- From: Simon Tennant <simon@buddycloud.com>
- Date: Mon, 28 Oct 2013 09:37:57 +0100
- To: "public-fedsocweb@w3.org" <public-fedsocweb@w3.org>
- Cc: Andreas Kuckartz <a.kuckartz@ping.de>
- Message-ID: <CACEE+iPAWL9=Low0yuhTFenZm+WsroHm0OBgFv+CU7e_ANoCXQ@mail.gmail.com>
I was involved in setting this up: it's about client to server security AND server to server security. If you run an XMPP server, please consider forking, signing your name to the document and submitting a pull request back to Peter. S. On 28 October 2013 08:21, Andreas Kuckartz <a.kuckartz@ping.de> wrote: > This is about s2s encryption. > > Cheers, > Andreas > > -------- Original Message -------- > Sun, 27 Oct 2013 21:24:04 -0600 (MDT) > Date: Sun, 27 Oct 2013 21:24:04 -0600 > From: Peter Saint-Andre <stpeter@stpeter.im> > To: XMPP Operators Group <operators@xmpp.org>, XMPP Standards > <standards@xmpp.org> > > FYI > > > -------- Original Message -------- > Subject: [jdev] TLS Everywhere > Date: Sun, 27 Oct 2013 21:23:08 -0600 > From: Peter Saint-Andre <stpeter@stpeter.im> > Reply-To: Jabber/XMPP software development list <jdev@jabber.org> > To: jdev@jabber.org > > Almost 15 years have passed since my friend Jeremie Miller released > the initial version of the jabberd IM server, launching the Jabber > open-source community and the technology we know today as XMPP. Yet, > all that time, hop-by-hop encryption using SSL/TLS has been optional > on the XMPP network. A number of server operators and software > developers in the XMPP community have decided that needs to change for > the better. Based on discussions at the XMPP Summit last week in > Portland, Oregon, I have drafted a plan for upgrading the XMPP network > to always-on, mandatory, ubiquitous encryption. You can find it here: > > https://github.com/stpeter/manifesto > > In short: we owe it to those who use XMPP technologies to improve the > security of the network (and thanks to Thijs Alkemade, we now have > better ways to test such security, using the newly-launched "IM > Observatory" at xmpp.net). Although we know that channel encryption is > not the complete answer, it's the right thing to do because it will > help to protect people's communications from prying eyes. > > If you or your organization develop XMPP-compatible software or run a > service that's connected to the XMPP network, I encourage you to sign > the statement by following the instructions in the README at the URL > shown above. > > Thanks! > > Peter > _______________________________________________ > JDev mailing list > Info: http://mail.jabber.org/mailman/listinfo/jdev > Unsubscribe: JDev-unsubscribe@jabber.org > _______________________________________________ > > > > -- Simon Tennant | buddycloud.com | +49 17 8545 0880 | office hours: goo.gl/tQgxP
Received on Monday, 28 October 2013 08:38:32 UTC