Slashdot Mirror

The headline is a little misleading. This isn't a working group to create some new standard for interoperability. This is a working group to evaluate and possibly improve Jabber's protocol.

In other words, this new group will ensure that Jabber's existing protocol is secure and has good support for localization. But it has nothing to do with AIM/ICQ, Yahoo Messanger, or anything like that. You can use XMPP today - it's called Jabber (and it's pretty cool).

Of course jabber servers communicate with each others. But they also communicate with the other IM system, as soon as transports for the given IM system are installed on the server you will be connected to. See this list of available servers and the transport they support.

IM makes sense for telephone independent dating and sceduling. Like Clan matches or teamcommunication ("Could you send me testmail to me@mynewmailserver.net. Thanks.")
And for that, in the Clan and with my friends, I'm willing to go into the lobbying for the best IM standard out there:
Jabber.
Why is it the best?
1. Decentralized structure.
2. No AOL/TW, NSA, CIA, Bundesverfassungsschutz (german bad-ass agency) or [fill in your favorite big brother here] in control or in watch over the system.
3. Fully Asymmetric crypto capable. Ergo: Absolutely no NSA, CIA, etc...
4. No spam.

No way am I ever gonna use a proprietary protocol for chatting. .cdr for vectorgraphics is just about all that I can take.

• Open Protocol with open specifications, XML everywhere :)
• Easily extended protocol.
• Server side everything, including contact lists.
• A multitude of clients, for windows, Linux, and other OS's
• Server side Transports so you can talk to people on other networks as if they were normal jabber members. This even includes ICQ's ability to send SMS's. Transports exist for at least ICQ,MSN,Yahoo,AIM,IRC,SMTP, I even wrote a transport to talk to my Wiki.
• A simple client protocol that can be easily implemented on simple devices (Cellphones etc), most of the hardwork is done on the servers.
• Conferencing, multiuser chat.
• Lotsa other stuff I don't use.

• The Jabber Software Foundation
• Jabber Studio - A sourceforge like site for jabber projects.
• Jabber Inc - A company making money on working on Jabber solutions for other companies.
• Gabber - a (very nice IMHO) GTK client for Jabber.
• Psi - a Jabber client for the KDE people.

I guess I made the false assumption that everyone already knows what Jabber is, yet aren't using it. That was actually very stupid of me, considering what I was arguing :)

Jabber is an open IM system, which uses an XML-based protocol for interconnecting servers and clients. Your Jabber ID (or JID) is in the form "user@host", obviously following in the footsteps of other common internet protocols (most notably email, but also ftp, http, etc). Jabber also supports SSL in the core protocol.

Because the protocol is open, there are numerous server and client implementations, all designed to interoperate. Anyone can run a server, and there is no such thing as an "official client" (that would be as absurd as an official email client). The world of Jabber is much more friendly than that of closed IM, as the Jabber Software Foundation encourages developer participation.

Let the linking commence!

Jabber Software Foundation - The "JSF" handles all of the core protocol decision-making. There are members, council, and an enhancement proposal system. The website is also a nice hub for information, as there are links to guides, programming info, client software, server software, public server lists, etc. Start here.

Some nice clients:
Psi* - powerful and minimal cross-platform Jabber client (Windows/Mac/Unix), looking like Licq.
Gabber - a full featured GNOME Jabber client.
Exodus - a very featureful Windows client. Has a strange UI in my opinion, but lots of people like it.
Gaim - mentioned 100 times already in the comments area. This program is nice because it natively supports AIM (and other protocols), which can make your transition to Jabber easier.

Other areas of interest:
User guide - a good read for newbies.
jabberd - home of the popular open source jabber server.
Jabberd Admin guide - Read this if you want to run your own server.
Jogger - a Jabber-based blog.

*Note - I am the author of Psi. Please forgive the plug :)

I guess I made the false assumption that everyone already knows what Jabber is, yet aren't using it. That was actually very stupid of me, considering what I was arguing :)

Jabber is an open IM system, which uses an XML-based protocol for interconnecting servers and clients. Your Jabber ID (or JID) is in the form "user@host", obviously following in the footsteps of other common internet protocols (most notably email, but also ftp, http, etc). Jabber also supports SSL in the core protocol.

Because the protocol is open, there are numerous server and client implementations, all designed to interoperate. Anyone can run a server, and there is no such thing as an "official client" (that would be as absurd as an official email client). The world of Jabber is much more friendly than that of closed IM, as the Jabber Software Foundation encourages developer participation.

Let the linking commence!

Jabber Software Foundation - The "JSF" handles all of the core protocol decision-making. There are members, council, and an enhancement proposal system. The website is also a nice hub for information, as there are links to guides, programming info, client software, server software, public server lists, etc. Start here.

Some nice clients:
Psi* - powerful and minimal cross-platform Jabber client (Windows/Mac/Unix), looking like Licq.
Gabber - a full featured GNOME Jabber client.
Exodus - a very featureful Windows client. Has a strange UI in my opinion, but lots of people like it.
Gaim - mentioned 100 times already in the comments area. This program is nice because it natively supports AIM (and other protocols), which can make your transition to Jabber easier.

Other areas of interest:
User guide - a good read for newbies.
jabberd - home of the popular open source jabber server.
Jabberd Admin guide - Read this if you want to run your own server.
Jogger - a Jabber-based blog.

*Note - I am the author of Psi. Please forgive the plug :)

I guess I made the false assumption that everyone already knows what Jabber is, yet aren't using it. That was actually very stupid of me, considering what I was arguing :)

Jabber is an open IM system, which uses an XML-based protocol for interconnecting servers and clients. Your Jabber ID (or JID) is in the form "user@host", obviously following in the footsteps of other common internet protocols (most notably email, but also ftp, http, etc). Jabber also supports SSL in the core protocol.

Because the protocol is open, there are numerous server and client implementations, all designed to interoperate. Anyone can run a server, and there is no such thing as an "official client" (that would be as absurd as an official email client). The world of Jabber is much more friendly than that of closed IM, as the Jabber Software Foundation encourages developer participation.

Let the linking commence!

Jabber Software Foundation - The "JSF" handles all of the core protocol decision-making. There are members, council, and an enhancement proposal system. The website is also a nice hub for information, as there are links to guides, programming info, client software, server software, public server lists, etc. Start here.

Some nice clients:
Psi* - powerful and minimal cross-platform Jabber client (Windows/Mac/Unix), looking like Licq.
Gabber - a full featured GNOME Jabber client.
Exodus - a very featureful Windows client. Has a strange UI in my opinion, but lots of people like it.
Gaim - mentioned 100 times already in the comments area. This program is nice because it natively supports AIM (and other protocols), which can make your transition to Jabber easier.

Other areas of interest:
User guide - a good read for newbies.
jabberd - home of the popular open source jabber server.
Jabberd Admin guide - Read this if you want to run your own server.
Jogger - a Jabber-based blog.

*Note - I am the author of Psi. Please forgive the plug :)

I guess I made the false assumption that everyone already knows what Jabber is, yet aren't using it. That was actually very stupid of me, considering what I was arguing :)

Jabber is an open IM system, which uses an XML-based protocol for interconnecting servers and clients. Your Jabber ID (or JID) is in the form "user@host", obviously following in the footsteps of other common internet protocols (most notably email, but also ftp, http, etc). Jabber also supports SSL in the core protocol.

Because the protocol is open, there are numerous server and client implementations, all designed to interoperate. Anyone can run a server, and there is no such thing as an "official client" (that would be as absurd as an official email client). The world of Jabber is much more friendly than that of closed IM, as the Jabber Software Foundation encourages developer participation.

Let the linking commence!

Jabber Software Foundation - The "JSF" handles all of the core protocol decision-making. There are members, council, and an enhancement proposal system. The website is also a nice hub for information, as there are links to guides, programming info, client software, server software, public server lists, etc. Start here.

Some nice clients:
Psi* - powerful and minimal cross-platform Jabber client (Windows/Mac/Unix), looking like Licq.
Gabber - a full featured GNOME Jabber client.
Exodus - a very featureful Windows client. Has a strange UI in my opinion, but lots of people like it.
Gaim - mentioned 100 times already in the comments area. This program is nice because it natively supports AIM (and other protocols), which can make your transition to Jabber easier.

Other areas of interest:
User guide - a good read for newbies.
jabberd - home of the popular open source jabber server.
Jabberd Admin guide - Read this if you want to run your own server.
Jogger - a Jabber-based blog.

*Note - I am the author of Psi. Please forgive the plug :)

After your inspiring speach about Jabber. You never really tell us exactly what it is, or provide a link for more info. A link wold be nice. We like links.

I'll try to help. Here is Jabber's main page. The first thing you need to do is Grab a client My personal favourite is Psi, a crossplatform slim and slick client that I feel is better because I can opt to have incoming events as messages or chats (or just leave them as they came), opt to pop up the window, automatically show the message, or just flash in the tray (especially important when you type over 100WPM and someone messages you out of the blue), it's open source, I've created a few patches to help make the client better (IMO), and it's under active development. Psi also has a message/chat history (searchable) and supports multiple identities (online at the same time, in the same client) and Jabber itself features multiple instances of a particular Jabber User (home/work, etc.). Features coming up in Psi are groupchat (in 0.8.7, due out Very Soon Now), File Transfer (that works behind NAT, coming in 0.9), pluggable storage for history and prefs (SQL, etc.) and other leading-edge stuff for Jabber. Justin (the lead developer of Psi) seems to have a real knack for making a solid, stable client and pushing the envelope with the new Jabber feature drafts.

Oh yes, Psi also supports SSL (client--server) and there is a Jabber draft for SSL between servers, so your inane chatter is kept private with strong encryption. *cough*ICQ*cough*

Psi is a Qt app, but there are CLI clients, Perl module clients, GTK clients, Win32-only clients, Java clients, JScript clients... Hell there's even a Flash client. The protocol is completely open.

Perhaps one of the biggest assets to Jabber is that it is decentralized. There are many public servers, and you can set your own up (hell even Debian has packages for it!). [warning - the public servers link has a session-id, I don't know if it'll work for anyone else]

The biggest problem with Jabber is that it is still a little tricky for newbies to get in to -- there is no "download this, it registers you with one of the common servers" links (not that I'm aware of anyway), so you need someone to either set it up for you or point you off to a public server. A lot of the clients are crap (a common problem with OSS, I'm afraid). Sometimes the transports (gateways to other IM systems, like ICQ, AIM, Y!, etc.) don't work because the other systems find a common server and shut down access to their network from it, but if you run your own server or you are on a small server, you won't even blip on their radar.

I really like it. I used to be an ICQ-head (my UIN is just over 1-mil) but when they started throwing up ads and adding more and more crap to the client I bailed) and I couldn't find a decent Jabber client (one that didn't pop up messages and take focus, how F#%#^T#$'ing irritating!) for a while, but now I am a very happy Jabber user. Hell even my wife, mom and grandmother use it (seriously) -- it works great for computer-cautious people because of the simplicity.

After your inspiring speach about Jabber. You never really tell us exactly what it is, or provide a link for more info. A link wold be nice. We like links.

I'll try to help. Here is Jabber's main page. The first thing you need to do is Grab a client My personal favourite is Psi, a crossplatform slim and slick client that I feel is better because I can opt to have incoming events as messages or chats (or just leave them as they came), opt to pop up the window, automatically show the message, or just flash in the tray (especially important when you type over 100WPM and someone messages you out of the blue), it's open source, I've created a few patches to help make the client better (IMO), and it's under active development. Psi also has a message/chat history (searchable) and supports multiple identities (online at the same time, in the same client) and Jabber itself features multiple instances of a particular Jabber User (home/work, etc.). Features coming up in Psi are groupchat (in 0.8.7, due out Very Soon Now), File Transfer (that works behind NAT, coming in 0.9), pluggable storage for history and prefs (SQL, etc.) and other leading-edge stuff for Jabber. Justin (the lead developer of Psi) seems to have a real knack for making a solid, stable client and pushing the envelope with the new Jabber feature drafts.

Oh yes, Psi also supports SSL (client--server) and there is a Jabber draft for SSL between servers, so your inane chatter is kept private with strong encryption. *cough*ICQ*cough*

Psi is a Qt app, but there are CLI clients, Perl module clients, GTK clients, Win32-only clients, Java clients, JScript clients... Hell there's even a Flash client. The protocol is completely open.

Perhaps one of the biggest assets to Jabber is that it is decentralized. There are many public servers, and you can set your own up (hell even Debian has packages for it!). [warning - the public servers link has a session-id, I don't know if it'll work for anyone else]

The biggest problem with Jabber is that it is still a little tricky for newbies to get in to -- there is no "download this, it registers you with one of the common servers" links (not that I'm aware of anyway), so you need someone to either set it up for you or point you off to a public server. A lot of the clients are crap (a common problem with OSS, I'm afraid). Sometimes the transports (gateways to other IM systems, like ICQ, AIM, Y!, etc.) don't work because the other systems find a common server and shut down access to their network from it, but if you run your own server or you are on a small server, you won't even blip on their radar.

I really like it. I used to be an ICQ-head (my UIN is just over 1-mil) but when they started throwing up ads and adding more and more crap to the client I bailed) and I couldn't find a decent Jabber client (one that didn't pop up messages and take focus, how F#%#^T#$'ing irritating!) for a while, but now I am a very happy Jabber user. Hell even my wife, mom and grandmother use it (seriously) -- it works great for computer-cautious people because of the simplicity.

Don't forget about Kopete for us crazy KDE users. It's got the standard AIM, MSN, ICQ, and Yahoo, plus Jabber, Gadu-Gadu, and a plugin for using WinPopup messages.

Personally, though, I use Psi with Jabber.

Doh! Forgot to do the link right' so here are the important ones: The community side and the commercial side.

1. It'll get you aim connectivity transparently.
2. It's all XML, so it has an inherent structure to it that's very clear.
3. There are lots of library implementations, so you can program your stuff in perl, python, VB, java, C.. for windows, linux, mac... whatever you feel most comfortable with.
4. There are lots of people who know what they're doing, and are typically more then willing to help.

As per the subject -- the Jabber protocol has inherent UTF-8 support. You'll have to try the clients yourself to see which ones take advantage of it properly, but the protocol itself is most certainly non-language-specific.

If you're a windows user, miranda icq is very nice, tiny, and skinnable. If you're a linux user, no doubt you've heard of licq or Kit. And if you want something more than just icq, both Trillian (windows) and jabber (linux) are good alternatives to using the default icq bloated adware.

Watashi wa watashi.

Many open source Jabber clients are available, so maybe you can get your friends to use open source software with an open instant messaging protocol!

Personally, I use PSI when using Windows, but there are others out there that may be just as good. I do believe, though, that Psi is cross-platform, which may be a plus.

Not that you [cw]ould (necessarily) use Jabber as a means of storing and propagating a profile, but it might be a more appropriate model than Napster (anyone can host a Jabber server in front of, or behind a firewall, and the server is a single point designated by the Jabber address, much like an e-mail address).

Just thinking out loud here, but what might be nice is if everyone said, "Okay, we'll all use the Mozilla bookmarks format and the vCalendar and vCard standards, and we'll devise an (XML?) indexing format (telling a client where to find all the various files with the respective information) and make them accessable via WebDAV." Now all you have to do is convince every major client out there to use WebDAV, the new indexing format, vCalendar, vCard and the Mozilla bookmarks format.

Wait a minute...that sounds like it may be a job for an LDAP directory (which one can always host oneself if one doesn't like the availabe service providers). Most mailers already have some ability to interact with an LDAP server. Are there any standards for putting address/calendar/bookmark info in there? I know that's probably not what it was designed to do, but really, does that information change that often to be ill-suited for LDAP?

Sorry...just ranting about ideas here.... My point is that I know there's enough standards and protocols out there to meet this need without too much development. I'm sure there's just too much differing ideas about how to do it, so it hasn't been done yet.

>If you can't use the instant messenger client the service wants you to use and support them by viewing their ads, you should try setting up your own instant messaging service and paying for the bandwidth

Good Idea

>Fucking freeloader.

Fucking lazy bastard.

How does trillian combine the different IM services? is it like gaim which supports them all on the client side, or Jabber which tries to provide connections to other IM servers from the Jabber server?

"There has to be a business model where Microsoft and Yahoo and AOL get paid,"

I disagree. There doesn't have to be and there shouldn't be. The article mentions that IM should be like E-Mail. Well, Microsoft and Yahoo don't get paid just because some guy using a yahoo e-mail account e-mails someone using a hotmail account.

My advice to these "finanical" guys seeking standards - ignore it. The problem will solve itself in a matter of time. IM is too big of a thing to be contained within proprietary networks. As these all in one messenger programs like Trillian become the de-facto standard, companies like Microsoft, AOL, and Yahoo will have to give up their futile efforts of hording all their IM customers to themselves. Or better yet, if (when?) Jabber becomes the real standard, the corporations wont even have to worry about Microsoft or AOL anymore.

It is interesting to note that the Jabber.com open source license [jabber.org] specifically mentions, for example, that "No patent license is granted separate from the Licensed Product", implying that the open-source implementation available from Jabber.com (to which people are contributing) is, in fact, covered by patents owned by Jabber.com.

In summary, I think there are enough people willing to work on this in the IETF, that it is of sufficient technical merit, and that people seem willing to implement and use the protocol, that I would recommend the IESG consider this as a working group. I think the room being stuffed with folks opposed to this work on political grounds does nothing to change that opinion.

It is interesting to note that the Jabber.com open source license [jabber.org] specifically mentions, for example, that "No patent license is granted separate from the Licensed Product", implying that the open-source implementation available from Jabber.com (to which people are contributing) is, in fact, covered by patents owned by Jabber.com.

In summary, I think there are enough people willing to work on this in the IETF, that it is of sufficient technical merit, and that people seem willing to implement and use the protocol, that I would recommend the IESG consider this as a working group. I think the room being stuffed with folks opposed to this work on political grounds does nothing to change that opinion.

It is interesting to note that the Jabber.com open source license [jabber.org] specifically mentions, for example, that "No patent license is granted separate from the Licensed Product", implying that the open-source implementation available from Jabber.com (to which people are contributing) is, in fact, covered by patents owned by Jabber.com.

In summary, I think there are enough people willing to work on this in the IETF, that it is of sufficient technical merit, and that people seem willing to implement and use the protocol, that I would recommend the IESG consider this as a working group. I think the room being stuffed with folks opposed to this work on political grounds does nothing to change that opinion.

The simple fact -- and as Executive Director of the Jabber Software Foundation I have the in-depth knowledge to state this categorically -- is that there is no IPR on "things you will need to implement a Jabber server".

You and Joe Hildebrand need to get your story together, then. (Joe, for the other readers out there, is Jabber.com's Chief Architect, and a member of their senior management team). I was in the same room as Cullen and heard Joe make the exact statements to which Cullen is referring. By Joe's assertion, Jabber.com (not the Jabber Software Foundation) owns patent rights to Jabber-related technologies. The only reassurance that Joe gave during that discussion is that Jabber.com has not pursued anyone for patent infringements to date.

It is interesting to note that the Jabber.com open source license specifically mentions, for example, that "No patent license is granted separate from the Licensed Product", implying that the open-source implementation available from Jabber.com (to which people are contributing) is, in fact, covered by patents owned by Jabber.com.

Not very comforting, from an open-source perspective.

The allegation that Jabber, Inc. "has patents on stuff you need to implement jabber" is absurd and ill informed. Jabber, Inc. did not even exist when Jabber started, and because Jabber has kept everything in the public eye, and basically put the protocol in the public domain, it's near impossible for Jabber, Inc. to actually own any part of it. Yes, they own the trademark, but as stpeter pointed out it is being transferred to the JSF. It's also true that Jabber, Inc. has many commercial products, but the open source community has something equivalent to most of them.

As to their commitment to the open source community they have people such as myself and stpeter on their payroll that really only work on open source projects and tools. Neither of us have worked on any of the commercial projects in quite a long time.

Jabber Central (more pratical information on jabber)
Jabber Powered (an initiative to create products based on Jabber)
Jabber Studio (the development hub of the Jabber community)
Old Jabber documentation
Jabber FAQ
A nice overview of Jabber
Jogger (a jabber based weblog)
Jabber Python module
Unofficial Jabber user guide
Programming Perl(an O'Reilly book)

Jabber Central (more pratical information on jabber)
Jabber Powered (an initiative to create products based on Jabber)
Jabber Studio (the development hub of the Jabber community)
Old Jabber documentation
Jabber FAQ
A nice overview of Jabber
Jogger (a jabber based weblog)
Jabber Python module
Unofficial Jabber user guide
Programming Perl(an O'Reilly book)

Jabber Central (more pratical information on jabber)
Jabber Powered (an initiative to create products based on Jabber)
Jabber Studio (the development hub of the Jabber community)
Old Jabber documentation
Jabber FAQ
A nice overview of Jabber
Jogger (a jabber based weblog)
Jabber Python module
Unofficial Jabber user guide
Programming Perl(an O'Reilly book)

ibm does already sponsor jabber... http://www.jabber.org/sponsorship.html

if you are not impressed by JIM, why not pic one of the many others?
you could write your own -- it's not that out of reach, the protocol is easy to understand, and The Jabber Programmers Guide is actually a good read.

http://www.jabber.org/

- Benad

So they had to use talkd!

No they didn't! This is exactly the sort of thing that Jabber would have been perfect for. I'm not a Jabber freak or anything. Honestly, I think most of the Jabber hype is pretty stupid, most of the time. But, Jabber is practically made for things like this. Several operating systems, and you have (or want, or need...) your own network (and therefore your own server). This is where Jabber really shines.

Honestly, I'm surprised they didn't even think of it.

We're all glad HP backed down, but what scares me is that the "Responsible Disclosure" FUD continues. On Bugtraq people write that CERT and SecurtyFocus are "established parties" and everyone who does not give them their so-called "0days" is irresponsible (at least CERT is known to sell 0days). I personally won't give them my 0days early.

The "Responsible Disclosure" draft continues to get advertised, though it was not approved by the IETF .

Why do people think about giving away the right of free speech just because of some FUD?

Even in the unlikely case if this bad RFC passes, does it mean that that people are safer when they disclose problems - I definitely don't think so personally.

So the facts are: some companies can't write secure code, and it is more expensive to write code securely.

Just check "Help -> About" on Windows before using the word "responsibility".

The easiest solution is to shoot the messenger and to outlaw saying the emperor has no clothes. But this won't fix the problem in the real world. Such regulations will only alienate a lot of people and will make things worse.

Man. I sure wish chefmonkey was around to see this. He was touting how SIMPLE was the answer to the problem of interop only a few weeks ago. And not, AOL's not even going to play along. Guess he'll have to find a new party line.

From the Jabber from, you have a new push in the IETF, a *working* server-to-server implementation, and multiple competing implementations. (1, 2, 3)

What is the protocol lacking again? As I recall, there were some security concerns, but these issues are being dealt on, including integrating SASL support into the protocol. So why aren't people using this? There is a lot of momentum behind Jabber right now, and I think it'd be silly if companies didn't at least consider it as a solution.

If you're curious, you can always Jabber me. My JID is rynok@jabber.com. Add me to your roster and ask me any questions you like. I can't promise I'll have all the answers, but I'll certainly do my best.

Man. I sure wish chefmonkey was around to see this. He was touting how SIMPLE was the answer to the problem of interop only a few weeks ago. And not, AOL's not even going to play along. Guess he'll have to find a new party line.

From the Jabber from, you have a new push in the IETF, a *working* server-to-server implementation, and multiple competing implementations. (1, 2, 3)

What is the protocol lacking again? As I recall, there were some security concerns, but these issues are being dealt on, including integrating SASL support into the protocol. So why aren't people using this? There is a lot of momentum behind Jabber right now, and I think it'd be silly if companies didn't at least consider it as a solution.

If you're curious, you can always Jabber me. My JID is rynok@jabber.com. Add me to your roster and ask me any questions you like. I can't promise I'll have all the answers, but I'll certainly do my best.

Why do they put any effort in this? All they have to to is not block jabber.org, they'll iteroperat with most other IM'systems.
You folks that dont know what Jabber is, take a look at Jabber.org.
Its an opensource, XML based IM system. It has gateways to ICQ,AOL,IRC and others.
The thing is, AOL blocks jabber.org because they only want their users to use AOL messaging with their software.

It exists - Jabber.

True interoperability means having servers for rival systems directly communicate with one another.

It's funny how in the telephone network, the only way to survive is to be completely interoperable, but with instant messaging they're all afraid because it "means having servers for rival systems directly communicate". OMG!

If you really want interoperability, then support Jabber.

If you want Open Source politics, you might want to look at organizations like the
Apache (www.apache.org/foundation),
Gnome (foundation.gnome.org), and
Python (www.python.org/psf) Foundations.
I worked on the Jabber Software Foundation
(http://www.jabber.org/jsf.html) for a while. We developed special interest groups and and an enhancement proposal system based on similar things at Gnome and Python. There is a Jabber Council for which elections are currently underway that form a main decision-making body for Jabber. I put together a piece based on my experience advocating establishing an Open Corporation for your efforts. Still, benevelent dicatorship still has a lot to be said for it, though.

Hanging my head in shame, I'm one of those "still inventing his own application layer protocols". ASN.1 and RPC were also supposed to save me from doing this. Lately, I've found I've been implementing my own protocols using the concept of netstrings to suit my admittedly low-level needs better. Sadly, as XML and its derivatives mushroom in complexity, I find them less appealing.

The way Jabber is defined, it is subject to man-in-the-middle bid-down attacks. In particular, the fact that the Jabber "standard" specifies: "Typically a server is only going to support one of the three, a client should choose the most secure by default," anyone able to intercept messages can pare down the server's capability list to plain text, thus forcing the client to expose a plain-text password.

Further, because the security used is the weakest supported by either the client or the server, typical deployments still see a large number of passwords sent in the clear (put a sniffer on a segment near a Jabber server and you can verify this for yourself).

Jabber won't be free from this flaw until it deprecates plain-text passwords -- which will unfortunatly break backwards compatibilty. In short, this really is a major flaw that will be difficult for Jabber to recover from.

They feel they are the "inventors" and hence shouldn't have to let anyone else in on their network.

It's their network and their program, so they set the rules. If you don't like it, you can use one of the other instant messenger programs. If you really don't like it, then there's nothing stopping you from creating a server that uses the AIM protocol and hosting that on your server sucking up your bandwidth. Maybe, if you are creative enough, you'll make a better IM protocol. That's what the Jabber people did.

MSN and AOL are inferior, anyway. people who want to chat to people on both networks will just download decent clients like Jabber and do so.

If you were looking for a solution to the problem of how to gain the benefits of IM technologies without the time wasting aspects of external IM buddies (friends, spouses), you should set up a local Jabber server and port block the other services. (Great free server and clients, and a commercial support arm as well.)

I own a medium sized ISP near Microsoft in Redmond and we use Jabber intra-company all day long. Our technical support center is 50 miles North of our main office, so the techs, admins, accounting, and sales staff have found that it is much easier than trying to call each other, since they are always on the phone with customers.

• is Apple using Jabber to power this chat service (probably too much to hope for) or
• will there at least be a Jabber gateway that will allow @mac.com users to communicate with @jabber.org, @jabber.com, or @any.jabber.server??

By signing up with MSN and Yahoo, I've opened up channels to me from people who only use MSN or Yahoo. Believe it or not, there are people out there like that.

I believe it. I guess it comes down to a matter of tradeoff. Is it worth sacrificing possible communication with Yahoo users, in effort to stay away from Yahoo? When I decided to make the move to "just Jabber" a few months ago, I had to sacrifice over half of my contact list, most of which were AIM or ICQ users. I don't advise that people do this unless they are Jabber fanatics (of which I fit the bill :) ). Since then, my list has steadily grown in size, which is good to know.

I'd gladly campaign for moving my department over to Jabber, so we could have an internal server for it

I think this is Jabber's key to victory. Businesses who take IM seriously will want to keep all communication behind the firewall.

lacking AIM/ICQ support, I'd have a harder time selling it to my other coworkers who aren't fired up about it. (Who want to talk to their wife/aunt/father/whatever who are single IM client users). Jabber either needs to maintain that compatbility to take off, not just to "ease migration."

I don't agree. In fact, I think the transports have caused Jabber more trouble than anything else. First, they completely cloud the issue. People generally don't come to Jabber because it is the most advanced IM network. No, they come because of transports. Then, they proceed to enjoy the AOL IP ban placed on the popular servers, and they come to the conclusion that Jabber sucks. Ask anyone why they don't like Jabber, and they will say something about ICQ. I'm serious.

If Jabber was instead promoted as a "next gen" IM system _period_, then everyone would know what they are getting themselves into. This whole interoperation with AIM would not even be in the discussion. I think this would have also caused a lot more OSS people to try Jabber. Instead, most of them write it off as a Gaim-clone.

Check out this very interesting mail from JDEV on the subject of Jabber Advocacy. Be sure to read the quoted portions too, from Julian and Ashvil. Those are the best parts.

So the question remains: would the average single-IM client user want to start using Jabber also? Probably not. I think in order to win we're going to have to work from the inside out. I say we get all the business and OSS people using it first, then go from there.

-Justin

There's no need to "morph jabber into a middleware message router" -- it already is. The core of jabberd is an XML routing engine called EtherX, which is pretty cool stuff.

Basically, the Jabber instant messaging protocol is a bunch of messages that are routed across EtherX, much like TCP routes over IP. To make use of EtherX as middleware, just use libetherx, connect to an EtherX router (i.e. a Jabber server), and talk XML back and forth. The presence, authentication, and messaging aspects of Jabber are independent of routing.

Unfortunately, the user identification problem is complicated by the fact that there may be more than one person using a given IP address.

In fact, with Jabber, multiple IP addresses may be using the same username. Look into the concept of resources.

Does this mean Jabber is "worse is better?"

See for yourself.

I'll take a swipe at the conferencing stuff. Always wanted to learn java :)