NTT Communications (Japan) have created a new secure Instant Messaging system. This system communicates over TLS (Transport Layer Security), the successor to the SSL standard.
Communications on most IM systems are secured between client and server – where password exchange typically takes place, but once the initial connection has been established, messages themselves are usually passed directly between clients. In the new messaging system, all communication goes through the sever, and is performed over an encrypted TLS connection.
This allows, apparently, restrictions on the server to govern which users can talk to each other, which types of files may be sent, and so on.
This sounds like a great idea, but there is a reason for current systems to communicate directly between clients – a single relay server is a single point of failure, and also serves as a bottleneck in the network. Using TLS only serves to further slow down the server, and I am not sure how well this solution would scale (though a network of servers, IRC style, might work…)
Meanwhile, for small to medium corporations, this could be the secure solution that has been needed for a long time. It will be a while before it becomes scalable to the entire Internet, though, I expect.
[tags]IM software,bottleneck,encryption,data centers, instant messaging, online security[/tags]