If you have a bit of time today, February 22, 2014, and want to help an effort aimed at making the Internet more secure, the XMPP Standards Foundation (XSF) is holding their second “Security Test Day” today. The goal is to encrypt all traffic between servers and clients on the public network of XMPP servers. (Note that some of you may be more familiar with XMPP as its original name of “Jabber”.) This is all laid out in their manifesto for ubiquitous encryption on the XMPP network.
The connection to the work we are doing here at the Deploy360 Programme is that many of the XMPP servers have DNSSEC-signed domains and many are implementing DANE to secure the usage of TLS/SSL certificates in both server-to-server and client-to-server communication. The XSF provides guidance on securing DNS via DNSSEC for XMPP servers and the IM Observatory provides two lists of interest:
- List of XMPP servers with DNSSEC-signed SRV records
- List of XMPP servers with DNSSEC-signed DANE records
It is outstanding to see the number of servers that have implemented both DNSSEC and DANE!
Anyway, if you have an XMPP server, or want to set one up, today is a test day when the XMPP community is working on encrypting all their communication. Visit their “Second Security Test Day” post to understand more about how you can participate.
This is great work that will definitely help make part of the Internet more secure. If you have time to help today, it would be great!