[Operators] Fwd: [jdev] TLS Everywhere

Jesse Thompson jesse.thompson at doit.wisc.edu
Mon Oct 28 19:41:15 UTC 2013


Are there more details?  Specifically, does "hop-by-hop encryption using 
SSL/TLS" require strong association between a domain name and an XML 
stream as described in draft-ietf-xmpp-dna-04?  If so, does that put the

On 10/27/2013 10:24 PM, Peter Saint-Andre wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> FYI
>
>
> - -------- Original Message --------
> Subject: [jdev] TLS Everywhere
> Date: Sun, 27 Oct 2013 21:23:08 -0600
> From: Peter Saint-Andre <stpeter at stpeter.im>
> Reply-To: Jabber/XMPP software development list <jdev at jabber.org>
> To: jdev at jabber.org
>
> Almost 15 years have passed since my friend Jeremie Miller released
> the initial version of the jabberd IM server, launching the Jabber
> open-source community and the technology we know today as XMPP. Yet,
> all that time, hop-by-hop encryption using SSL/TLS has been optional
> on the XMPP network. A number of server operators and software
> developers in the XMPP community have decided that needs to change for
> the better. Based on discussions at the XMPP Summit last week in
> Portland, Oregon, I have drafted a plan for upgrading the XMPP network
> to always-on, mandatory, ubiquitous encryption. You can find it here:
>
> https://github.com/stpeter/manifesto
>
> In short: we owe it to those who use XMPP technologies to improve the
> security of the network (and thanks to Thijs Alkemade, we now have
> better ways to test such security, using the newly-launched "IM
> Observatory" at xmpp.net). Although we know that channel encryption is
> not the complete answer, it's the right thing to do because it will
> help to protect people's communications from prying eyes.
>
> If you or your organization develop XMPP-compatible software or run a
> service that's connected to the XMPP network, I encourage you to sign
> the statement by following the instructions in the README at the URL
> shown above.
>
> Thanks!
>
> Peter

Does this necessitate strong association between a domain name and an 
XML stream as described in 
https://tools.ietf.org/html/draft-ietf-xmpp-dna-04?

Jesse


More information about the Operators mailing list