31.5. Securing iChat Server
iChat, Apple's instant messaging application built into every copy of Mac OS X, enables users to carry on private or group conversations using text, audio, or video; share files; and even show slide shows, videos, and Keynote presentations remotely. The communication is typically mediated by a server (although direct peer-to-peer connections are usually possible too), and iChat can connect to accounts on AIM (AOL Instant Messenger), MobileMe, Jabber, and Google Talk servers.
Mac OS X Server includes the Jabber-compliant iChat Server, letting an organization run its own service for managing instant messaging. Like MobileMe, iChat Server offers an option to securely encrypt all data transfer — but without requiring individual paid user accounts. It also gives administrators control over which users and groups can use the service and which features are available.
The security features you can configure for iChat Server are similar to those of Address Book Server and iCal Server in that they include the authentication method(s) supported and whether to use SSL (which is an excellent idea and significantly more important in the context of instant messaging than for calendar or contact data). In addition, you can choose whether to enable federation (joining your server to another one so your users can connect to others with accounts on either server) and, if so, whether to require that server-to-server communication be encrypted.
Before you can activate SSL ...
Get Mac® Security Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
