[Operators] Future of XMPP Re: The Google issue

Solomon Peachy pizza at shaftnet.org
Thu Nov 28 12:44:41 UTC 2013

On Thu, Nov 28, 2013 at 10:16:00AM +0100, Andreas Kuckartz wrote:
> If it turns out that not even the rather limited requirements regarding
> encryption which are stated in the manifesto will be satisfied by a
> significant subset of XMPP servers then it well seal the fate of XMPP as
> far as I am concerned.

How is XMPP any different then SMTP in this manner?  Lack of mandatory 
S2S encrypted links hasn't made it any less viable.

(And before you bring it up, mandatory S2S crypto won't solve the
 spam problem either, judging by the amount of email spam I get that was 
 submitted via authenticated SMTP..)

Oh, to go back to your comment, how do you consider the manifesto's 
encryption requirements to be "limited"?  Even if we eventually put 
aside the hard requirement for encrypyed S2S links, it's still a vast 
improvement over the former status quo.

There are three major problems holding up the achievement of the 
manifesto's goals.  

The first is purely technical; server software has to be updated to 
automatically (and transparently) use approrpriate crypto if possible.  
This is actually the easiest part, and it's not ready yet (at least in 
the case of jabberd2..)

The second is that every XMPP service operator is required to pay for a 
third-party for a TLS certificate.  This isn't a large cost in absolute 
terms, but does raise the bar for entry, and represents an ongoing cost. 
(Anectdotally, most smaller operators, myself included, were using 
self-signed certs to enable secure C2S credential exhange.)

The third is one of apathy, specifically when it comes to the 
established players that are more than likely using proprietary server 
software. They have to be convinced that the they (and/or their users) 
benefit enough to make the cost worthwhile.

> And if the future of XMPP depends on Google Talk then XMPP is doomed anyway.

Without Google, XMPP (S2S) simply doesn't have enough of a mass userbase 
to be viable, IMO.  The mass markey simply doesn't care about technical 
"quality".  (Witness every mobile-messaging-app-du-jour overnight ending 
up with more users than non-google S2S-enabled XMPP..)

What makes that particularly sad is that XMPP (C2S) is more popular than 
ever... It's just that the major operators (eg Facebook) use XMPP C2S as 
the interface to a proprietary walled-garden IM system that they have no 
intentions of opening up.

Put another way -- XMPP is not failing (nor will it fail) due to 
technical deficiencies.  The problem is purely political/economic in 
nature.  The big players consider interoperability a liability rather 
than a strength, which is an understandable, if highly disappointing 


 - Solomon
Solomon Peachy        		       pizza at shaftnet dot org
Delray Beach, FL                          ^^ (email/xmpp) ^^
Quidquid latine dictum sit, altum viditur.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/operators/attachments/20131128/a3ce59e6/attachment.pgp>

More information about the Operators mailing list