Federated instant messenger with easy access control?

I am in an association which has ~50 channels and has evolved into a mess of four or five protocols.

  • IRC: where everything is relayed/bridged/transported to and there is GroupServ which allows creating groups that can be granted access in channel and thus single command can give someone channel operator permissions in 44 channels that the association ops group manages.
  • Telegram: where I recently left entirely days before they finally introduced transferring ownership, which is a mess, because the groups know nothing about each other and there is simply no way to manage them easily.
  • Discord: where I also left recently and which is surprisingly good with the roles it has allowing association to be managed reasonably, however it has no idea how the permissions go in IRC.
  • Matrix, which requires us to beg a third party to give some of us PL100 in the group due to a bug from 2017 which doesn’t seem to be a priority to anyone and the rooms have no idea on each other so ~50 rooms easily have desynced permissions some belonging to dead accounts and I don’t know how to manage it.
  • XMPP which a few people are using unofficially through third party Biboumi instances and doesn’t bring additional complexity as Biboumi doesn’t merge XMPP users together showing everyone a different channel and if you are kicked from IRC, you won’t see what another user sees.

Are there any protocols that succeed access control as well as IRC which I honestly think to be the least bad due to GroupServ (which I have heard to be needing love from Atheme IRC services)? Am I misjudging Matrix and XMPP as being incapable of bringing ~50 rooms/MUCs under easy control by a central admin/op team? Does anyone think about this on federated messaging side?

At times I think focusing so much on instant messaging was a mistake, there are just specific cases where it works which are short lived communications mostly on where people are physically and how to find each other there, but this is difficult to change.

It seems that this isn’t a big priority for federated social media apps either as Mastodon and Pleroma are yet to bring option of allowing multiple people to use the same organisational account without sharing the password/2FA token to it.

1 Like

I decided to go asking around and these are summaries or copy-pastes of responses I received, I hope this forum may see more people discussing these and other solutions:

  • Matrix: I am suggested having a bot to own the groups and manage everything through it.
    • which I find pointless as in IRC GroupServ exists and this is a native feature in Slack which is another thing Riot wants to kill. However the only one responding to me was an IRC user.
  • XMPP: This is entirely doable without a new XEP, but no one seems to have needed it before. I would just either need to create a easy server module to expose administration features through adhoc commands OR “just write a plugin for prosody or ejabberd, that adds a jid to some muc member list table”, “to execute this method we have already working mechanisms like ad hoc commands, where servers offer administration features” OR similarly to Matrix create a bot and mark it as server owner so under Ejabberd and Prosody it would automagically be owner in each MUC.
  • The Grid: Planned, but may be funky to handle.

I guess it’s also worth mentioning that I think Keybase currently does this kind of access control, while it’s not federated (yet?).

GNU Jami is a p2p messenger with voice and video capabillties - group conferences are a planned feature

to be clear, this is better than federated for many reasons - not the least of which is that no one needs to operate a server 24/7

group conferences will most likely be invite-only; so: access control

I tried out Gnu Jami, but as with all the serverless stuff it simply didn’t feel so reliable. The same with Tox. A good thing with tox is, that you can change a part of your id, if it gets abused. You don’t loos you existing contacts by doing so.

Here are my experiences with Tox in English an German language:


1 Like

But when you invite someone bad or someone turns bad, I think it will go badly and isn’t suitable for bigger groups?

for one thing, that feature doesnt exist so i dont know exactly how it will work - what i can say is that the topic is asking about an instant messenger, not a permanent chat room - the idea of conferences is that they are private and they do not need to be permanent - you simply create one each time whenever it is actually needed for a real-time conversation, and you invite whoever is to participate in that conversation on that day

a permanent chat room is only useful if you want it to be public access, so anyone can join at any time without invitation - asynchronous discussions, when everyone can not be online at the same time, are better on a mailing list or web forum