[Standards] Easy XMPP

Dave Cridland dave at cridland.net
Tue Jan 17 17:01:47 UTC 2017

On 17 January 2017 at 15:31, Sam Whited <sam at samwhited.com> wrote:
> On Mon, Jan 16, 2017 at 10:05 PM, Peter Saint-Andre <stpeter at stpeter.im> wrote:
>>> And if your business plan doesn't involve federation, why bother with
>>> the additional overhead and complexity?
> I don't have a good answer for this, but it's worth asking why most
> email and phone / SMS providers federate. Is it just because there are
> laws saying they have to (in the case of the telephone network), or
> because a critical mass was formed that expected to be able to call
> anyone else regardless of the network before the phone companies /
> email providers realized they could avoid the overhead and trap people
> by not doing so? I'm not sure. I've always assumed email became the
> primary identity provider for the internet because it was federated,
> cashing in on that kind of popularity

Pretty much the latter.

There were plenty of email systems, and some had the kind of
percentages of the market that would make Facebook drool with envy -
CompuServ, for instance, had a global reach and a vast market share.

But they were all forced to federate (via SMTP), since to do otherwise
meant their users would go elsewhere for other email, and who wanted
to run multiple email programs?

> In general I agree though; there are some business plans where
> federation makes sense, and others where it doesn't. In general it
> doesn't make a lot of sense in the enterprise case (although even
> there we [HipChat] get requests quite often to allow eg. contractors
> to chat with people without having access to the organizations account
> or without having to have users for them in the organizations LDAP,
> SAML, or other identity provider). I personally think federation is
> the best way to accomplish this and keep everyone on separate security
> domains, but still allow them to chat. The usual disclaimers apply:
> views are my own, etc., etc.

Well, I think you've hit the nail on the head there - federation is
needed to communicate between autonomous security domains. If the
domains are not federated, then either they do not communicate or else
they are not autonomous.

>> Although I like federation, I'm no longer convinced that it is necessary for
>> most people. For example, in services like Slack and Hipchat everything is
>> room-based, and that fits well with MUC/MIX. But authorization for someone
>> to join a room happens via means other than server-to-server federation
>> (e.g., set up a private room and invite the external person to that room
>> directly). Yes, this kind of workaround isn't exactly elegant, but it mostly
>> works for most people.
> I tend to think of this the way I think of email or telephones
> (again). In my mind most people do need federation (everyone would be
> angry if they were a Deutsche Telekom subscriber and suddenly they
> couldn't call their friends who used AT&T), but a few people (a
> company with a private, internal phone network) maybe don't need it
> because it's not necessary for their business (just like most people
> who use HipChat or Slack may not need federation since only people in
> their business should be able to talk to one aonther). But I think
> we're saying the same thing and just disagreeing where the majority
> lies?
> —Sam
> _______________________________________________
> Standards mailing list
> Info: https://mail.jabber.org/mailman/listinfo/standards
> Unsubscribe: Standards-unsubscribe at xmpp.org
> _______________________________________________

More information about the Standards mailing list