The XMPP Blog

We’ve just had the great news that Google have again accepted the XSF to mentor XMPP-related projects in the Google Summer of Code this year. GSoC is a programme whereby Google pays students a stipend to work on open source projects for the summer, and when we’re able to participate in this it’s a highlight of the year for us. If you are, or know any, talented students with an interest in realtime communication systems we’ve got a selection of interesting projects at http://wiki. [Read More]

There’s some recent discussion about the sky falling for XMPP at Google. See this blog post by Dan York for example. In reality, we don’t know the state of XMPP inside Google because they don’t share their use of XMPP with the XSF. We do know Android’s Google Cloud Messaging uses it. We know Hangouts Videochat uses it. We know Google Talk still (insecurely) federates with (some) XMPP services. But from an outside perspective, Google has made no major recent changes in terms of how they’re using XMPP from what we can observe. [Read More]

We’d like to say a big “thank you” to two companies who have recently signed up as sponsors of the XMPP Standards Foundation. Erlang Solutions are a new XSF sponsor who specialise in providing businesses with scalable solutions via the creation, integration, delivery and lifetime support of products and services based on the Erlang and Elixir programming languages. ProcessOne, a returning sponsor, are a leading provider in messaging platforms designed for scale and robustness. [Read More]

“Why should I use XMPP?” is a question we get asked a lot. Our answer is often technically-focussed, as there are plenty of reasons XMPP might be the right choice, or we might explain about the benefits of a federated approach - where everyone can run their own server and control their own data. Either way, the fact it is an ‘open standard’ never ceases to be mentioned. Open standards have many advantages over proprietary formats (too many to list in one blog post) but one in particular is that it gives you the choices and control about how you access your data and services. [Read More]

The 17th XSF Summit is approaching! On January 29th and 30th 2015, just before FOSDEM2015. members of the XMPP community will be gathering at the Cisco offices in Diegem, Brussels to talk about all things XMPP. Our agenda is evolving but so far includes: XMPP-IoT, Current state of the IoT XEPs Editor team automation sprint e2e encryption & OTR The state of UPNP and their XMPP cloud project (and us as liaisons) Relation/Liaison to W3C interest group on the Web of Things: charter XEP-0322 EXI: Update on/upstreaming of implementation, comments To keep up to date with Summit plans, please visit the wiki page for Summit 17 . [Read More]

Until our new website launches with a dedicated ‘whats on’ section, I wanted to share some events coming up that might be of interest to our community. Rikard Stridof Clayster is speaking at 2 events in June, focussing in on XMPP and IoT. Fo those of you over in America (or for those that now have an excuse to head that way!) here are the details: 12 June: IOT Expo in NYC 16 June: IOT World in Silicon Valley Hopefully we can get a blog post from Rikard after the events, to share the goodness with everyone that couldn’t attend. [Read More]

Today, a large number of services on the public XMPP network permanently turned on mandatory encryption for client-to-server and server-to-server connections (there’s a fine summary here).

This is the first step toward making the XMPP network more secure for all users.

Stay tuned for more updates as we work on ubiquitous authentication, secure DNS, end-to-end encryption, and other improvements.

The 9th of april is the Global IoT day (Internet of Things day) on the site iotday.org and on iotlive.org events and meetups around the world are celebrating and connecting live devices. #IoTDayStockholm is coordinating several schedules from events in different time zones and will be having workshops creating XMPP IoT enabled devices. These will be open to interact with, to read and write values over the secure XMPP network. [Read More]

The XMPP Standards Foundation has published a security notice describing an uncontrolled resource consumption vulnerability in several XMPP server implementations that support application-layer compression. Details can be found at https://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/.

Tomorrow sees the third security test day. Security test days help XMPP operators test-run with strong encryption settings prior to the big encryption switch-over scheduled for 19 May 2014. A large number of XMPP sites have already signed up to the ubiquitous encryption manifesto. More so, some of the participating sites have already permanently enabled strong encryption prior to the manifesto’s go-live date! One of the sites is Crypho. CTO Dr. [Read More]