Re: The ecosystem is moving

[Dave Cridland <dave@cridland.net>]

On 13 May 2016 at 17:57, Martin Rex <mrex@sap.com> wrote:

> Phillip Hallam-Baker wrote:
> >
> > Moxie has never really been interested in the standards game. He just
> likes
> > doing code.
> >
> > If we want this to be really open, we have to put our own proposal on the
> > table.
> >
> > I am currently trying to do just that.
>
>
> IMO, Moxie points to a number of real problems, but I think his
> conclusions about the causes are wrong.
>
>
I agree.


> The two most important things that engineers (professionals and amateurs)
> get wrong are:
>   - failure to provide smooth interop with installed base
>   - failure to take usability into account, how does a novice
>     user get started?
>
>
I agree, though I dispute the fact that XMPP has failed on the first.


> Jabber (which allegedly uses XMPP) is a royal PITA.
> It is possible to participate IETF Meetings remotely via Jabber,
> and the IETF operates a jabber server, but that crappy server
> refuses to let you in (provide a login/user account for you).
> How to get a user account to join?  Well that's a black magic art
> that is explained nowhere (at leat this was the situation
> a while ago and for more than a decade).
>
> I got myself an "jabber account" somewhere else, but at some point,
> I got a "warning" that I would soon no longer be able to login to
> that account, because my client software didn't support TLS.
>
> Well, getting a jabber client _with_ support for TLS turned out to
> be another royal PITA, because it wasn't available for my old Linux
> distro, and compiling it my self would have required to obtain and
> compile at least three dozen other libs and toolkits it depends upon,
> and what my existing Linux distro had was "too old".
>
>
The XMPP community switched to recommending mandatory TLS as a whole just
under two years ago, in no small part due to the issues discussed at length
within the IETF.

This doesn't represent a protocol change but a deployment one, and we
switched after extensively examining the usage of existing, popular servers.


> I only wanted to join IETF meetings remotely, and they're public anyways,
> so I was just fine without TLS and my old client, but the XMPP freaks
> running this stuff seemed to be fiercly determined of breaking backwards
> compatibility just for the fun of it, giving a shit about their users,
> similar to the developers of the newer client software, which gave a shit
> about compiling the client software on a 5 year old linux distro.
>
>
I think "freak" is presumably some kind compliment I'm misunderstanding,
but I'm unaware of any XMPP client which doesn't support TLS. I might have
to get a t-shirt made up with "XMPP freak" on it, though.


>
> There things that WhatsApp achieved in a straightforward and
> user friendly manner:
>
>    - signing up as a new user is *EASY*
>
>
Yes, I agree that onboarding is difficult. We've made it more, not less, so
in recent years by trying to avoid a growing spam problem, and this has
hurt usability.

But onboarding is difficult with email, too.


>    - getting the newest of their client software for a 5+ year old
>      Android (e.g. Android 4.1) is no more difficult that getting
>      it for bleeding edge OS releases
>
>
Conversations, Yaxim? Both available in Google Play, although I'm only
aware of Yaxim running back to 2.1; Conversations might require something
more modern.


>    - Interoperability with installed base was not impaired when
>      rolling out the encryption-enabled clients
>
>
There's actually no way to upgrade a set of arbitrary clients to mandatory
channel encryption unless you only have one client and you control it
absolutely. This is one of the points Moxie was driving at, and he's quite
right in this.

That said, I think the XMPP community did pretty well - a series of four
test days spanning four months, with a large number of client and server
developers. I appreciate you were caught out by this; I'm afraid that's a
penalty of running an open source desktop that I share; sometimes you find
yourself having to compile your own software when you weren't expecting it.
But the vast, vast majority of users probably didn't even notice.


> For these three issues, Jabber is a complete and utter failure.
>

Thanks, and I appreciate your work too.

By the way, if there's someone from Google here, can you please kill the
broken XMPP system you're running which is causing vast user confusion.

Dave.