> Whereas Matrix ensures that there is only ever one way of doing a given operation at any point
I trust you that you mean what you say, but I wonder what an implementation would look like (from a user-perspective), that supports something like OpenPGP -> OTR -> Ratchet. I mean, upgrading security over time is mandatory and when I remember how it evolved for XMPP I clearly do not want an implementation that still has all the draw-backs that OTR had.
So I agree that XMPP is lacking some good governance, but I don't see the rivaling XEPs necessarily as the core problem, as many of them had quite some time between the drafts. The bigger issue is that many clients don't have enough developer momentum, so that XEPs that were drafted like 5 years ago are not implemented yet.
Regarding implementation bugs: I know XMPP has the compliance suite, but I feel like it doesn't catch bugs and is more of a basic testing for feature compatibility. Does Matrix have some kind of test suite, that simulates physical disconnects, package loss and the likes for testing real client and server implementations? I know that would not be an easy feat, but I wonder what the best way would be to build something like that, to improve the quality of the existing implementations.
OpenPGP could mean XEP-0374 which is newer than OTR. But XEP-0374 went from experimental to deferred 3 years ago. It isn't really competing with OMEMO.
XEP-0374 is very fresh compared to other PGP-related extensions. Just to give an example, 'XEP-0027: Current Jabber OpenPGP Usage' became active in 2002.
If it is competing with OMEMO or not might be a separate discussion, but both can be used to utilize E2E encryption of messages.
XEP-0027 became officially obsolete in 2014. I'm giving them the benefit of the doubt they didn't mean anyone has to think about XEP-0027 in 2021. They implied they could break compatibility some day. So I think they're talking about not having 2 current standards. How they see a transition working is still a good question though.
I trust you that you mean what you say, but I wonder what an implementation would look like (from a user-perspective), that supports something like OpenPGP -> OTR -> Ratchet. I mean, upgrading security over time is mandatory and when I remember how it evolved for XMPP I clearly do not want an implementation that still has all the draw-backs that OTR had.
So I agree that XMPP is lacking some good governance, but I don't see the rivaling XEPs necessarily as the core problem, as many of them had quite some time between the drafts. The bigger issue is that many clients don't have enough developer momentum, so that XEPs that were drafted like 5 years ago are not implemented yet.
Regarding implementation bugs: I know XMPP has the compliance suite, but I feel like it doesn't catch bugs and is more of a basic testing for feature compatibility. Does Matrix have some kind of test suite, that simulates physical disconnects, package loss and the likes for testing real client and server implementations? I know that would not be an easy feat, but I wonder what the best way would be to build something like that, to improve the quality of the existing implementations.