the README at the URL
shown above.
Thanks!
Peter
_______________________________________________
JDev mailing list
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: JDev-unsubscribe@jabber.org
_______________________________________________
--
Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys@stanford.edu.
