[Juser] How secure is jabber?

Peter Flindt newsgroups at Lastwebpage.de
Sat Jun 30 05:59:21 CDT 2007


Hello,
on nearly all websites I can find comments like Jabber is more secure
than the XYZ-Messenger protocol, sorry but I dont understand why... I
guess I misunderstand something.

1.)A new user choose jabber.org as login server. Unfortunately
something changes at jabber.org and the server goes down for some
hours, the user choose another server from a list, that server have to
many downtimes, he choose a 3rd. But how secure is this? Everyone can
download the server software, run his own jabber server, and maybe add
this server to some server lists. Maybe with some server software addon
to spy out the userdata. I want not assume anything, but where is the
"security" at this part?

2.)SSL/TSL
I notice that a lot of user think SSL/TSL is "safer" for the messages,
but if I understand SSL correctly it only do the following:
User<->plain text<->SSL<->encrypted data transfer<->SSL<->plain
text<->server
Apart from the case that some client/server only use SSL for
Password/Username (If I understand this SSL within Jabber correctly) ,
where is the "security". Why a lot of user want to use SSL, I don't
understand this hype. They all fear that someone spy at their internet
connection?

Sorry, for this noob question, but I can't understand both things...

Peter






More information about the JUser mailing list