Sunday, December 15, 2013
xsf@muc.xmpp.org
December
Mon Tue Wed Thu Fri Sat Sun
            1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
         
XSF Discussion | Logs: http://logs.xmpp.org/xsf/ | Agenda https://trello.com/b/Dn6IQOu0/board-meetings

[00:10:31] *** SouL shows as "away" and his status message is "Dormint, durmiendo, sleeping."
[00:17:55] *** Lance has joined the room
[00:17:55] *** Lance shows as "online"
[00:37:55] *** Kev shows as "away"
[01:05:37] *** Lance has left the room
[01:13:08] *** stpeter has joined the room
[01:13:09] *** stpeter has left the room
[01:49:44] *** Lance has joined the room
[01:49:44] *** Lance shows as "online"
[01:52:07] *** Simon has joined the room
[01:52:07] *** Simon shows as "online"
[01:57:00] *** Simon shows as "online"
[02:02:02] *** Simon shows as "online"
[02:07:05] *** Simon shows as "online"
[02:12:07] *** Simon shows as "online"
[02:12:54] *** Simon shows as "away" and his status message is "Away"
[02:12:54] *** Simon shows as "away" and his status message is "Away"
[02:14:07] *** Simon shows as "online"
[02:14:07] *** Simon shows as "online"
[02:17:10] *** Simon shows as "online"
[02:20:48] *** stpeter has joined the room
[02:20:49] *** stpeter has left the room
[02:22:13] *** Simon shows as "online"
[02:24:41] *** Simon has left the room
[02:37:29] *** Lance has joined the room
[02:37:30] *** Lance shows as "online"
[03:16:44] *** tato has joined the room
[03:43:25] *** Lance shows as "away"
[04:07:07] *** Lance has left the room
[04:11:23] *** tato has left the room
[04:11:29] *** tato has joined the room
[05:01:41] *** tato shows as "away"
[05:10:30] *** Lance has joined the room
[05:10:31] *** Lance shows as "online"
[05:26:41] *** MattJ shows as "away"
[06:07:24] *** Lance has left the room
[06:51:08] *** Lance has joined the room
[06:51:09] *** Lance shows as "online"
[07:10:55] *** Lance has left the room
[07:11:55] *** waqas has left the room
[08:18:05] *** SouL shows as "online"
[08:50:46] *** Lance has joined the room
[08:50:46] *** Lance shows as "online"
[08:56:30] *** Lance shows as "away"
[09:06:04] *** Kev shows as "online"
[09:35:03] *** Simon has joined the room
[09:35:03] *** Simon shows as "online"
[09:35:03] *** Simon shows as "online"
[09:35:24] *** Simon shows as "online"
[09:40:26] *** Simon shows as "online"
[09:45:27] *** Simon shows as "online"
[09:48:19] *** SouL shows as "away" and his status message is "Auto Status (idle)"
[09:50:29] *** Simon shows as "online"
[09:55:31] *** Simon shows as "online"
[09:55:33] *** Simon shows as "online"
[09:55:33] *** Simon shows as "away" and his status message is "Away"
[09:55:33] *** Simon shows as "away" and his status message is "Away"
[09:55:49] *** Simon shows as "online"
[09:55:49] *** Simon shows as "online"
[09:56:25] *** Kev has left the room
[09:58:14] *** Simon shows as "away" and his status message is "Away"
[09:58:14] *** Simon shows as "away" and his status message is "Away"
[10:00:09] *** Simon has left the room
[10:02:43] *** Kev has joined the room
[10:02:43] *** Kev shows as "online"
[10:06:39] *** Simon has joined the room
[10:06:39] *** Simon shows as "online"
[10:06:39] *** Simon shows as "online"
[10:07:45] *** Simon shows as "away" and his status message is "Away"
[10:07:45] *** Simon shows as "away" and his status message is "Away"
[10:07:52] *** Simon shows as "away" and his status message is "Away"
[10:07:52] *** Simon shows as "online"
[10:07:52] *** Simon shows as "online"
[10:08:18] *** SouL shows as "xa" and his status message is "Auto Status (idle)"
[10:08:39] *** Simon shows as "online"
[10:09:05] *** SouL shows as "online"
[10:13:42] *** Simon shows as "online"
[10:16:21] *** Kev shows as "away"
[10:18:44] *** Simon shows as "online"
[10:23:46] *** Simon shows as "online"
[10:27:28] *** Kev shows as "online"
[10:28:49] *** Simon shows as "online"
[10:33:51] *** Simon shows as "online"
[10:38:53] *** Simon shows as "online"
[10:43:55] *** Simon shows as "online"
[10:48:57] *** Simon shows as "online"
[10:53:59] *** Simon shows as "online"
[10:59:01] *** Simon shows as "online"
[11:00:29] *** Alex has joined the room
[11:01:14] *** Simon shows as "away" and his status message is "Away"
[11:01:14] *** Simon shows as "away" and his status message is "Away"
[11:03:21] *** Simon shows as "online"
[11:03:21] *** Simon shows as "online"
[11:04:04] *** Simon shows as "online"
[11:09:06] *** Simon shows as "online"
[11:14:08] *** Simon shows as "online"
[11:19:10] *** Simon shows as "online"
[11:24:13] *** Simon shows as "online"
[11:29:16] *** Simon shows as "online"
[11:34:17] *** Simon shows as "online"
[11:39:20] *** Simon shows as "online"
[12:25:39] *** SouL shows as "away" and his status message is "Auto Status (idle)"
[12:28:32] *** SouL shows as "online"
[12:43:40] *** Simon has joined the room
[12:43:40] *** Simon shows as "online"
[12:43:40] *** Simon shows as "online"
[12:44:23] *** fsteinel has joined the room
[12:46:59] *** Simon shows as "online"
[12:47:00] *** Simon shows as "away" and his status message is "Away"
[12:47:00] *** Simon shows as "away" and his status message is "Away"
[12:47:21] *** Simon shows as "online"
[12:47:21] *** Simon shows as "online"
[12:48:41] *** Simon shows as "online"
[12:50:24] *** Alex shows as "away" and his status message is "Auto-Status (untätig)"
[12:52:11] *** Simon shows as "away" and his status message is "Away"
[12:52:11] *** Simon shows as "away" and his status message is "Away"
[12:53:43] *** Simon shows as "away" and his status message is "Away"
[12:54:05] *** Simon shows as "online"
[12:54:05] *** Simon shows as "online"
[12:58:22] *** Simon shows as "away" and his status message is "Away"
[12:58:22] *** Simon shows as "away" and his status message is "Away"
[12:58:31] *** Simon shows as "online"
[12:58:31] *** Simon shows as "online"
[12:58:39] *** Alex shows as "online"
[12:58:46] *** Simon shows as "online"
[13:03:05] *** tato has left the room
[13:03:49] *** Simon shows as "online"
[13:08:52] *** Simon shows as "online"
[13:13:55] *** Simon shows as "online"
[13:18:59] *** Simon shows as "online"
[13:19:42] *** Simon shows as "away" and his status message is "Away"
[13:19:42] *** Simon shows as "away" and his status message is "Away"
[13:20:14] *** Simon shows as "away" and his status message is "Away"
[13:20:14] *** Simon shows as "online"
[13:20:14] *** Simon shows as "online"
[13:22:34] *** Simon shows as "online"
[13:22:34] *** Simon shows as "away" and his status message is "Away"
[13:22:34] *** Simon shows as "away" and his status message is "Away"
[13:22:47] *** Simon shows as "away" and his status message is "Away"
[13:22:48] *** Simon shows as "online"
[13:22:48] *** Simon shows as "online"
[13:24:01] *** Simon shows as "online"
[13:29:05] *** Simon shows as "online"
[13:33:05] *** Simon shows as "away" and his status message is "Away"
[13:33:05] *** Simon shows as "away" and his status message is "Away"
[13:33:08] *** Simon shows as "online"
[13:33:08] *** Simon shows as "online"
[13:34:09] *** Simon shows as "online"
[13:34:45] *** Alex shows as "away" and his status message is "Auto-Status (untätig)"
[13:39:12] *** Simon shows as "online"
[13:44:11] *** Simon shows as "online"
[13:44:11] *** Simon shows as "away" and his status message is "Away"
[13:44:11] *** Simon shows as "away" and his status message is "Away"
[13:44:15] *** Simon shows as "away" and his status message is "Away"
[13:44:41] *** fsteinel has left the room
[13:44:47] *** Simon shows as "away" and his status message is "Away"
[13:44:48] *** Simon shows as "online"
[13:44:48] *** Simon shows as "online"
[13:45:49] *** Simon shows as "online"
[13:45:50] *** Simon shows as "away" and his status message is "Away"
[13:45:50] *** Simon shows as "away" and his status message is "Away"
[13:46:05] *** Simon shows as "online"
[13:46:05] *** Simon shows as "online"
[13:47:15] *** Simon shows as "online"
[13:47:16] *** Simon shows as "away" and his status message is "Away"
[13:47:16] *** Simon shows as "away" and his status message is "Away"
[13:49:11] *** Simon shows as "away" and his status message is "Away"
[13:49:11] *** Simon shows as "online"
[13:49:11] *** Simon shows as "online"
[13:49:19] *** Simon shows as "online"
[13:50:11] *** Simon shows as "away" and his status message is "Away"
[13:50:11] *** Simon shows as "away" and his status message is "Away"
[13:52:12] *** Simon has left the room
[13:54:20] *** Simon has joined the room
[13:54:20] *** Simon shows as "online"
[13:54:25] *** Simon shows as "online"
[13:54:46] *** Alex shows as "xa" and his status message is "Auto-Status (untätig)"
[13:57:02] *** Simon shows as "online"
[13:57:02] *** Simon shows as "away" and his status message is "Away"
[13:57:02] *** Simon shows as "away" and his status message is "Away"
[13:59:02] *** Simon shows as "away" and his status message is "Away"
[13:59:02] *** Simon shows as "online"
[13:59:02] *** Simon shows as "online"
[13:59:27] *** Simon shows as "online"
[14:01:09] *** Simon shows as "online"
[14:01:09] *** Simon shows as "away" and his status message is "Away"
[14:01:09] *** Simon shows as "away" and his status message is "Away"
[14:01:17] *** Simon shows as "away" and his status message is "Away"
[14:01:17] *** Simon shows as "online"
[14:01:18] *** Simon shows as "online"
[14:02:14] *** SouL shows as "away" and his status message is "Auto Status (idle)"
[14:02:27] *** Simon shows as "online"
[14:02:27] *** Simon shows as "away" and his status message is "Away"
[14:02:27] *** Simon shows as "away" and his status message is "Away"
[14:02:41] *** Simon shows as "away" and his status message is "Away"
[14:02:41] *** Simon shows as "online"
[14:02:41] *** Simon shows as "online"
[14:03:41] *** Simon shows as "online"
[14:03:41] *** Simon shows as "away" and his status message is "Away"
[14:03:41] *** Simon shows as "away" and his status message is "Away"
[14:03:58] *** Simon shows as "online"
[14:03:58] *** Simon shows as "online"
[14:04:30] *** Simon shows as "online"
[14:05:03] *** Simon shows as "online"
[14:05:03] *** Simon shows as "away" and his status message is "Away"
[14:05:03] *** Simon shows as "away" and his status message is "Away"
[14:05:30] *** Simon shows as "away" and his status message is "Away"
[14:05:30] *** Simon shows as "online"
[14:05:30] *** Simon shows as "online"
[14:09:33] *** Simon shows as "online"
[14:09:53] *** Simon shows as "online"
[14:09:54] *** Simon shows as "away" and his status message is "Away"
[14:09:54] *** Simon shows as "away" and his status message is "Away"
[14:09:58] *** Simon shows as "away" and his status message is "Away"
[14:09:59] *** Simon shows as "online"
[14:09:59] *** Simon shows as "online"
[14:10:12] *** MattJ shows as "online"
[14:14:36] *** Simon shows as "online"
[14:15:10] *** fippo has joined the room
[14:16:22] *** Alex shows as "online"
[14:19:39] *** Simon shows as "online"
[14:22:14] *** SouL shows as "xa" and his status message is "Auto Status (idle)"
[14:23:31] *** Simon shows as "online"
[14:23:31] *** Simon shows as "away" and his status message is "Away"
[14:23:32] *** Simon shows as "away" and his status message is "Away"
[14:24:41] *** Simon shows as "away" and his status message is "Away"
[14:25:21] *** Simon shows as "away" and his status message is "Away"
[14:25:22] *** Simon shows as "online"
[14:25:22] *** Simon shows as "online"
[14:26:50] *** Simon has left the room
[14:30:32] *** kevin. has joined the room
[14:31:40] *** Simon has joined the room
[14:31:40] *** Simon shows as "online"
[14:31:56] <kevin.> back, after a long time. 8)
[14:32:32] <Simon> Where were you Kevin?
[14:32:53] <Simon> oh not the Kev. There is more than one.
[14:33:35] <kevin.> There are two.
[14:34:24] <Kev> There's only one me, though.
[14:34:24] *** Simon shows as "online"
[14:35:32] <Simon> Kev, how's Doomsong's cert fixing going?
[14:36:05] <Simon> Or are you gunning for DNSSEC being widespread enough that you can drop it? :)
[14:36:09] <kevin.> yeah, only one kev smith. and i'm not that
[14:37:43] <Kev> Simon: I need to sort this out, thanks for reminding me
[14:37:46] *Kev puts into todo
[14:38:25] <Kev> Conveniently, I'm in the middle of capturing todos at the moment :)
[14:39:27] *** Simon shows as "online"
[14:41:17] <Simon> buddycloud.com/org just completed readiness for Jan 4th.
[14:44:29] *** Simon shows as "online"
[14:45:33] *** SouL shows as "online"
[14:48:20] *** Simon shows as "online"
[14:48:20] *** Simon shows as "away" and his status message is "Away"
[14:48:20] *** Simon shows as "away" and his status message is "Away"
[14:48:49] *** Simon shows as "away" and his status message is "Away"
[14:48:49] *** Simon shows as "online"
[14:48:49] *** Simon shows as "online"
[14:49:32] *** Simon shows as "online"
[14:51:30] *** Simon shows as "online"
[14:51:30] *** Simon shows as "away" and his status message is "Away"
[14:51:30] *** Simon shows as "away" and his status message is "Away"
[14:51:34] *** Simon shows as "away" and his status message is "Away"
[14:51:34] *** Simon shows as "online"
[14:51:34] *** Simon shows as "online"
[14:54:35] *** Simon shows as "online"
[14:55:59] *** Kev shows as "away"
[14:59:38] *** Simon shows as "online"
[15:04:41] *** Simon shows as "online"
[15:05:11] *** tato has joined the room
[15:08:16] *** kevin. has left the room
[15:09:44] *** Simon shows as "online"
[15:14:47] *** Simon shows as "online"
[15:19:50] *** Simon shows as "online"
[15:20:48] *** Simon shows as "online"
[15:20:49] *** Simon shows as "away" and his status message is "Away"
[15:20:49] *** Simon shows as "away" and his status message is "Away"
[15:20:52] *** Simon shows as "online"
[15:20:52] *** Simon shows as "online"
[15:24:00] <fippo> simon: post to operators@ instead
[15:24:47] <fippo> 91.5% of servers allowing starttls is good.
[15:24:53] *** Simon shows as "online"
[15:25:39] <Simon> fippo: will do in the future
[15:27:06] <Simon> MITM says "I'd rather not startTLS". So still MITM-able.
[15:27:33] <fippo> we're not going to stop being MITM-able in january.
[15:28:56] <Simon> agreed: 4th Jan will help us understand what breaks.
[15:29:04] <Simon> like the ipv6 days.
[15:29:21] <Simon> My point is that we have a benchmark and can see if we're increasing.
[15:29:48] <fippo> http://mail.jabber.org/pipermail/standards/2007-July/016086.html
[15:29:56] *** Simon shows as "online"
[15:30:01] <fippo> take that as comparison :-)
[15:30:53] <Simon> shocking…
[15:31:17] <Simon> makes the http cert world look pristine.
[15:31:45] *** tato has left the room
[15:33:00] <fippo> sure. nobody seemed to care back then
[15:34:36] <fippo> and your 8.5% figure is misleading. tls will typically be used when it's offered, so it's likely used on 91.5% of the connections
[15:34:54] <fippo> and 51% are most likely non-mitmable
[15:34:59] *** Simon shows as "online"
[15:35:16] <fippo> which is not bad
[15:36:09] <Simon> how many of that 8.5% are also doing certificate auth?
[15:36:59] <fippo> I don't think many people are requiring certificate auth
[15:37:14] <Simon> so still mitm-able then.
[15:37:20] <fippo> sure.
[15:37:39] <fippo> but manifesto is not about changing that
[15:38:19] <Simon> I'm going to log a check for that on https://bitbucket.org/xnyhps/xmppoke/issues?status=new&status=open
[15:39:37] <fippo> there is no safe way to tell if a remote server enforces your cert
[15:40:02] *** Simon shows as "online"
[15:42:31] <Simon> https://bitbucket.org/xnyhps/xmppoke/issue/12/test-for-invalid-certificates-certificate
[15:44:07] *** Simon shows as "online"
[15:44:07] *** Simon shows as "away" and his status message is "Away"
[15:44:07] *** Simon shows as "away" and his status message is "Away"
[15:45:05] *** Simon shows as "away" and his status message is "Away"
[16:08:16] *** stpeter has joined the room
[16:08:16] *** stpeter has left the room
[16:10:07] *** Simon has joined the room
[16:10:07] *** Simon shows as "online"
[16:11:40] *** Simon shows as "online"
[16:11:44] *** Simon has left the room
[16:12:01] *** Simon has joined the room
[16:12:01] *** Simon shows as "online"
[16:12:01] *** Simon shows as "online"
[16:14:50] *** SouL shows as "away" and his status message is "Auto Status (idle)"
[16:16:23] *** Alex shows as "away" and his status message is "Auto-Status (untätig)"
[16:16:50] *** Simon shows as "online"
[16:18:43] <fippo> simon: I like that ;-)
[16:20:11] *** SouL shows as "online"
[16:21:53] *** Simon shows as "online"
[16:23:08] <fippo> kev: just pushed updated jingle-grouping/jingle-sources :-)
[16:24:42] *** Alex shows as "online"
[16:26:23] *** Kev shows as "online"
[16:26:57] *** Simon shows as "online"
[16:27:24] <Kev> fippo: There is for C2S, mind.
[16:27:49] <Simon> kev: cert checking or Jingle?
[16:28:06] <Kev> A way to check that the other end's connection to you isn't MITMable.
[16:28:44] <Simon> yeah - imho this is important. (ref: one of DWD's speeches on certs and authenticity etc etc)
[16:29:04] <Kev> Simon: So, do you use -PLUS? :)
[16:29:14] <Kev> fippo: So, ready for a revote on Wednesday, then?
[16:29:14] <Simon> g+?
[16:29:22] <fippo> kev: yes please
[16:29:36] <Kev> Simon: No, SCRAM-SHA-1-PLUS.
[16:29:45] <Kev> That's the only way the server can check that the client's not going to be MITMd.
[16:30:00] <Simon> kev - yes.
[16:30:06] <Kev> And even that's not perfect.
[16:30:09] <Simon> I'm more concerned about s2s in this case.
[16:30:38] <fippo> kev: but that doesn't allow you to tell if the remote server is using your cert to auth either (actually, why would it request scram from you?)
[16:31:02] <Kev> fippo: -PLUS doesn't help with S2S, but it helps greatly with C2S.
[16:31:30] <Kev> But only if a client doesn't allow a downgrade to PLAIN.
[16:31:35] <Kev> Which ~=everyone does.
[16:32:00] *** Simon shows as "online"
[16:37:03] *** Simon shows as "online"
[16:39:22] *** Alex shows as "away" and his status message is "Auto-Status (untätig)"
[16:42:06] *** Simon shows as "online"
[16:47:09] *** Simon shows as "online"
[16:49:25] *** Simon shows as "away" and his status message is "Away"
[16:49:25] *** Simon shows as "away" and his status message is "Away"
[16:49:36] *** Simon shows as "online"
[16:49:36] *** Simon shows as "online"
[16:52:12] *** Simon shows as "online"
[16:57:15] *** Simon shows as "online"
[16:59:22] *** Alex shows as "xa" and his status message is "Auto-Status (untätig)"
[17:02:18] *** Simon shows as "online"
[17:04:36] *** Simon shows as "away" and his status message is "Away"
[17:04:36] *** Simon shows as "away" and his status message is "Away"
[17:04:42] *** Simon shows as "away" and his status message is "Away"
[17:04:42] *** Simon shows as "online"
[17:04:42] *** Simon shows as "online"
[17:07:21] *** Simon shows as "online"
[17:12:24] *** Simon shows as "online"
[17:17:28] *** Simon shows as "online"
[17:22:31] *** Simon shows as "online"
[17:26:38] <MattJ> Kev, and Swift? :)
[17:26:53] <Kev> Swift doesn't do mech pinning.
[17:27:13] <MattJ> "Yet"?
[17:27:34] *** Simon shows as "online"
[17:28:47] <MattJ> I've been considering taking a client and making it "totally secure", and re-releasing it
[17:28:55] <Kev> Yet, indeed.
[17:28:57] <MattJ> Swift is obviously a good candidate
[17:29:16] <Kev> There are a number of sensible things to do there, and motivation to do them.
[17:29:27] <MattJ> I'm talking about removing support for anything but TLS 1.2, SCRAM-PLUS, etc.
[17:29:46] <MattJ> No certificate validation bypass
[17:29:59] <Kev> This doesn't sound like fun
[17:30:06] <MattJ> For whom? :)
[17:30:30] <Kev> Well - what's the motivation?
[17:30:54] <Kev> Protection against downgrades is very sensible, and doesn't stop users using the client.
[17:31:10] <Kev> But stripping out widely used things because they're not deemed to be maximally secure doesn't seem altogether helpful.
[17:31:20] *** waqas has joined the room
[17:31:20] <Kev> How many TLS 1.1 vulnerabilities are we seeing?
[17:31:44] <MattJ> Just because we aren't seeing them doesn't mean they aren't there
[17:31:48] <Kev> And there's no point forking Swift for this, BTW. We have a mechanism for enforcing policies by sysadmins.
[17:32:00] <MattJ> Everyone should realise that by now :)
[17:32:22] <MattJ> Kev, then I'd repackage it at least
[17:32:36] *** Simon shows as "online"
[17:32:48] <Kev> Why?
[17:32:49] <MattJ> and you probably wouldn't want me calling it just "Swift" at that point
[17:33:01] <MattJ> then how do I configure it?
[17:33:17] <MattJ> brb
[17:33:36] <Kev> Linux: Install an extra make-Swift-paranoid package, Windows you can have such a checkbox in the installer, and I'm sure something can be worked out for Mac.
[17:34:17] <Simon> the node-XMPP guys are doing some good work to move their code to nicely support TLSv.1.2
[17:37:40] *** Simon shows as "online"
[17:42:43] *** Simon shows as "online"
[17:43:13] *** MattJ shows as "away"
[17:43:16] *** MattJ shows as "online"
[17:43:57] <MattJ> Kev, are there docs on this?
[17:44:28] <Kev> MattJ: No.
[17:44:48] <Kev> But happy to chat about it over <- there in swift@.
[17:45:23] <MattJ> Ok, when I have some time :)
[17:46:11] *** Simon shows as "away" and his status message is "Away"
[17:46:11] *** Simon shows as "away" and his status message is "Away"
[17:46:51] *** Simon shows as "away" and his status message is "Away"
[17:46:51] *** Simon shows as "online"
[17:46:51] *** Simon shows as "online"
[17:47:46] *** Simon shows as "online"
[17:47:51] *** Simon shows as "away" and his status message is "Away"
[17:47:51] *** Simon shows as "away" and his status message is "Away"
[17:48:36] *** Simon shows as "online"
[17:48:36] *** Simon shows as "online"
[17:50:09] *** Simon shows as "away" and his status message is "Away"
[17:50:09] *** Simon shows as "away" and his status message is "Away"
[17:52:49] *** Simon shows as "away" and his status message is "Away"
[17:53:33] *** Simon shows as "away" and his status message is "Away"
[17:53:33] *** Simon shows as "online"
[17:53:33] *** Simon shows as "online"
[17:57:31] *** Simon shows as "away" and his status message is "Away"
[17:57:31] *** Simon shows as "away" and his status message is "Away"
[17:57:35] *** Simon shows as "away" and his status message is "Away"
[17:57:35] *** Simon shows as "online"
[17:57:35] *** Simon shows as "online"
[17:57:53] *** Simon shows as "online"
[17:58:15] *** Simon shows as "away" and his status message is "Away"
[17:58:15] *** Simon shows as "away" and his status message is "Away"
[18:01:42] *** Simon has left the room
[18:01:52] *** Simon has joined the room
[18:01:52] *** Simon shows as "online"
[18:01:52] *** Simon shows as "online"
[18:04:48] *** Simon shows as "away" and his status message is "Away"
[18:04:48] *** Simon shows as "away" and his status message is "Away"
[18:04:49] *** Simon shows as "online"
[18:04:49] *** Simon shows as "online"
[18:06:03] *** Simon shows as "online"
[18:07:17] *** Simon shows as "away" and his status message is "Away"
[18:07:17] *** Simon shows as "away" and his status message is "Away"
[18:07:59] *** Simon shows as "online"
[18:07:59] *** Simon shows as "online"
[18:11:06] *** Simon shows as "online"
[18:11:31] *** Simon shows as "away" and his status message is "Away"
[18:11:31] *** Simon shows as "away" and his status message is "Away"
[18:12:01] *** Alex shows as "online"
[18:12:06] *** Simon shows as "away" and his status message is "Away"
[18:12:06] *** Simon shows as "online"
[18:12:06] *** Simon shows as "online"
[18:14:09] *** Simon shows as "away" and his status message is "Away"
[18:14:09] *** Simon shows as "away" and his status message is "Away"
[18:16:09] *** Simon shows as "away" and his status message is "Away"
[18:17:34] *** Simon has left the room
[18:19:23] *** SouL shows as "away" and his status message is "Auto Status (idle)"
[18:20:50] *** SouL shows as "online"
[18:43:27] *** Simon has joined the room
[18:43:27] *** Simon shows as "away" and his status message is "Away"
[18:43:28] *** Simon shows as "away" and his status message is "Away"
[18:46:36] *** Simon shows as "away" and his status message is "Away"
[18:51:05] *** Simon shows as "online"
[18:51:05] *** Simon shows as "online"
[18:51:39] *** Simon shows as "online"
[18:56:27] *** waqas has left the room
[18:56:42] *** Simon shows as "online"
[19:01:45] *** Simon shows as "online"
[19:02:22] *** Simon shows as "away" and his status message is "Away"
[19:02:22] *** Simon shows as "away" and his status message is "Away"
[19:02:26] *** Simon shows as "online"
[19:02:26] *** Simon shows as "online"
[19:02:38] *** Simon shows as "away" and his status message is "Away"
[19:02:38] *** Simon shows as "away" and his status message is "Away"
[19:03:34] *** Simon shows as "online"
[19:03:34] *** Simon shows as "online"
[19:05:39] *** waqas has joined the room
[19:06:48] *** Simon shows as "online"
[19:11:10] *** Lance has joined the room
[19:11:30] *** Lance shows as "online"
[19:11:50] *** Simon shows as "online"
[19:12:03] *** Kev shows as "away"
[19:16:53] *** Simon shows as "online"
[19:21:57] *** Simon shows as "online"
[19:24:02] *** tato has joined the room
[19:27:00] *** Simon shows as "online"
[19:27:54] *** Lance shows as "away"
[19:32:03] *** Simon shows as "online"
[19:32:49] *** Kev shows as "online"
[19:33:24] *** Alex has left the room
[19:33:25] *** Alex has joined the room
[19:33:38] *** emcho has left the room
[19:33:58] *** emcho has joined the room
[19:37:06] *** Simon shows as "online"
[19:42:09] *** Simon shows as "online"
[19:46:18] *** Lance has joined the room
[19:46:19] *** Lance shows as "online"
[19:47:12] *** Simon shows as "online"
[19:52:16] *** Simon shows as "online"
[19:53:42] <Simon> oops - didn't mean to dredge up the digest beast in members@
[19:54:21] <MattJ> Too late, it is awake
[19:55:01] <Simon> Hopefully it's died out by the time I'm back (10th Jan)
[19:57:18] *** Simon shows as "online"
[19:58:03] <Kev> I'm not sure bringing up requirements for TLS is necessarily staying on-message at the moment.
[19:58:06] *** Simon shows as "away" and his status message is "Away"
[19:58:06] *** Simon shows as "away" and his status message is "Away"
[19:58:32] <Kev> While there's simultaneously the opportunistic TLS days happening.
[19:59:54] *** SouL shows as "away" and his status message is "Auto Status (idle)"
[20:00:36] *** Simon shows as "online"
[20:00:37] *** Simon shows as "online"
[20:01:33] <MattJ> For folks not in the Prosody room, I'm currently working on a mod_manifesto
[20:01:40] <MattJ> https://matthewwild.co.uk/uploads/mod_manifesto_1.png
[20:02:21] *** Simon shows as "online"
[20:03:38] <Simon> That's really nice MattJ
[20:04:28] <Simon> In terms of the text - it might put it in context to describe the problem/why at the start.
[20:04:56] <MattJ> It's configurable by the admin, but this is the default message - I'm happy to take suggested amendments
[20:05:07] <MattJ> I don't want it t o get too verbose
[20:05:17] <Simon> yes.
[20:07:24] *** Simon shows as "online"
[20:09:29] <MattJ> I should clarify that the list is completely automated - it is only sent to users who have contacts on unencrypted s2s links
[20:09:51] <Simon> I'd expect nothing less from the Prosody team.
[20:10:39] <MattJ> I'm going to implement the actual test days into the module too if I can - overriding the config to allow only encrypted connections for the 24h period
[20:11:02] <MattJ> which also means I'm aiming for UTC...
[20:11:10] <MattJ> unless people think that's a bad idea
[20:11:56] <Simon> TZ of least confusion.
[20:12:27] *** Simon shows as "online"
[20:12:40] <waqas> MattJ: Do we have good error responses on lack of TLS?
[20:13:04] <MattJ> waqas, as good as could be expected
[20:13:10] <waqas> Both for local users, and for remote
[20:13:18] <MattJ> I'm thinking of having mod_manifesto rewrite them for the test day though
[20:13:44] <MattJ> waqas, yes, the error message says that the delivery failure was due to lack of encryption
[20:13:53] <waqas> The folks we probably want to make the most aware of this are the people on servers without good encryption
[20:14:05] <waqas> Not the local users, who are already on a good server
[20:14:08] <MattJ> Yep
[20:14:15] <MattJ> I considered spamming them, but... ;)
[20:14:15] *Simon is impressed with Prosody's preparedness.
[20:17:30] *** Simon shows as "online"
[20:19:22] <Simon> I expect all users will get a notification until jabber.org gets ready.
[20:19:54] *** SouL shows as "xa" and his status message is "Auto Status (idle)"
[20:21:54] <Kev> jabber.org /is/ ready, is it not?
[20:22:27] <Kev> In that the only thing that's needed to be ready is to have a cert.
[20:22:33] *** Simon shows as "online"
[20:23:03] <fippo> kev: i think it would be good to have jabber.org reject non-tls connection
[20:23:10] <Simon> https://xmpp.net/result.php?domain=jabber.org&type=server
[20:23:15] <fippo> otherwise "but it works with jabber.org!!!!" is true
[20:23:19] <Simon> and fix it's cipherlist
[20:23:38] <Kev> Simon: Nothing on that page looks incompatible with servers participating in the event.
[20:23:44] <Kev> To me.
[20:24:00] <Kev> fippo: Yes, I expect we will.
[20:24:35] *** Simon shows as "away" and his status message is "Away"
[20:24:36] *** Simon shows as "away" and his status message is "Away"
[20:24:59] *** Simon shows as "online"
[20:24:59] *** Simon shows as "online"
[20:25:18] <fippo> i wonder why jabber.orgs pubkey score is sooo low
[20:25:52] <Kev> Because it bundles the root (Which is a pretty sensible thing to do)?
[20:26:19] <MattJ> Why is it a sensible thing to do?
[20:26:39] <Kev> MattJ: Because if you're going to do leap of faith, having the root gives you a better basis for future upgrades.
[20:27:00] <Simon> Presumably the root should come from outside the connections / OS /Browser.
[20:27:10] *** Alex shows as "away" and his status message is "Auto-Status (untätig)"
[20:27:21] <Simon> intermediate should be included though
[20:27:35] *** Simon shows as "online"
[20:28:03] <Simon> also the cert is for conference.jabber.org.
[20:28:24] <Kev> The cname is c.j.o, which isn't the same thing.
[20:28:50] <Kev> It has the right SANs in it as far as I know.
[20:29:08] <fippo> there is a bug for xmpp.net that it should show SANs
[20:29:46] <fippo> i even have code for it but can't get the tool itself to work for me
[20:31:00] <Simon> fippo: this one https://bitbucket.org/xnyhps/xmppoke/issue/3/show-certificate-subjectalternativenames ?
[20:31:25] <fippo> simon: yeah
[20:32:38] *** Simon shows as "online"
[20:34:11] <Simon> If anyone is looking for a well considered, peer reviewed ciphersuite, Mozilla Opsec have a good writeup: https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite
[20:37:41] *** Simon shows as "online"
[20:39:45] *** simon has joined the room
[20:40:25] *** Simon shows as "away" and his status message is "Away"
[20:40:26] *** Simon shows as "away" and his status message is "Away"
[20:40:40] *** Simon shows as "online"
[20:40:40] *** Simon shows as "online"
[20:42:44] *** Simon shows as "online"
[20:44:13] <Simon> fippo: solved you cert problem a different way https://xmpp.net/result.php?domain=estos.de&type=server ?
[20:44:29] *** tato has left the room
[20:44:50] <fippo> simon: huh? it has always shown as valid
[20:45:02] <fippo> it just doesn't show why this one is valid :-)
[20:45:40] <Simon> reread your xmpppoke issue. Makes sense now.
[20:47:09] *** Alex shows as "xa" and his status message is "Auto-Status (untätig)"
[20:47:46] *** Simon shows as "online"
[20:52:50] *** Simon shows as "online"
[20:57:21] *** tato has joined the room
[20:57:53] *** Simon shows as "online"
[20:59:14] *** Kev shows as "away"
[21:01:48] *** tato has left the room
[21:02:38] *** simon has left the room
[21:02:56] *** Simon shows as "online"
[21:06:36] *** Simon shows as "online"
[21:06:36] *** Simon shows as "away" and his status message is "Away"
[21:06:37] *** Simon shows as "away" and his status message is "Away"
[21:06:39] *** Simon shows as "online"
[21:06:40] *** Simon shows as "online"
[21:07:58] *** Simon shows as "online"
[21:13:01] *** Simon shows as "online"
[21:16:30] *** Simon shows as "away" and his status message is "Away"
[21:16:31] *** Simon shows as "away" and his status message is "Away"
[21:16:32] *** Simon shows as "online"
[21:16:33] *** Simon shows as "online"
[21:18:04] *** Simon shows as "online"
[21:23:07] *** Simon shows as "online"
[21:28:10] *** Simon shows as "online"
[21:29:07] *** tato has joined the room
[21:29:10] *** tato shows as "online" and his status message is "Just htc .."
[21:29:25] *** tato shows as "online" and his status message is "Just htc .."
[21:30:18] *** Simon shows as "away" and his status message is "Away"
[21:30:19] *** Simon shows as "away" and his status message is "Away"
[21:31:11] *** Simon shows as "away" and his status message is "Away"
[21:31:11] *** Simon shows as "online"
[21:31:11] *** Simon shows as "online"
[21:33:13] *** Simon shows as "online"
[21:33:54] *** tato shows as "online" and his status message is "Just htc .."
[21:37:21] <Simon> interestingly buddycloud.com refuses to speak to jabber.org too with the current cert.
[21:37:22] <Simon> Dec 15 21:34:43 s2sout22aafc0 info Beginning new connection attempt to jabber.org. ([208.68.163.218]:5269)
Dec 15 21:34:44 mod_s2s warn Forbidding insecure connection to/from jabber.org.
Dec 15 21:34:44 s2sout22aafc0 info outgoing s2s stream buddycloud.com->jabber.org. closed: stream closed
Dec 15 21:34:44 s2sout22aafc0 info sending error replies for 2 queued stanzas because of failed outgoing connection to jabber.org.

[21:37:41] <Simon> s2s_secure_auth = true
s2s_require_encryption = true
[21:38:16] *** Simon shows as "online"
[21:40:13] *** Simon shows as "online"
[21:40:13] *** Simon shows as "away" and his status message is "Away"
[21:40:13] *** Simon shows as "away" and his status message is "Away"
[21:41:42] *** Simon shows as "online"
[21:41:43] *** Simon shows as "online"
[21:42:59] *** tato has left the room
[21:43:19] *** Simon shows as "online"
[21:44:04] <MattJ> I don't know why that would be
[21:47:48] *** tato has joined the room
[21:48:11] *** tato has left the room
[21:48:22] *** Simon shows as "online"
[21:48:59] *** SouL shows as "online"
[21:52:12] *** Simon shows as "online"
[21:53:25] *** Simon shows as "online"
[21:53:54] *** tato has joined the room
[21:54:13] *** tato has left the room
[21:58:28] *** Simon shows as "online"
[22:03:31] *** Simon shows as "online"
[22:03:40] *** SouL has left the room
[22:06:09] *** tato has joined the room
[22:06:10] <MattJ> Haaa
[22:06:21] *** tato has left the room
[22:06:36] <MattJ> I know what the issue is, there is a '.' at the end of the hostname
[22:07:01] <Simon> the cert or the contact?
[22:07:21] <MattJ> Someone is trying to send something to "jabber.org."
[22:07:36] <Simon> right
[22:07:36] <MattJ> I vaguely recall something about this in the RFC
[22:08:34] *** Simon shows as "online"
[22:09:20] *** Zash has joined the room
[22:09:20] *** Zash shows as "online"
[22:09:32] <MattJ> Yes, it's in 6122
[22:09:42] <MattJ> It must be stripped, but it doesn't say where
[22:09:46] *** tato has joined the room
[22:09:55] *** tato has left the room
[22:10:09] <MattJ> well, it says: "this character MUST be stripped from the domainpart before the JID of which it is a part is used for the purpose of routing an XML stanza, comparing against another JID, or constructing an [XMPP‑URI]. "
[22:10:19] *** SouL has joined the room
[22:10:39] <MattJ> So it's a client bug for allowing it and a server bug for not stripping it either I suppose
[22:11:03] <Simon> server bug for storing it in the roster table too?
[22:11:30] <MattJ> Not necessarily storing it
[22:11:46] <MattJ> I don't know if roster entries must be in normalized form
[22:13:37] *** Simon shows as "online"
[22:16:37] *** Kev shows as "online"
[22:18:40] *** Simon shows as "online"
[22:18:48] *** Alex has left the room
[22:19:39] *** Simon shows as "online"
[22:23:43] *** Simon shows as "online"
[22:26:23] <Zash> Let's blame jabber.org for answering to "jabber.org."
[22:26:50] <Zash> Prosody says host-unknown
[22:28:46] *** Simon shows as "online"
[22:33:18] *** Simon shows as "away" and his status message is "Away"
[22:33:18] *** Simon shows as "away" and his status message is "Away"
[22:33:24] *** Kev shows as "away"
[22:33:49] *** Simon shows as "away" and his status message is "Away"
[22:35:56] *** fsteinel has joined the room
[22:37:11] *** Simon has left the room
[22:40:49] *** tato has joined the room
[22:42:05] *** fsteinel has left the room
[22:44:14] *** tato shows as "away"
[22:46:08] *** Simon has joined the room
[22:46:08] *** Simon shows as "online"
[22:47:02] *** Simon shows as "online"
[22:47:39] *** Zash shows as "away"
[22:52:06] *** Simon shows as "online"
[22:57:10] *** Simon shows as "online"
[22:59:09] *** Simon has left the room
[23:01:01] *** Lance has joined the room
[23:01:01] *** Lance shows as "online"
[23:10:23] *** Zash shows as "online"
[23:38:55] *** SouL shows as "away" and his status message is "Auto Status (idle)"
[23:42:21] *** tato shows as "away"
[23:53:04] *** Zash shows as "away"
[23:58:52] *** SouL shows as "xa" and his status message is "Auto Status (idle)"