"When people ask me what we're doing to drive standards, I tell them to go to hell", says James Barry, the new CTO for Jabber, Inc. But there's a twinkle in his voice as he adds the URL: " Hades.jabber.org/ietf". That's where Jabber.org has posted Jabber-rfc, an informational "working document", also known in IETF lingo as an "Internet-draft". RFC more commonly means Request For Comment. IETF is the Internet Engineering Task Force. The latest draft of the document, which runs 80 pages in text format, is dated February 12. In customary open-source fashion, the Jabber folks are exposing the process and inviting participation.
James Barry says this is already a "historical" document, for the simple reason that it's a public source of information to which anybody can easily refer. He also thinks it may be historic in another respect. "Not many open-source projects have made the effort to form standards", he says. "They rely on the code itself to do that. So this is a different approach. It's a great way to legitimize an open-source project. It's a forced rigor. We're documenting what we do to a high degree of accuracy and completeness, to fit the conventions of the IETF."
Jabber's standards are also less a matter of code than of protocol. Here's the abstract:
Jabber is a set of open, XML-based protocols for which there exist multiple implementations. These implementations have been used mainly to provide instant messaging and presence services that are currently deployed on thousands of domains worldwide and are accessed by millions of users daily. Because a standard description of the Jabber protocols is needed to describe this new traffic growing over the Internet, the current document defines the Jabber protocols as they exist today. In addition, this document describes, but does not address, the known deficiencies of the Jabber protocols, since these are being addressed through a variety of standards efforts.
The document is unsparing in its description of deficiencies. For example, "At present the Jabber protocols comply only with a subset of the XML namespace specification and do not offer the full flexibility of XML namespaces. In addition it would be beneficial for the Jabber protocols to enable additional types of availability through a properly namespaced sub-element of the <presence/> data type."
As with all open-source efforts, what needs to be done matters more than what's been done already.
Needless to say, James Barry and other members of the Jabber development community want the document to recruit development help. And since there's a lot of overlap between Jabber and Linux development, we're eager to hear more about the subject from Linux Journal readers as well. Here are three questions that quickly come to mind:
Should innovative open-source projects even bother with the standards process? (Others, such as Apache, don't.)
Does open source in some ways replace the standards process or render it irrelevant?
If not, are there better ways to participate?
Doc Searls is Senior Editor of Linux Journal. He is also a member of the Jabber Inc. Open Source Advisory Board.
Doc Searls is Senior Editor of Linux Journal
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- The Death of RoboVM
- Server Hardening
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- April 2016 Issue of Linux Journal
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- The US Government and Open-Source Software
- ACI Worldwide's UP Retail Payments
- Open-Source Project Secretly Funded by CIA
- Varnish Software's Hitch
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide