[Standards] e2e privacy for XMPP Re: RFC 3923 (e2e with S/MIME) and OpenPGP

Carlo v. Loesch CvL at mail.symlynX.com
Tue Nov 19 23:30:54 UTC 2013

Oh.. I didn't receive some of the messages.. probably originating
from Andreas.. strange. Again a multi-reply to avoid clogging the
mailing list:

On Tue, Nov 19, 2013 at 01:27:29PM -0700, Peter Saint-Andre wrote:
> Hi Carlo!
> I need to spend some quality time with your long message, but I don't
> have time for that right now. One quick point...

lol! Hi Peter, was a pleasure meeting you this summer.

> As you might remember, the original Jabber community was focused on
> code but also on defining and documenting an open protocol. There were
> no corporate interests pushing agendas (although some of the jabberd
> developers had some support from Webb Interactive Services), just
> coders making sure that clients and servers could interoperate.

The stuff I wrote wasn't specifically addressed, especially not
at early Jabber. I know well that it was all created with best
intentions. I wasn't happy about the choice of a document syntax
for a messaging protocol, but the only thing I *really* complained
about was the lack of providing a distribution strategy for larger
recipient groups. I was just echoing basic things any IRC developer
knows concerning multicast, but the Jabber community didn't believe
the problem exists. So even today it's a problem to have more than
a hundred friends on a federated XMPP network, then try to do social
networking with them. The more time passed, the harder it got to
tackle the problem, because by then there were companies earning
money by selling scalable XMPP server solutions - a federation that
actually scales properly would be detrimental to their business.

Even if this maybe isn't how it actually went, it is a reason more
why having corporations in the mix is bad for freedom. They can have
an interest in blocking technologies from getting better, and they
might be getting away with it by smart rhethoric and convincing
representatives. This time however they are putting our civil liberties
at risk, so we need to prioritize. Companies should be *users* of the
Internet, not *owners.* But currently they are owning the majority of us.
Again I'm not talking about the small players on this mailing list
working to bring some earnings back home.

> I think we need three things: open source, open standards, and an open
> community. In fact I wrote an article about it way back in 2003:

Back in 2003 I probably agreed, but by now I understand what Richard
Stallman says when he's against "open" and underlines the necessity
of "free." I need no open source, no open standards, no open community.
I want free software, free hardware and a free community. May sound
similar but the political differences are actually big and the
repercussions are being felt since June.

> But these days the threat model has changed and I think we need to go
> beyond merely "open" to "trusted". Yes, trust is a slippery concept,
> but in my mind it's connected to things like hardware (e.g., PNRGs),
> build processes, transparency of releases, community governance,
> software that does what the user intends and no more, etc. This is
> something bigger than any particular technology, so this list might
> not be the best place to discuss it. Maybe a blog post or new
> discussion venue is in order...

You just described what #youbroketheinternet is about.

Somebody wrote:
>> In case others are not yet aware: #youbroketheinternet is not only
>> explicitly opposed to federation but not even interested in
>> interoperability with federated communication networks.

This reminds me of a word that I learned on this list years ago.. "snarky"
I presume it is Mr Kuckartz writing, correct? For some odd reason I didn't
get this mail.

Anyway - it's a question of user expectation. You can't tell your
grandpa that this is the first software that actually implements your
constitutional right of secrecy of correspondence.. unless you add a
friend via XMPP that happens to have her account on Google. It's too
complicated. If you want to talk to people on Google use whatever tools
you want to use - don't mix it up with a system that is supposed to
give you completely different degree of privacy - and uses completely
different technology to achieve that - so there is no technological
advantage in supporting XMPP or SMTP anyway. It would be an add-on that
breaks user expectations. No good.

But if you look at the http://youbroketheinternet.org/map you can see
several federation technologies in the upper right corner. Why? Because
their expertise at designing web interfaces for social networking is
still very welcome. We just need to replace the networking engine
underneath. Hey, it even mentions Buddycloud. They just need to see
that XMPP is not the future neither for the necessary privacy nor for
the necessary scalability to achieve what they intend to achieve: be
a serious competition to Facebook.

On 11/19/2013 08:56 PM, Philipp Hancke wrote:
> There is the hypothesis that any federated network tends to cluster
> around a number of large nodes. E.g. for XMPP this would be gmail,
> jabber.org, jabber.ccc.de (applause to their efforts on making
> themselves unreliable!), ...

I don't think it's their fault if the entire hacker community currently
uses OTR on a single point of failure because it is safer than having
XMPP federation in-between.

> Interdomain federation is hard, especially delivering the same user
> experience as between users on the same domain.


On 11/19/2013 09:04 PM, Hannes Tschofenig wrote:
> What you end up having is silos that typically consist of proprietary
> technology with limited usability for the wider Internet user community.

RetroShare isn't exactly a silo. Everyone has her own node.
Also Bitmessage, Pond, Cables, Susimail, Nightweb, Syndie.

Actually Skype operated quite similarly in the first years until it
was bought by ebay. And of course it doesn't really count since it's
closed source - but they pioneered the DHT architecture for something
else but file sharing.

Looks like you are not familiar with the power of the DHT concept.
It's a gamechanger. It replaces DNS, X.509 and the necessity to organize
things in a federation instead of among equal peers. You can still have
a server backbone, but it doesn't need to know anything about you...

I was a proponent of the federation concept from 1990 up to ~2007. PSYC
had an url-based federation strategy for addressing since 1995 - back then
the idea was revolutionary compared to IRC which is oligarchic, not
federated. Around 2007 I started understanding the power behind Tor,
GNUnet and co. It actually took me years to fully grasp it - so deep is
the paradigm shift. Only the DHT can withstand the dominance of the cloud -
federation can't (and anyone who thinks federation and the cloud are working
together has accepted that federation isn't functioning properly - there should
be no large clouds of ownership by single companies).

> The benefits of XMPP are interoperability, the open standards process,
> and the large number of XMPP providers you can choose from. If you don't
> like one located in the US then pick it from some other country. If
> don't like any of them setup your own.

You list things that I don't see as being beneficial. I already explained
why interoperability and standards aren't helpful to deal with the current
challenge to our intimacy. The idea of having to choose a provider is
terrible. You should be able to be a free participant by yourself, the way
you can, thanks to DHT technology. And the idea that choosing another provider
keeps your data away from the evil ones is illusory since all your friends
are either on Google or Facebook. I probably thought the same way a decade
ago, but now I know it is all wrong. Or rather.. back then I didn't realize
there was a better solution to the problem.

On 11/19/2013 09:12 PM, Peter Saint-Andre wrote:
> On 11/19/13 12:56 PM, Philipp Hancke wrote:
>> There is the hypothesis that any federated network tends to
>> cluster around a number of large nodes. E.g. for XMPP this would be
>> gmail, jabber.org, jabber.ccc.de (applause to their efforts on
>> making themselves unreliable!), ...
> This is true even of unfederated networks (Facebook, Twitter,
> LinkedIn, Skype, the current crop of cool new mobile chat apps). My
> hypothesis: human beings are herd animals and prefer to flock together
> in large numbers. "Are you on hot-new-service-X?" It's much easier to
> think and act that way than to strike out on your own.

No, I think it's in a wrong assumption of the federation principle,
that you can trust your university, your company or your boyfriend
better. Most people don't have any reason to trust anyone, so they
pick what is likely to have the least interest in them personally - that's
usually a large silo offering. See also http://secushare.org/federation

The solution to the dilemma is to give them a software in their hands
that does everything by itself in a fully distributed manner. No need
to choose a server. No centralization effects.

> Some argue that this is all a waste of time and that it would be more
> productive to start again (as Carlo says, redesign the entire stack).

Sorry if you catch me nodding here. And believe me it wasn't easy to
give up a marvellous piece of federation technology such as the psyced
server - but it no longer satisfies MY needs for digital intimacy.

I still use it, as in my eyes it's the least bad, and fippo still works
on its cutting edge XMPP S2S capabilities (thank you!) - but I really want
to be on a different planet with a distributed untraceable unlinkable
authority-free communication system. And it is no longer sci-fi. The
prototypes are already out there.

> I have a great deal of sympathy with that attitude, and I do think
> that eventually we'll need to replace a lot of what we have now (even
> at the physical and link layers, e.g., more open hardware, wireless
> mesh links instead of centralized ISPs). But this is going to take a
> long time, and until we have more of that built out IMHO we need to do
> what we can to better secure the current generation of federated
> technologies.

The problem is that I hear 90% of the people say something like this...
that is there are 90% working to maintain the status quo and only 10%
working on getting the new solutions off the ground.... of a 100% of
people that are sufficiently competent to do anything at all...

At a point in time when the new solutions only need 10% of the work to get
started compared to the 90% of work it takes to maintain the old things.
And the news remind us daily of the reasons why we should act instead
of spending time on insufficient tools.

But history repeats itself. When the first cars were developed, 90% of
the engineers where probably focused on refining the efficiency of horse

> Let the conversation continue... :-)


On 11/19/2013 09:42 PM, Philipp Hancke wrote:
> Yeah, http://vimeo.com/77257232 talks about that -- and the lack of open
> products.

Oh yeah, Aral is great. Don't always agree with the conseguences but
I love his analysis.

> I do think that webrtc gives us a good chance to move the baseline
> experience from basic IM + presence to rich federation. And heck, we've
> got some movement here ;-)

I think WebRTC is just the Web 3.0 - it's the same hype we had back when
AJAX was introduced. AJAX would make the entire web super interactive..
which it *did* .. and yet the way it is used the most is as a surveillance
system built into Facebook.

WebRTC *does* allow every website to do all kinds of funky P2P things, but
as long as there is no DHT technology in the mix, servers get to decide
who you are and if you are allowed to have an end-to-end encrypted exchange
with somebody else. And for the majority of users that server will have Google
in its domain name. In five or so years we'll hate WebRTC because it killed
the last remaining reasons for people to install custom software, so they can
fully give up on privacy and have Faceboogle manage ALL of their computing needs.

Let's hope I'm wrong this time.

More information about the Standards mailing list