Trouble in IMland

morton@dennisinter.com morton@dennisinter.com
Tue, 15 Jan 2002 12:25:13 -0500


It seems to me that the great unspoken issue with IM is firewalls, which =
force all communiations to go through third parties.

The fact that a large proportion of users are 'protected' from receiving =
incoming connections is a huge centralising force on the internet, and =
one which makes IM protocol developers jump through all kinds of hoops =
to deal with bulk traffic. If users could directly connect to each =
other, then centralised servers would only be needed for naming and =
presence information.

I dont know if you ever took a look at TriangleBoy from SafeWeb, but it =
seemed to me that they had the kernel of an interesting idea; that is, =
to enable the direct connection between two parties via an intermediary =
that handled only the signalling part of the traffic between the two =
comminicating parties. Their protocol was one-way, it enabled http =
requests to be made of sites nominally blocked by filtering software. =
You connected to the intermidiary and made your request, the =
intermediary forwarded the request to the desitination with the return =
address spoofed to be the original requester. In this way only the =
requests and ACKs needed to be handled by the intermediary.

>From a security standpoint, I dont see a whole lot of difference between =
two consenting parties directly communicating and two consenting parties =
communicating via an intermediary. I am not a security expert, however.

I do wonder if perhaps there might not be some firewall friendly =
mechanism by which an intermediary can facilitate the direct connection =
of two firewall protected parties. Neither party can recieve a =
connection, but both can initiate connections. Maybe the intermediary =
can facilitate this direct connection in a similar way to that of =
TriangleBoy.

Im no expert in TCP, UDP or whatever, but perhaps someone on this list =
is and can think of a way to do this.


----------------------------------------------------
Damien Morton, Technical Director, Dennis Interactive

"Why is the moon more important than the sun?"
"Because we need the light more at night!"
-- Nasredin
=20

> -----Original Message-----
> From: Stephen D. Williams [mailto:sdw@lig.net]
> Sent: Monday, January 14, 2002 10:39 PM
> To: jbone@jump.net
> Cc: fork@xent.com
> Subject: Re: Trouble in IMland
>=20
>=20
> > And the protocol wars grind on and on...  my commentary?  SIP
> > was a bad idea then, and it's still a bad idea --- catchy
> > evolved acronym notwithstanding.
>=20
> I participated in IMPP for over two years...  I always argued=20
> against SIP,
> and against RFC822/IETF Old School, and yea, even against HTTP based
> IM/Presence.  The only faction that was close to what I=20
> wanted was BXXP
> (Beep), et al.  (And Jabber, but that's another story.)
>=20
> I always pushed to support single (outgoing) TCP connections, in-band
> multimedia traffic, extensibility and scalability (nested XML=20
> everywhere),
> etc.  Before you complain about XML, I was (and am) planning to use my
> binary structured XML (bsXML) standard as a standard=20
> alternative to text XML.
>=20
> Remember, I was working on a hush-hush (Ha!) startup, had=20
> written all of
> Buddylist 1.X at AOL, and had created and built a project=20
> called Instant
> Images at AOL that was a high volume, scalable video=20
> conferencing add-on to
> IM.  I did all this in 95-97, long before Yahoo's recent=20
> realtime imaging
> addon to IM.
>=20
> The SIP guys just insisted that they had multimedia all=20
> figured out, and in
> fact I don't see much on the mailing list that backs up the=20
> article.  I do
> however agree with the sentiment.
>=20
> That said, it's obvious that SIP has great foothold because=20
> of the taming of
> VOIP and traditional (H.324, etc.) videoconferencing.  The=20
> SIP guys just
> couldn't get the fact that it was unacceptable to be without=20
> a normal mode
> that tunneled everything through an outgoing TCP connection. =20
> Firewalls and
> NAT routers block more or less anything but outgoing TCP=20
> connections for
> large segments of Internet users.  Nobody liked the huge SIP=20
> standards docs
> either.
>=20
> I'll find a way to play in the IM/Presence space, but now it's pure
> guerilla, open source, lean and mean.
>=20
> >    http://www.nwfusion.com/news/2002/0114instantmessaging.html
> >
> > jb
>=20
> sdw
> --=20
> sdw@lig.net http://sdw.st
> Stephen D. Williams
> 43392 Wayside Cir,Ashburn,VA 20147-4622 703-724-0118W=20
> 703-995-0407Fax Dec2001
>=20
>=20
>=20
>=20
> http://xent.com/mailman/listinfo/fork
>=20