The XMPP Blog

We’d like to say a big “thank you” to two companies who have recently signed up as sponsors of the XMPP Standards Foundation. Erlang Solutions are a new XSF sponsor who specialise in providing businesses with scalable solutions via the creation, integration, delivery and lifetime support of products and services based on the Erlang and Elixir programming languages. ProcessOne, a returning sponsor, are a leading provider in messaging platforms designed for scale and robustness. ProcessOne have developed ejabberd, an ubiquitous XMPP server that has been deployed to power some of the largest messaging platform in the world. Many people will remember their CEO, Mickaël Rémond, as a member of the Board of the XSF for a number of years.  [Read More]

“Why should I use XMPP?” is a question we get asked a lot. Our answer is often technically-focussed, as there are plenty of reasons XMPP might be the right choice, or we might explain about the benefits of a federated approach - where everyone can run their own server and control their own data. Either way, the fact it is an ‘open standard’ never ceases to be mentioned. Open standards have many advantages over proprietary formats (too many to list in one blog post) but one in particular is that it gives you the choices and control about how you access your data and services.  [Read More]

The 17th XSF Summit is approaching! On January 29th and 30th 2015, just before FOSDEM2015. members of the XMPP community will be gathering at the Cisco offices in Diegem, Brussels to talk about all things XMPP. Our agenda is evolving but so far includes: XMPP-IoT, Current state of the IoT XEPs Editor team automation sprint e2e encryption & OTR The state of UPNP and their XMPP cloud project (and us as liaisons) Relation/Liaison to W3C interest group on the Web of Things: charter XEP-0322 EXI: Update on/upstreaming of implementation, comments To keep up to date with Summit plans, please visit the wiki page for Summit 17 .  [Read More]

Until our new website launches with a dedicated ‘whats on’ section, I wanted to share some events coming up that might be of interest to our community. Rikard Stridof Clayster is speaking at 2 events in June, focussing in on XMPP and IoT. Fo those of you over in America (or for those that now have an excuse to head that way!) here are the details:  [Read More]

Today, a large number of services on the public XMPP network permanently turned on mandatory encryption for client-to-server and server-to-server connections (there’s a fine summary here). This is the first step toward making the XMPP network more secure for all users. Stay tuned for more updates as we work on ubiquitous authentication, secure DNS, end-to-end encryption, and other improvements.  [Read More]

The 9th of april is the Global IoT day (Internet of Things day) on the site iotday.org and on iotlive.org events and meetups around the world are celebrating and connecting live devices. #IoTDayStockholm is coordinating several schedules from events in different time zones and will be having workshops creating XMPP IoT enabled devices. These will be open to interact with, to read and write values over the secure XMPP network.  [Read More]

The XMPP Standards Foundation has published a security notice describing an uncontrolled resource consumption vulnerability in several XMPP server implementations that support application-layer compression. Details can be found at https://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/.  [Read More]

Tomorrow sees the third security test day. Security test days help XMPP operators test-run with strong encryption settings prior to the big encryption switch-over scheduled for 19 May 2014. A large number of XMPP sites have already signed up to the ubiquitous encryption manifesto. More so, some of the participating sites have already permanently enabled strong encryption prior to the manifesto’s go-live date! One of the sites is Crypho. CTO Dr. Yiorgis Gozadinos explained his thinking in enabling strong encryption: “Everybody should have the right to privacy and confidentiality. Providing sane, strong encryption standards built-in in XMPP is a huge step to that direction."  [Read More]

While the XSF may not be mentoring a project in this years Google’s Summer of Code 2014 - we sure can celebrate and shout about the fact that some of the projects include XMPP as part of their project ideas! The Jitsi project has several projects relating to WebRTC, XMPP and the Jitsi Videobridge. XMPP/Jingle/WebRTC also plays a role in Mozilla’s project ideas for InstantBird.  [Read More]

This Saturday (February 22, 2014), XMPP site operators are again flipping the “encrypt all traffic” switch. This is the second of four test days kicked off by the manifesto first published last fall. The aim is to encrypt all traffic between servers and clients on the public, federated XMPP network. You can take part, too: ensure you have valid certificates on your server and that encryption is properly set up (see http://wiki.xmpp.org/web/Securing_XMPP along with the documentation for your XMPP server software), then test your configuration using the tools at the IM Observatory running at XMPP.net.  [Read More]