[hot_gril]

One big goal of XMPP was federated messaging (compare to email), and I'm not really seeing it. At best I'm seeing companies building on top of it, resulting in something hardly resembling the open version. Companies are benefitting from XMPP's freedom to build their own platforms, but that freedom isn't being passed onto end users in the vast majority of cases. Because XMPP, with its amorphous nature, doesn't stand up well enough as a product on its own.

XMPP has succeeded in its other stated goals of being highly extensible and useful for derivative work, but I think that's in spite of the protocol. There are just a lot of solid implementations out there, like ejabberd (which afaik WhatsApp originally started on, and I worked with it in a startup).

[jhugo]

> One big goal of XMPP was federated messaging (compare to email), and I'm not really seeing it. At best I'm seeing companies building on top of it, resulting in something hardly resembling the open version. Companies are benefitting from XMPP's freedom to build their own platforms, but that freedom isn't being passed onto end users in the vast majority of cases. Because XMPP, with its amorphous nature, doesn't stand up well enough as a product on its own.

XMPP is a protocol, not a product, so it's not surprising that it doesn't stand up as a product on its own. If someone can come up with a compelling federated messaging product, it's likely that they would base the technical part on XMPP, because virtually all of the protocol work is done, and it's much more elegant and easier to build upon than something like Matrix.

But that's not a protocol problem. The reasons why we still don't have good open federated messaging have absolutely nothing to do with the protocol used for that messaging. They're probably quite similar to the reasons why federation in email has regressed over the last 40 years, from personal/company mail servers back to massive centralisation in the likes of Gmail, despite the protocol remaining exactly the same.

[hot_gril]

> XMPP is a protocol, not a product, so it's not surprising that it doesn't stand up as a product on its own.

It does have an intended use case, and more opinionation could have improved its chances of achieving that.

> federation in email has regressed over the last 40 years, from personal/company mail servers back to massive centralisation in the likes of Gmail, despite the protocol remaining exactly the same

Protocol not changing is a problem. Email is so outdated nowadays that you're way better off using Gmail for its added security, especially within a company so everything stays within Gmail. IIRC email has changed a bit, but the new security features haven't been uniformly adopted like with HTTPS, so it's too much of a mixed bag.

[jhugo]

> Protocol not changing is a problem. Email is so outdated nowadays that you're way better off using Gmail for its added security, especially within a company so everything stays within Gmail. IIRC email has changed a bit, but the new security features haven't been uniformly adopted like with HTTPS, so it's too much of a mixed bag.

I've been self-hosting email for ~20 years. The new security features have close to 100% adoption in the real world, especially since most people are using one of the massive centralised email systems, all of which implement all the new security features.

The protocol not changing is not a problem. SMTP is as fit for purpose now as it was 40 years ago, and has been truly decentralised since the very beginning. The protocol is not the cause of the centralisation trend, neither in email nor in IM.

[hot_gril]

> The new security features have close to 100% adoption in the real world, especially since most people are using one of the massive centralised email systems, all of which implement all the new security features.

Well that's the thing, if they were self-hosting or using smaller providers, they probably wouldn't all have the new features. And I'm surprised emails from your server aren't being filtered out as spam going into Gmail inboxes.

An open protocol success story is HTTPS. Nearly everyone is forced onto fully-compliant new versions, and self-hosting is more viable than ever.

[jhugo]

> Well that's the thing, if they were self-hosting or using smaller providers, they probably wouldn't all have the new features.

They are really not difficult to implement. Like, 10% extra effort on top of deploying a mail server gets you all the modern security features. They are really not relevant in the question of whether someone self-hosts or not.

> And I'm surprised emails from your server aren't being filtered out as spam going into Gmail inboxes.

Implementing modern SMTP security features helps with that, and keeping the same server for a long time. In the first year or two my mail used to occasionally get sent to spam (but that was also before several of the modern security features existed), but once your IP has been sending mail for two decades and has never sent a single spam message, you tend not to have a problem with reputation.

> An open protocol success story is HTTPS. Nearly everyone is forced onto fully-compliant new versions, and self-hosting is more viable than ever.

Notably, the decentralisation mechanism for HTTPS and SMTP is identical, and the transport security mechanism is identical. The effort to self-host mail is higher, but that would be completely solved by a modern 'plug & play' mail server implementation. Once again, the protocol is not the issue here at all.