First, you should read on how XMPP works from http://www.xmpp.org. Second, no, you don't need an SSL certificate. You may choose how your XMPP server authenticates your own users and it's up to you do decide whether you want them to use TLS/SSL or not and no any other XMPP server have means to learn what authentication method was used on user end. The established practice is to use TLS with self-signed SSL cert. Server-to-server connectins are usually insecured, so Google may require to use SSL while connecting to their XMPP servers, yet as till now they don't.

It's right there in black and white. This isn't XMPP, it's Wave over XMPP, so there's no reason they can't impose additional constraints, and kudos to them for doing so. Optional TLS is effectively the same as no TLS and that just won't do for _the_ next gen messaging standard.