[jdev] TLS Everywhere
Peter Saint-Andre
stpeter at stpeter.im
Mon Oct 28 03:23:08 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Almost 15 years have passed since my friend Jeremie Miller released
the initial version of the jabberd IM server, launching the Jabber
open-source community and the technology we know today as XMPP. Yet,
all that time, hop-by-hop encryption using SSL/TLS has been optional
on the XMPP network. A number of server operators and software
developers in the XMPP community have decided that needs to change for
the better. Based on discussions at the XMPP Summit last week in
Portland, Oregon, I have drafted a plan for upgrading the XMPP network
to always-on, mandatory, ubiquitous encryption. You can find it here:
https://github.com/stpeter/manifesto
In short: we owe it to those who use XMPP technologies to improve the
security of the network (and thanks to Thijs Alkemade, we now have
better ways to test such security, using the newly-launched "IM
Observatory" at xmpp.net). Although we know that channel encryption is
not the complete answer, it's the right thing to do because it will
help to protect people's communications from prying eyes.
If you or your organization develop XMPP-compatible software or run a
service that's connected to the XMPP network, I encourage you to sign
the statement by following the instructions in the README at the URL
shown above.
Thanks!
Peter
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJSbdicAAoJEOoGpJErxa2pQ8sQAKRuGHCXsNou3DJWgRPHpj1J
4j1s4VQPx/lC775IrOajGVPkLz0WXo/5cIQGGPWJLbgUclk3B4rATXClzSjLbk5N
WxuOu39molPMrcKNrYem3uiJl8EFyMGlY/Z+dhQ22D8Kv7wlcopERkv2aTn5F1iT
WSufb1G3BIALHfKdqHFtyXC5I3yYi0B7F6FZOji6QJ7zjqsPYTRThpZYl8TFpW0y
ua0sswqHoldUtK1oCS1IeJzHiEqMQuU4Wc2R1QMjXeJdirnFwfCytoDQ7358dZe8
BG4eBLeU2ysqo8P/iSP/fkmLgCViqYc0ATlDcInpmc5luwQ0SlNqCsxRZKLwZkOK
TuKy9GX1VQ/5YHS+UPpmw32kV+HS30dfaVAbte0FdClWnTu3MrvEU92C8RZX0nEj
cIvm6NrBa+TbNjG8zgega26Kf+Ypghx9Ql3KiOVBJ4VOmY6stAyQiHve0TX0zX8T
2IBZBQtnFxk9JJaQaVC6PZv4X/uKWcxmb9u6eaB1gnapfrUE+gCoQ/6vdhGLMYwC
q7In4C3zgO9zDqqWskCAZbyStIegUViAubGF/WsJbMjSuM6xR5L5f+g4MdQYtl3K
yRqvqEjqgLHbuf4F7IqEZoCyyvPM5gFprPvMQvtV4BM5DLVJVa/+K01IiZ1667kW
iWwU5eVlFoFopiSS3j5a
=nfbh
-----END PGP SIGNATURE-----
More information about the JDev
mailing list