this post was submitted on 16 Nov 2023
614 points (97.5% liked)

Technology

59674 readers
2947 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Tekchip@lemmy.world -2 points 1 year ago (1 children)
[–] u_tamtam@programming.dev 1 points 1 year ago (1 children)

So, what would be the appeal compared to XMPP?

[–] Tekchip@lemmy.world 1 points 1 year ago (1 children)

I will preface this with, I may be wrong, but as I understand it xmpp is just a protocol. One that, unless it's been revised, imparts no encryption at all. Signal, and Session, are full architectures that enable all of the afrementioned features from my initial post including server and client.

[–] u_tamtam@programming.dev 1 points 1 year ago (1 children)

Everything you might use relies on a protocol down the stack. XMPP happens to be the only one to date that is an internet standard (IETF), is extensible by design (past/present and future use-cases can be build into it, what makes it still relevant 25 years later), is federated (but not P2P, a good trade-off for mobile usage), has a diverse/multi-partite ecosystem of client and server implementers (sustainable and resilient), and is deployed successfully at scale (on billion of devices).

unless it’s been revised, imparts no encryption

Today's XMPP uses the same E2EE as Signal/WhatsApp/Matrix/… XMPP had end-to-end encryption 10 years before Signal was invented

[–] Tekchip@lemmy.world 1 points 1 year ago* (last edited 1 year ago) (1 children)

Sure, now which pre-existing piece of xmpp based software checks all the feature boxes as noted by both Signal adherents and myself regarding Session? Are you implying the lay user code their own? If that exists you could have just linked to it rather than engage in whatever this is.

[–] u_tamtam@programming.dev 1 points 1 year ago

Sure, now which pre-existing piece of xmpp based software checks all the feature boxes as noted by both Signal adherents and myself regarding Session?

All of those. Essentially you would have to go out of your way looking specifically for incompatible clients.

And "incompatible clients" is simply the natural state of any technology that's been around long-enough. The only way Signal fends itself from this is by mandating its own client and version (and banning anything else, technically or from its ToS) which is terrible for a bunch of reasons (you must agree with Signal's direction and whatever features they might decide to add and remove for your own good, you cannot use Signal on devices/platforms that Signal has no resources/interest to support, etc). If Session is in any way open, and assuming it ever becomes successful, it will face the same challenge (just like Matrix does).