chefmonkey! I'm so glad to see you back in the FUD seat. I remember an earlier thread by you in which you FUD'ed about Jabber. I imagine you were one of the people mentioned in Pete Resnick's summary as somebody who was voiced "opposition to this work was based on fear of taking in an outside (non-IETF originated) effort or on allowing competition to existing efforts." In fact, your support of SIMPLE on the basis that it had commercial support AOL is obviously pointless now.
It is interesting to note that the Jabber.com open source license [jabber.org] specifically mentions, for example, that "No patent license is granted separate from the Licensed Product", implying that the open-source implementation available from Jabber.com (to which people are contributing) is, in fact, covered by patents owned by Jabber.com.
Jabber, Inc. does not provide an open source implementation of the server. And if you are referring to the server software provided by Jabber.org, it is currently dual licensed under both JOSL and GPL. In fact, the next version of the software (which is basically a complete rewrite) will probably be licensed under GPL only. The only code that Jabber, Inc. releases under the JOSL has been written in house, and are generally libraries developed in order to speed development for Jabber-related projects... if you're worried about license issues, you can simply choose not to use them. AFAIK, the only server-side component that has been released by Jabber, Inc. into open source was developed in-house, and iss the Server Connection Manager (SCM) which uses a protocol that is documented in the protocol specifications.
And just to wave my Jabber flag a little higher, here's one last quote from Pete Resnick's summary of the BOF:
In summary, I think there are enough people willing to work on this in the IETF, that it is of sufficient technical merit, and that people seem willing to implement and use the protocol, that I would recommend the IESG consider this as a working group. I think the room being stuffed with folks opposed to this work on political grounds does nothing to change that opinion.
Maybe you should have ended your last post with the line, "Not very comforting, from a SIMPLE perspective."
anybody else notice that slashdot posting vs. real articles have a lot of inconsistent information? maybe always the way, but it seems worse than it used to be to me.
from/.
Each hair is the width of two human hairs...
from Salon:
Geckos have millions of microscopic hairs on the bottoms of their feet that are narrower than human hairs...
You sort of missed the point of my original post. The point is, Jabber was designed with server-to-server traffic in mind, and it works. And its not some huge difficult stone to break. It just takes willingness to break it. AOL doesn't want to open their network, they would risk losing users to other IM systems/clients and not have as much control.
As for their not being momentum, perhaps you should educate your friends. Most of my friends switched shortly after I told them and have been happy ever since. Most of them love the fact that they have a (foul word coming -- at least from big business perspective) choice in the clients and servers they use. The fact that AOL has sabotaged Jabber's attempts to interoperate haven't affected me at all, all of my friends prefer Jaber not they they've used it, and I only need to use one light weight client -- as opposed to a dirty/heavy/buggy hack (read: Trillian).
I have a client that doesn't crash on me two to three times a day, and always keeps me connected to my IM network... do you?
Man. I sure wish chefmonkey was around to see this. He was touting how SIMPLE was the answer to the problem of interop only a few weeks ago. And not, AOL's not even going to play along. Guess he'll have to find a new party line.
From the Jabber from, you have a new push in the IETF, a *working* server-to-server implementation, and multiple competing implementations. (1, 2, 3)
What is the protocol lacking again? As I recall, there were some security concerns, but these issues are being dealt on, including integrating SASL support into the protocol. So why aren't people using this? There is a lot of momentum behind Jabber right now, and I think it'd be silly if companies didn't at least consider it as a solution.
If you're curious, you can always Jabber me. My JID is rynok@jabber.com. Add me to your roster and ask me any questions you like. I can't promise I'll have all the answers, but I'll certainly do my best.
This, of course, has been dealt with. Its called SSL. I'm not sure what the problem is here. Anybody who's so concerned with security will install an SSL enabled server, that doesn't allow plaintext passwords.
Actually, I would be more surprised to find clients that don't support hashing of passwords. As somebody who has had considerable experience administrating and setting up various Jabber servers, I can tell you that it is safe to disable plain-text passwords (in fact, I have in the past) and still have fun client abilities through the most useful Windows and *nix clients.
While public servers may not implement this, I would be surprised if most enterprise server do not.
Slashdot Mirror
Exodus is my personal favorite. Clean interface that is similar to most email clients.
You sort of missed the point of my original post. The point is, Jabber was designed with server-to-server traffic in mind, and it works. And its not some huge difficult stone to break. It just takes willingness to break it. AOL doesn't want to open their network, they would risk losing users to other IM systems/clients and not have as much control.
As for their not being momentum, perhaps you should educate your friends. Most of my friends switched shortly after I told them and have been happy ever since. Most of them love the fact that they have a (foul word coming -- at least from big business perspective) choice in the clients and servers they use. The fact that AOL has sabotaged Jabber's attempts to interoperate haven't affected me at all, all of my friends prefer Jaber not they they've used it, and I only need to use one light weight client -- as opposed to a dirty/heavy/buggy hack (read: Trillian).
I have a client that doesn't crash on me two to three times a day, and always keeps me connected to my IM network... do you?
Man. I sure wish chefmonkey was around to see this. He was touting how SIMPLE was the answer to the problem of interop only a few weeks ago. And not, AOL's not even going to play along. Guess he'll have to find a new party line.
From the Jabber from, you have a new push in the IETF, a *working* server-to-server implementation, and multiple competing implementations. (1, 2, 3)
What is the protocol lacking again? As I recall, there were some security concerns, but these issues are being dealt on, including integrating SASL support into the protocol. So why aren't people using this? There is a lot of momentum behind Jabber right now, and I think it'd be silly if companies didn't at least consider it as a solution.
If you're curious, you can always Jabber me. My JID is rynok@jabber.com. Add me to your roster and ask me any questions you like. I can't promise I'll have all the answers, but I'll certainly do my best.
This, of course, has been dealt with. Its called SSL. I'm not sure what the problem is here. Anybody who's so concerned with security will install an SSL enabled server, that doesn't allow plaintext passwords.
Actually, I would be more surprised to find clients that don't support hashing of passwords. As somebody who has had considerable experience administrating and setting up various Jabber servers, I can tell you that it is safe to disable plain-text passwords (in fact, I have in the past) and still have fun client abilities through the most useful Windows and *nix clients.
While public servers may not implement this, I would be surprised if most enterprise server do not.