On 11 Nov 2015, at 10:58, Dave Cridland <[email protected]> wrote: > > > > On 11 November 2015 at 10:19, Kevin Smith <[email protected]> wrote: > On 11 Nov 2015, at 10:06, Tomasz Sterna <[email protected]> wrote: > > Dnia 2015-11-10, wto o godzinie 17:10 -0600, Sam Whited pisze: > >>> What do you suggest to replace it with? > >> > >> I suggest we replace it with nothing. > > > > Closing the network is not the answer. > > People need a way of joining the network. > > There is a world of difference between ‘closing the network’ and ‘not having > a single, unprotected mechanism for registration that turns a server into an > open relay’. > > > I think I'm largely sympathetic to Tomasz's concerns here. IBR, for all its > flaws, does provide a relatively good onboarding process, albeit the user > starts by knowing what server they want. Removing this makes that much more > painful.
I’d agree on the ‘relatively good’, I’m not so sold on ‘much more painful’. Back before it was closed off, web-based registration on jabber.org wasn’t something that users were complaining was too hard (that I remember seeing, anyway). I’m certainly sympathetic to a stance of ‘we want it to be easy to get people onboard’. > > > If we deprecate the existing widely deployed standards, people will > > come up with own ways of doing things. > > Yes. Account registration is obviously needed in practical terms. Whether > it’s needed to be standardised is another matter. > > > I think it probably does. We want a user to get from a standing start to > having their client configured with a new account as seamlessly as possible. > I suspect this means we need a simple mechanism for locating and registering > on servers, and then some sane guidance on how to verify those accounts in > some way prior to full activation. I’m not sold on why we need IBR for onboarding. Both the web and email seem to manage to onboard without having an equivalent. > I have no idea what all this means in detail, but it might even mean we keep > '77 and simply don't allow them to send messages initially, until they've > verified their email address by clicking on a link, or whatever. I think that this might be an idea that works technically (although I don’t think IBR describes all the starttls etc. requirements properly, which makes it a bit of a liability), but that given the extensive deployment of vulnerable IBR and the abuse that goes with it, it’s not clear to me how we would sensibly keep it while protecting the network. We could bump the namespace, fix the TLS issues, describe how to not to it badly etc. in 77, but would we then be in a better position technically than obsoleting 77 and publishing something new? Obsoleting 77 sends a clear message that what we have now is, in deployment, broken, and I think that message needs to be sent. > > I'm afraid this will lead to further fragmentation of the network. > > This is one of the few cases where not having a single, exploitable mechanism > is a good thing. > > Not entirely convinced that a single *exploitable* mechanism is ever a good > thing… Yes, the emphasis you’re placing was intended in the original. /K
