‹ Back
Deploy360 22 February 2014

Weekend Project: Join the XMPP “Security Test Day” today to test DNSSEC / DANE

Dan York
By Dan YorkDirector, Online Content

XMPP logoIf you have a bit of time today, February 22, 2014, and want to help an effort aimed at making the Internet more secure, the XMPP Standards Foundation (XSF) is holding their second “Security Test Day” today.  The goal is to encrypt all traffic between servers and clients on the public network of XMPP servers. (Note that some of you may be more familiar with XMPP as its original name of “Jabber”.) This is all laid out in their manifesto for ubiquitous encryption on the XMPP network.

The connection to the work we are doing here at the Deploy360 Programme is that many of the XMPP servers have DNSSEC-signed domains and many are implementing DANE to secure the usage of TLS/SSL certificates in both server-to-server and client-to-server communication.  The XSF provides guidance on securing DNS via DNSSEC for XMPP servers and the IM Observatory provides two lists of interest:

It is outstanding to see the number of servers that have implemented both DNSSEC and DANE!  

Anyway, if you have an XMPP server, or want to set one up, today is a test day when the XMPP community is working on encrypting all their communication.  Visit their “Second Security Test Day” post to understand more about how you can participate.

This is great work that will definitely help make part of the Internet more secure. If you have time to help today, it would be great!

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...

Join the conversation with Internet Society members around the world