Apple Mac OS User Manual
12
Chapter 1
Understanding iChat Service
Apple uses the jabberd software, which implements the Jabber protocol. Jabber is a
trademarked term given to this XMPP protocol by the Jabber Software Foundation.
trademarked term given to this XMPP protocol by the Jabber Software Foundation.
iChat provides peer-file transfer between users that can’t establish direct connections
to a network because of intervening firewalls that block such connections. In the case
of firewalls, iChat acts as a file-transfer proxy, using the Jabber Proxy65 module.
to a network because of intervening firewalls that block such connections. In the case
of firewalls, iChat acts as a file-transfer proxy, using the Jabber Proxy65 module.
To access messaging and file transfer services, users connect to iChat from various
compatible instant messaging (IM) applications. When connected, users can receive
information about the status of other subscribed users, exchange messages with users
or groups (via chat rooms), or exchange files with users.
compatible instant messaging (IM) applications. When connected, users can receive
information about the status of other subscribed users, exchange messages with users
or groups (via chat rooms), or exchange files with users.
Additionally, users can send messages to offline users. These messages are held by
iChat and delivered when offline users connect to the server.
iChat and delivered when offline users connect to the server.
iChat also federates, or unites with other iChat servers or any XMPP-compliant service
(such as Google Talk) using the server-to-server (S2S) capabilities of XMPP. This allows
users with accounts on iChat servers to exchange text messages or files with users
whose accounts are maintained outside their local network infrastructure, as long as
those servers are accessible via the Internet.
(such as Google Talk) using the server-to-server (S2S) capabilities of XMPP. This allows
users with accounts on iChat servers to exchange text messages or files with users
whose accounts are maintained outside their local network infrastructure, as long as
those servers are accessible via the Internet.
To communicate with outside servers, iChat uses a program called S2S, part of the suite
of programs that comprise the Jabber v2.0 server, to establish mutual connections with
them.
of programs that comprise the Jabber v2.0 server, to establish mutual connections with
them.
iChat can be configured to require that S2S sessions be encrypted and to block S2S
sessions with servers that do not support encryption. For encrypted sessions to be
established, both servers must possess public key certificates, either self-signed or
issued by a recognized Certificate Authority (CA).
sessions with servers that do not support encryption. For encrypted sessions to be
established, both servers must possess public key certificates, either self-signed or
issued by a recognized Certificate Authority (CA).
Mac OS X Server includes a preinstalled, default, self-signed certificate, and accepts self-
signed certificates from other servers. Depending on the XMPP software vendor at the
other end of the S2S connection, a certificate from a trusted authority might need to
be installed on the server before S2S sessions can be established.
signed certificates from other servers. Depending on the XMPP software vendor at the
other end of the S2S connection, a certificate from a trusted authority might need to
be installed on the server before S2S sessions can be established.
For more information about increasing server security, see Mac OS X Server Security
Configuration. Certificate information can also be found in Server Administration.
Configuration. Certificate information can also be found in Server Administration.
How iChat Users Are Authenticated
To use iChat on a specific server, users must be defined in directories that the server
uses to authenticate users. In addition, iChat uses Secure Socket Layer (SSL) to protect
the privacy of users while they chat. The following describes the process of iChat user
authentication:
uses to authenticate users. In addition, iChat uses Secure Socket Layer (SSL) to protect
the privacy of users while they chat. The following describes the process of iChat user
authentication: