On Fri, Feb 19, 2010 at 12:46 PM, ara.t.howard <[email protected]> wrote:
> > ?? why is everyone so defensive here? What you call "defensive," others might call "proud of their work" or, in some cases, "more aware of the issues." You need to be aware that in a group like this, you're talking directly to a large number of people who have many years (or decades) of experience in this space. Any protocol you insult or criticize is likely to have been the result of someone on this list spending years of their life to make it happen. In a forum like this, if you want to insult something, try to stick to "facts." Try to focus on providing substance (i.e. light) not just heat. > i've run xmpp servers in production and they > absolutely suck compared to running just about > any http server. doesn't everyone know this? Then your server sucks. That doesn't have anything to do with the XMPP protocol itself. The XMPP server that *I* use is a dream! The thing handles millions of connections and amazing amounts of traffic... Sorry, it is not open source at the moment -- but you can use that same server by writing your code on Google's AppEngine... (with only a "few lines of code...") Google's XMPP server should demonstrate that writing a good XMPP server is certainly possible. The XMPP protocol doesn't prevent it. bob wyman On Fri, Feb 19, 2010 at 12:46 PM, ara.t.howard <[email protected]>wrote: > > The ability to spoof will be made even harder once Salmon's "magic > > signatures" become broadly used (and they will be because they are so > > fantastically simple to implement!). > > > interesting - and very simple. +1 > . > <snip> > > > > This is not "tangentially" > > addressing the issue. This is making a fundamental architectural change > in > > the nature of the relationship between senders and receivers. > >> - the spam thing is a red herring, no actual > >> security is built into the system. > > Re-read my comment above and re-read the specifications of PSHB and > related > > protocols. In this claim, you are simply wrong. A recipient-controlled > > routing system is inherently more resistant to spam than a > sender-controlled > > system is. > > > i get it. it is much more difficult. > > time will tell though: i'm simply observing that the money is in the > hands of the spammers and that only time will tell if, once > successful, one system is really far superior to the other. i remain > unconvinced that smart (-er than me) well funded people won't find > simple ways to rig the system quickly, which is why signatures are so > important. > > > >> i wouldn't wish xmpp integration on anyone. > > Beware... This sort of cheap, toss-off comment makes it look like you > might > > not be as familiar with the issues as you probably would like people to > > believe... > > > ?? why is everyone so defensive here? > > > i've run xmpp servers in production and they absolutely suck compared > to running just about any http server. doesn't everyone know this? > > -- > -a > -- > be kind whenever possible... it is always possible - h.h. the 14th dalai > lama >
