[linux-elitists] IM servers for Linux
David L. Sifry
Tue Jan 7 18:02:03 PST 2003
On Tue, 2003-01-07 at 15:36, Rick Moen wrote:
> If the requirement for end-to-end strong crypto wasn't anticipated
> during Jabber design, I can only ask: What _were_ they thinking? It's
> not like it was a 1975 project.
I'd say that they were focusing on building something simple that
worked, and keeping it extensible. Not a bad goal for an distributed
open source project.
Using XML in and of itself was a hugely smart move. How many projects
get started that create difficult-to-extend protocols?
As for strong crypto, it is not an easy thing to do, and as we all know,
doing crypto right is really hard from both a technology and social
perspective, and usually requires flexibility/trust/security tradeoffs
as part of the design. This is one reason why user-friendly secure
email systems remain a cloud on the horizon, for example.
One of the cool things about the Jabber protocol is that is is really
easy to implement it on the client side - which makes it really handy
for small footprint devices like cellphones and pdas. It means that you
can do the simple insecure thing if that's what you're looking for, and
you can fit it on a tiny bit of flash. You can keep the big machinery
on the backend. Not a perfect solution, but fit-for-task, and if you
want a client with more features like gpg encrypting/signing messages or
TLS for the transport layer, you can use a heavier client.
Anyway, I think it is a rational decision on their part. I've been able
to implement a complete Linux build with 2.4.18 kernel, iptables, DHCP
server, SNMP server, web server, Jabber client, busybox, and a bunch of
other goodies in under 1.5MB of flash and 8MB of RAM and there's no way
I'd be able to do that with gpg or OpenSSL laying around.
> David L. Sifry
> GPG Key: http://www.sifry.com/david/key.html
> Key Fingerprint: 7E60 4EDE EB5F AA2D 2F25 8CD3 FE17 C4F8 BDE8 D1B0
More information about the linux-elitists