Second Security Test Day

This Saturday (February 22, 2014), XMPP site operators are again flipping the "encrypt all traffic" switch.

This is the second of four test days kicked off by the manifesto first published last fall. The aim is to encrypt all traffic between servers and clients on the public, federated XMPP network.

You can take part, too: ensure you have valid certificates on your server and that encryption is properly set up (see http://wiki.xmpp.org/web/Securing_XMPP along with the documentation for your XMPP server software), then test your configuration using the tools at the IM Observatory running at XMPP.net.

The manifesto team has managed to push the encryption level up to 12.5% of XMPP server-to-server traffic (see https://xmpp.net/reports.php#starttls). The test days help to keep nudging this value up and to prepare for an "everything is encrypted...or else" day in May of this year (some operators have not flipped back to unencrypted traffic and are now running 100% encrypted servers).

To join the team running the manifesto and thus help to secure the communications of XMPP users everywhere:

test your server at the IM Observatory

sign the manifesto at https://github.com/stpeter/manifesto

chat with other XMPP operators in the operators@muc.xmpp.org chatroom

join the conversation on the operators@xmpp.org email list

It's that easy!