Secure Messaging in XMPP

Document Type Expired Internet-Draft (individual)
Authors Martin Thomson  , Adam Roach 
Last updated 2016-04-04 (latest revision 2015-09-29)
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


The history of secure messaging in XMPP is spotty. The long-running de facto scheme, OTR, enjoys fairly wide implementation and use, but OTR suffers from some serious usability and security shortcomings that make it unsuitable as a basis for encryption. This document describes an architecture that provides end-to-end confidentiality and integrity for XMPP messaging. Solutions for both multi-user and one-to-one messaging are provided.


Martin Thomson (
Adam Roach (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)