Second Security Test Day
This Saturday (February 22, 2014), XMPP site operators are again flipping the "encrypt all traffic" switch.
This is the second of four test days kicked off by the manifesto first published last fall. The aim is to encrypt all traffic between servers and clients on the public, federated XMPP network.
You can take part, too: ensure you have valid certificates on your server and that encryption is properly set up (see http://wiki.xmpp.org/web/Securing_XMPP along with the documentation for your XMPP server software), then test your configuration using the tools at the IM Observatory running at XMPP.net.
The manifesto team has managed to push the encryption level up to 12.5% of XMPP server-to-server traffic (see https://xmpp.net/reports.php#starttls). The test days help to keep nudging this value up and to prepare for an "everything is encrypted...or else" day in May of this year (some operators have not flipped back to unencrypted traffic and are now running 100% encrypted servers).
To join the team running the manifesto and thus help to secure the communications of XMPP users everywhere:
- test your server at the IM Observatory
- sign the manifesto at https://github.com/stpeter/manifesto
- chat with other XMPP operators in the firstname.lastname@example.org chatroom
- join the conversation on the email@example.com email list
It's that easy!