This initiative is intented to analyze and discuss possible abuse in the XMPP protocol, discuss possible solutions, servers and clients implementation best pratices and collective mecanisms to limit abuses.
The wiki is opened to participant interested in participating in this initiative and to our partners.
Please, drop me a mail (mremond, at Process-one), if you would like to get an account to take part in this initiative.
Main topics
Note on Jabber.org
Our goal is to implement as fast as possible those security changes and to deploy them on Jabber.org XMPP server. As such Jabber.org will serve as a laboratory for the solution described in this wiki area.
Note on ejabberd
In ejabberd 2.0 we focused on improving reliability and limiting abuse cases, but many cases are regularly discovered and we improve those protections everyday as part of ProcessOne support. Some protections are directly added in ejabberd. Other are added in our supervision console TeamLeader.
XAAI workgroup discussions
