jabber.org at ralphm.ik.nu
Sat Mar 12 15:55:19 CST 2005
On Sat, Mar 12, 2005 at 03:55:49PM -0500, Matt Warden wrote:
> My welcome message did not mention an archive. I'm sure this has been
> asked before, but since I can't find the archive, I can't find the
> answer myself.
> I am using Gaim 1.1.4 (no, this isn't about the account creation bug).
> I am trying out Jabber because of AIM's recent terms of service
> changes, allowing them to do whatever they please with my
> conversations. I want to use Jabber only if conversations are
> encrypted (I do not need them to be encrypted end-to-end... I assume
> that Jabber's SSL works by encrypting only while in transit between
> client and server, not all the way from client to client -- please
> correct me if I misunderstand this). I have the box "use TLS if
> available" checked in Gaim. The jabber.org/network lists jabber.org as
> supporting SSL, but I don't know if this is the old SSL or if you mean
> TLS. Basically, I just want to know if my conversations are secure,
> and how I would know if the client I'm talking to is also connected
> over SSL.
Well, TLS is the name of the IETF protocol standard that grew out of SSL 3.0,
so basically, the names are interchangable. There is a difference in how
the TLS is setup.
Before the core protocol of Jabber was standardized as XMPP in RFC 3920,
servers usually used a separate port for SSL connections (5223). In XMPP,
there is a new way of negotiating stream parameters such as encryption using
TLS. This stream feature is referred to as STARTTLS.
The server at jabber.org supports both.
More information about the JUser