Viewing a single comment thread. View all comments

3

md_ wrote

Non-federated protocol: you only have to ban one IP

Federated protocol: you have to keep banning IPs

Non-federated protocol: your mobile phone number, which is associated with your real name, is your ID

Federated protocol: your account on a server is your ID


I don't see how is non-federated better. Best case scenario, they are equally bad.

2

quandyalaterreux wrote

Federated protocol: you have to keep banning IPs

That's something very easy for censors. I mean just look at the Tor Project's bridge distribution, even though there are loads of non-public bridges, China is able to keep up and block virtually all of them. But, domain fronting works in China.

Non-federated protocol: your mobile phone number, which is associated with your real name, is your ID

Federated protocol: your account on a server is your ID

I agree, a phone number isn't the best thing, but a federated protocol is worse since you're giving more metadata by associating your account with a particular instance (e.g. user@domain.com).

I don't see how is non-federated better. Best case scenario, they are equally bad.

I think Moxie did a pretty convincing case against it: https://signal.org/blog/the-ecosystem-is-moving/

1

md_ wrote

I linked to that post already, I am familiar with it, and I am not convinced that centralisation is desirable.

but a federated protocol is worse since you're giving more metadata by associating your account with a particular instance (e.g. user@domain.com).

I'm not sure why you keep bring that up as a grave issue. The one aspect of XMPP that is a privacy concern is how the roster is maintained by default.