Skip to content


Second Security Test Day

This Saturday (February 22, 2014), XMPP site operators are again flipping the “encrypt all traffic” switch.

This is the second of four test days kicked off by the manifesto first published last fall. The aim is to encrypt all traffic between servers and clients on the public, federated XMPP network.

You can take part, too: ensure you have valid certificates on your server and that encryption is properly set up (see http://wiki.xmpp.org/web/Securing_XMPP along with the documentation for your XMPP server software), then test your configuration using the tools at the IM Observatory running at XMPP.net.

The manifesto team has managed to push the encryption level up to 12.5% of XMPP server-to-server traffic (see https://xmpp.net/reports.php#starttls). The test days help to keep nudging this value up and to prepare for an “everything is encrypted…or else” day in May of this year (some operators have not flipped back to unencrypted traffic and are now running 100% encrypted servers).

To join the team running the manifesto and thus help to secure the communications of XMPP users everywhere:

It’s that easy!

Posted in community, security.