The XMPP Blog

Third Security Test Day

Tomorrow sees the third security test day.

Security test days help XMPP operators test-run with strong encryption settings prior to the big encryption switch-over scheduled for 19 May 2014.

A large number of XMPP sites have already signed up to the ubiquitous encryption manifesto. More so, some of the participating sites have already permanently enabled strong encryption prior to the manifesto's go-live date!

One of the sites is Crypho. CTO Dr. Yiorgis Gozadinos explained his thinking in enabling strong encryption: “Everybody should have the right to privacy and confidentiality. Providing sane, strong encryption standards built-in in XMPP is a huge step to that direction." site admin Vasil Kolev has also been protecting his user's privacy: "Without strong encryption, these services become worse than useless - they become dangerous for the people that use them.", the original XMPP server on the Internet, is another site that has been playing an active role in the test days. As primary operator Peter Saint-Andre noted, "Although we've had the ability to encrypt the XMPP network for many years now, it's great to see strong momentum toward achieving that goal in the near future."

To join the growing number of sites that are enabling strong encryption: ​ 1. Sign the manifesto as an XMPP server admin or software developer.
2. Setup your site's encryption and check it at
3. Run with TLS encryption required on the 22nd of March and report issues in the operators chatroom or on the operators discussion list.
4. Spread the word about building secure federated communication!

Posted by stpeter on March, 21, 2014 - filed under misc