[Standards-JIG] Was: JEP-0165. Now: selective s2s depending on version?

Andreas van Cranenburgh andreas at unstable.nl
Fri Nov 18 10:20:40 UTC 2005


On Fri, Nov 18, 2005 at 12:20:45AM +0100, Matthias Wimmer wrote:
> But I am no friend of this type of suggestions to force people to 
> upgrade to newer versions. It would just break the network and nobody 
> would still know which other person he still can contact. We would just 
> partition the network into clouds that are not fully interconnected. Our 
> goal is to have free IM services, services that can interoperate ... not 
> to copy AIM, MSN, Yahoo which do not allow their users to message with 
> users of other servers.

It's politics. When AOL deliberately added a buffer oferflow to the AIM
client, it was a dirty game (MSN had to remove AIM support, IIRC, some
years ago).

When my server has a policy, it'll be a public matter -- that I'll want
to use to make a statement about where I believe "a public jabber
network" is supposed to go, and what role administrators should take in
that; that is: without needing to convince everyone!

Since ranting about it to an X number of admins hasn't payed off very
much the past year(s), I'm curious to see how another approach would
work out.

> 
> Sure there is a problem if and administrator does not care about 
> security problems, but if the administrator does not care about his 
> server, there are even more problems than this one. But if we want to 
> have an open network, this is something we have to learn to deal with 
> without trying to be the "net police".

To me security comes before "interconnectedness" (the larger jabber
network is huge, and the public one is big enough as it is, for the
demand, except that new users are not yet distributed properly).

Also, I wouldn't call it net-police, because police wants order, when I
mostly care about the security matters being taken seriously.

SMTP/IRC is very open, yet all sorts of hacks have been thouht of to
lock it down, to stop abuse. They also more often than not, hinder
legitimate users!
But that's a trade-off, always! We have XMPP here, it's much more
security-minded, in its design. Please let's let that be reflected in
our public network...

-- 
        Andreas        [ http://unstable.nl | xmpp:andreas at unstable.nl ]
                       [  callto:ils.seconix.com/andreas at unstable.nl   ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20051118/eacff044/attachment.sig>


More information about the Standards mailing list