[Standards-JIG] Jingle vs. Zoep

dirk.griffioen@voipster.com dgriffioen at voipster.com
Mon Feb 13 23:25:09 UTC 2006


Peter Saint-Andre wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>dirk.griffioen at voipster.com wrote:
>
>  
>
>>>In general I'd like to see an argument for why SIP-over-XMPP is a great
>>>approach. What are the benefits? What do we gain? Is it more secure?
>>>More scalable? More user-friendly? Easier to implement for developers?
>>>(If so, why? SIP is huge, are you assuming that developers will just
>>>make a call out to a SIP stack rather than writing a SIP implementation
>>>of their own? What's the interaction between the XMPP stack and the SIP
>>>stack? Etc.) Easier to deploy for admins?
>>>
>>>  
>>>      
>>>
>>Code reuse, ease of implementation, 
>>    
>>
>
>If your client doesn't already have a SIP stack in it, you're not
>reusing any code and it's not necessarily all that easy to implement.
>(But I leave it up to those who write code to talk about that aspect.
>I'm just a glorified tech writer.)
>
>I know Akito is going to jump on me for saying that. But we have a very
>large base of implemented and deployed XMPP software out there. Forcing
>any client that wants to add voice-video-media support to now include a
>SIP stack seems to me like a major implementation hurdle. Sure, they
>could all use the OpenZoep stack, I guess, eh? But will that work on
>Mac, Linux, Windows, PalmOS, Symbian, J2ME, RIM, WinCE, Amiga, and all
>the other platforms we need to think about supporting?
>
>  
>
First of all, your remark sort of implies that there has ot be a choice: 
it's either Zoep, Jingle or X - if that's the case fine, but I am much 
more comfortable with Zoep as complementary: a way to use XMPP. I've had 
a question from someone wanting to do IAX the Zoep way ...

>  
>
>>ease of connection with 'legacy'
>>    
>>
>
>For clients or server-side gateways? One of the problems people had with
>TINS was that it was trivially easy to write a gateway but damn hard to
>write the client. We don't want to go down that road again.
>
>  
>
Zoep should be as trivial as TINS to write a gateway for (and maybe 
simpeler), as to the client side, complexity is going to be in the sip 
stack, yes. It is not a simple task and it needs to be done somewhere. 
But I do agree with Pedro Melo - having to support many SIP dialects 
will be a maintenance headache.

>  
>
>>as
>>secure as both XMPP and SIP are.
>>    
>>
>
>SIP is secure? Authentication is OPTIONAL. From addresses are not
>validated and checked. Interdomain communications ("federation") is
>still a mess. Sure you can use sips: URIs (forcing TCP and TLS) but most
>implementations out there will still use the old sip: URIs (UDP, no
>TLS). It's like Jabber in the jabberd 1.0 days (1999-2000) when we
>didn't have dialback.
>
>  
>
Does jabber then validate 'from' - in a way more than syntactically 
checking if things are ok? Maybe I am missing the point, but why is this 
so important? For pc2 pc calls all mechanisms from XMPP hold, with 
pc2pstn outbound you would dial a number, expecting the person you are 
looking for. (Same for inbound). In two cases there might be a problem, 
as far as I can see: automated calls and the moment the sip traffic 
'leaves' the XMPP cloud. It is not encrypted so it is vulnerable. All 
security issues to all protocols will pass by and say hello. As for 
implementations, like XMPP they will, or alredy have, matured.

>  
>
>>It is not more user-friendly (the user would not know if signalling
>>passes gateways or not - maybe it's slower? I believe this was mentioned
>>at the mailing list), or more scalable (we still would need hardware).
>>
>>Existing SIP stacks can be used, if they have an abstraction for the
>>transport - one would add an XMPP transport and presto ...
>>    
>>
>
>I still don't see how XMPP is a transport for SIP in the way that TCP or
>UDP is -- you've got a layering problem here.
>
>  
>
  'tunneling' would be a better name - I'm looking for analogy here, not 
so much definition.

>  
>
>>The admins I don't know about, could you hint?
>>    
>>
>
>The people I've talked with at major organizations don't find SIP to be
>very "deployable" -- it was originally developed as a peer-to-peer
>technology and it is difficult to make it fit into a client-server
>architecture (which is what, for better or worse, deployment people are
>comfortable with for many reasons -- manageability, compliance, etc.).
>
>  
>
In what way then, is a SIP registrar different from the Jabber server? 
(And remember, if it looks the same, feels the same and tastes the same, 
it must be the same :) )

D

>Peter
>
>- --
>Peter Saint-Andre
>Jabber Software Foundation
>http://www.jabber.org/people/stpeter.shtml
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.1 (Darwin)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>iD8DBQFD6/ktNF1RSzyt3NURArpGAJ0XD9J64FGCLsV5/GHo6OO1OGY2ngCggAc8
>Hm8kVNPcFPrPHWsjI8fOCXU=
>=pDkI
>-----END PGP SIGNATURE-----
>  
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20060214/a9e1eaeb/attachment.html>


More information about the Standards mailing list