Tox.im

"Łukasz \"Cyber Killer\" Korpalski" cyberkiller8 at gmail.com
Tue Jul 8 22:30:56 PDT 2014


W dniu 08.07.2014 22:31, Lodewijk andré de la porte pisze:
> 2014-07-08 21:53 GMT+02:00 Dāvis Mosāns <davispuh at gmail.com
> <mailto:davispuh at gmail.com>>:
> 
>     Also what about NUL bytes? I bet most parsers are implemented in

(---snip the technical discussion about a new protocol---)

> secure enough against those attacks?

Stop right there...

It's really nice that so many of you got into the spirit and start
thinking about how to change xmpp to make it something new, but what are
you achieving here? It will end up being a new protocol, incompatible
with existing xmpp, it will take a few years to finish the spec, then
another 10+ years until any meaningful applications start using it (if
at all)... So yeah, except being "coder porn" it does nothing to help
the problem here and now.

I agree that xmpp is not perfect, it has some problems of its own, but
it is an already established and widely used and standard protocol, with
lots of implementations. From a practical point of view the best course
of action to get something fast is to use it, and put whatever new stuff
there is needed inside xmpp, keeping it compatible with the existing spec.

A technically pretty proto won't help, today’s world has a huge problem
with taking anything new. Better to stay with existing stuff, make it
maybe less efficient because of it, but it will be here fast, when it's
needed. Plus being less efficient is a no issue today, with fast
machines (you can use compression on the fly, yes really :-P ), loads of
storage, broadband connections (even the 3G data caps are getting larger
and larger each year), etc. People are sending gigabytes of binary files
in base64 each day in email messages, so why even care? ;-)

In my opinion the bottom line is - a small addition to existing xmpp has
a far larger chance of being widely adopted (by applications and by the
users) than a completely new protocol. And despite how awesome coder one
might be - you won't be able to write all those implementations yourself
or convince the masses to switch (again!).

-- 
Łukasz "Cyber Killer" Korpalski

mail: cyberkiller8 at gmail.com
xmpp: cyber_killer at jabster.pl
site: http://website.cybkil.cu.cc
gpgkey: 0x72511999 @ hkp://keys.gnupg.net

//When replying to my e-mail, kindly please
//write your message below the quoted text.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140709/c942c78a/attachment-0001.sig>


More information about the cypherpunks mailing list