Want to receive updates monthly? Subscribe to the XMPP newsletter!

Security Notice: Uncontrolled Resource Consumption with Highly-Compressed XMPP Stanzas

 Posted on April 4, 2014 |  1 minutes |  Miscellaneous |  stpeter

The XMPP Standards Foundation has published a security notice describing an uncontrolled resource consumption vulnerability in several XMPP server implementations that support application-layer compression. Details can be found at https://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/.

Third Security Test Day

 Posted on March 21, 2014 |  2 minutes |  Events |  stpeter

Tomorrow sees the third security test day. Security test days help XMPP operators test-run with strong encryption settings prior to the big encryption switch-over scheduled for 19 May 2014. A large number of XMPP sites have already signed up to the ubiquitous encryption manifesto. More so, some of the participating sites have already permanently enabled strong encryption prior to the manifesto’s go-live date! One of the sites is Crypho. CTO Dr. [Read More]

Google Summer of Code 2014

 Posted on February 28, 2014 |  1 minutes |  Google Summer of Code |  laura

While the XSF may not be mentoring a project in this years Google’s Summer of Code 2014 - we sure can celebrate and shout about the fact that some of the projects include XMPP as part of their project ideas! The Jitsi project has several projects relating to WebRTC, XMPP and the Jitsi Videobridge. XMPP/Jingle/WebRTC also plays a role in Mozilla’s project ideas for InstantBird. To name just a few… [Read More]

Second Security Test Day

 Posted on February 18, 2014 |  1 minutes |  Events |  stpeter

This Saturday (February 22, 2014), XMPP site operators are again flipping the “encrypt all traffic” switch. This is the second of four test days kicked off by the manifesto first published last fall. The aim is to encrypt all traffic between servers and clients on the public, federated XMPP network. You can take part, too: ensure you have valid certificates on your server and that encryption is properly set up (see http://wiki. [Read More]

Thank You to the Internet Society

 Posted on February 12, 2014 |  1 minutes |  Miscellaneous |  bear

On December 20th 2013 the XSF received some very exciting news, to end what had already been a great year - ISOC were awarding the XMPP community an incredibly generous gift to help support the work we are doing in improving privacy and security. In their own words: “The Internet Society takes a great interest in projects that will improve our existing mechanisms for on-line privacy and trust and we appreciate the XMPP Standards Foundations leadership in securing XMPP services in the wake of recent events. [Read More]

XMPP Summit 15

 Posted on January 10, 2014 |  1 minutes |  XMPP Summit |  bear

The 15th Summit is fast approaching!

On January 30th and 31st 2014 we will be meeting to talk about all things XSF and XMPP. The rough agenda is being worked on and we are also in the final stages of getting information about hotels.

To keep current about the details, please do visit the wiki page for Summit 15 often!

Security Test Day is tomorrow 4 Jan 2014

 Posted on January 3, 2014 |  2 minutes |  Events |  bear

Tomorrow many of the folks who run public (and some that run private) facing XMPP servers will be doing a ubiquitous security test of the XMPP network. Like the IPv6 test days, on the 4th January XMPP server operators are turning on TLS encryption for s2s and c2s connections and testing to see what doesn’t work and what needs more work. The participants of this effort would like you to join others in the XMPP community and help secure users private communications. [Read More]

XSF will be present at FOSDEM 2014

 Posted on December 18, 2013 |  1 minutes |  FOSDEM |  bear

The XSF will once again be attending FOSDEM 2014 and we will showcase the latest developments in bringing XMPP into the browser as a first class citizen and demonstrating how XMPP can be used in today’s world. We will also explore and demonstrate how XMPP can be used to solve many of the issues in today’s world of connected devices. The XSF will be part of the Internet-of-Things room and will show IoT technology based on the released IoT extensions. [Read More]

Security Test Day - it's fast approaching

 Posted on November 30, 2013 |  2 minutes |  Events |  bear

In just 34 days the first full test run of ubiquitous security on the XMPP network will be attempted by many service operators. Like the IPv6 test days, on the 4th January XMPP server operators are turning on TLS encryption for s2s and c2s connections and testing to see what doesn’t work and what needs more work. The participants of this effort would like you to join others in the XMPP community and help secure users private communications. [Read More]