[Operators] The Google issue

Matthew Wild mwild1 at gmail.com
Sat Nov 23 17:37:50 UTC 2013


On 22 November 2013 15:31, Solomon Peachy <pizza at shaftnet.org> wrote:
> On Fri, Nov 22, 2013 at 09:50:43AM +0000, Dave Cridland wrote:
>> However, I stress - the point, to me, of the 4th January test is not to cut
>> connections to Google, or send some Message, or anything else along those
>> lines.
>
> Oh, I completely agree.
>
>> The point is to see what happens, accepting there will be some disruption,
>> and accepting that we may have to re-examine what we think is achievable
>> here.
>
> Strong end-to-end encryption is the ideal situation, and we need to make
> sure there are no technical impediments to achieving this.  Therefore, I
> will gladly participate on this (and future) interop/test days.

The problem with this "ideal" is that it still leaks metadata. Also
presence is never likely to be encrypted end-to-end. You get the idea.

While there are certainly protocols that could allow you to not trust
your server and your contact's server, they come with their own
different limitations that I don't think make it feasible for XMPP to
ever go in that direction.

For this reason I think that, as much as end-to-end encryption is
desirable, we do need to trust our servers to some extent and that
servers should respect that trust and encrypt their links.

Regards,
Matthew


More information about the Operators mailing list