In the 'advanced' login configuration, settings related to 'security' are all over the place. This should be organized better, and be made more up-to-date with the latest version of Smack.
The end-user should be able to choose what level of guarantee of encryption is desired (required, if possible, disabled are flavors that are defined by Smack)
The option to use 'old-style' SSL should be presented there (that's the method that typcially uses port 5223, which is an alternative to establishing encryption via STARTTLS on 5222).
The various 'ignore this important security concept' flag should go there as well.