Home > Articles > Networking

  • Print
  • + Share This

Why Use It?

Since the beginning, Jabber has supported SSL. With the XMPP 1.0 standard, this support was implemented in a slightly different way. Rather than having a dedicated SSL port, the server advertised TLS capability, and performed the SSL negotiation shortly after connection. The advantage of this practice is that it allows a different certificate to be presented, depending on the domain name to which the client expects to connect, allowing a single server to host multiple domains securely. Combined with the control it’s possible to exert over your own server, this arrangement makes it a much better option than any of the proprietary IM systems for corporate use.

End-to-end cryptography is not ubiquitous in XMPP, but SSL/TLS for both client-to-server and server-to-server communication is almost always used. If both users are on the same server, and the server is trusted (for example, run by the company employing both individuals), communication is secure from third-party snooping.

This situation isn’t the case with proprietary IM networks. There was recent coverage of censorship on the MSN network, in which messages containing certain key phrases (including download.php) would be dropped silently. This situation is far from an ideal for something used for commercial communication.

Another reason for an organization to run its own server is regulatory compliance. In some jurisdictions, legal obligations require keeping a record of all communications. An XMPP server can easily log all messages sent through it, including communications with outside parties, just as a mail server can do.

  • + Share This
  • 🔖 Save To Your Account

Related Resources

There are currently no related titles. Please check back later.