-
moparisthebest
Ha this is the same argument as the one against e2e earlier https://www.quakenet.org/articles/99-trust-is-not-transitive-or-why-irc-over-ssl-is-pointless
-
zinid
moparisthebest: seems like the dude only concerned about mitm?
-
vanitasvitae
Hi! Awesome to see that JET is now experimental :D I noticed some formatting issues in the pdf though. The table under §5 is crippled. Since this is likely to occure elsewhere as well, I thought I'd bring that to your attention :)
-
Ge0rG
vanitasvitae: the best approach is probably to open an issue on the xeps repo. Or even to provide a patch ;)
-
vanitasvitae
Guus told me, that SamWhited and jonasw are doing some work on this, so let me ping you :)
-
vanitasvitae
I'm not familiar with the pdf build process, so I think I'll just open an issue (if there is none yet)
-
Guus
I don't think they're still actively working on it - but things did change recently.
-
vanitasvitae
I opened https://github.com/xsf/xeps/issues/521
-
jonasw
nobody is familiar with the pdf build process :D
-
jonasw
yeah, I doubt we can do anything about that
-
jonasw
(looking at the issue)
-
jonasw
it’s simply too wide for the PDF output
-
vanitasvitae
yeah, I guess you're right
-
jonasw
ideally editors would proofread the PDF output and ensure that it is nice, but ...
-
jonasw
I’m actually more inclined to terminate PDF output altogether than doing that ;-)
-
vanitasvitae
In that case there is not much to do I guess :D
-
vanitasvitae
But pdfs are so nice... :D
-
jonasw
I prefer the HTML version, esp. since Sams recent CSS fixes
-
jonasw
one of the few things I prefer to have in my browser over a separate application
-
Guus
vanitasvitae: can you replace the namespace by a (shorter) reference to a namespace, somehow?
-
jonasw
that would probably do the trick, yes
-
vanitasvitae
maybe get rid of the "-"s as a first step?
-
vanitasvitae
and shorten "nopadding" to "nopad"?
-
Guus
hey, the logo on the PDF (first page), looks weird
-
Guus
it's the old / broken logo, but also has black colors for the outside bits, instead of the blue?
-
vanitasvitae
thats an issue with firefox I think
-
jonasw
weird
-
jonasw
no
-
Guus
might be, but I'm using Chrome :)
-
jonasw
it’s also in the original PDF of the logo
-
jonasw
super weird
-
vanitasvitae
the logo is rendered differently in pdf viewers and browsers I think
-
vanitasvitae
at least I noticed that some time ago
-
jonasw
can’t easily fix that though, because the PDF includes the "XMPP" text for which I don’t have the font I think
-
jonasw
no, it is definitely also in the source files, vanitasvitae
-
Guus
what format is the source?
-
jonasw
this is extremely ugly https://sotecware.net/images/dont-puush-me/FHNZUlDByHqPUgjwj1Cq2EhPat6zvV5sfbTtJ__tlLI.png
-
jonasw
PDF
-
Guus
bah
-
jonasw
I can try to mess with it to embed the new logo in that, should be doable
-
vanitasvitae
PDF missing the main purpose of its existence :D
-
Guus
I've got SVGs for the logo, but not the text
-
jonasw
how did you make xmpp.png then?
-
jonasw
by hand?
-
Guus
yeah, I erased the logo, copied in a newly generated one from SVG using the correct size
-
jonasw
okay
-
Guus
interestingly, the page headers also have a (very small) logo, where the colors are correct.
-
jonasw
yupp
-
jonasw
those are two different files
-
jonasw
patching them now
-
Guus
thanks :)
-
Guus
I'm somewhat surprised that the source components are PDFs themselves. Then again, I know nothing.
-
jonasw
that’s usual for LaTeX
-
jonasw
you can only have PDF as vector format without extra packages when building with {pdf,xe,lua}latex
-
jonasw
now that’s interesting
-
jonasw
https://sotecware.net/images/dont-puush-me/4jcYqbi6zp4l-yyi1U5yz7Dhwjj0O_q_ScQz9oN7Gvs.png
-
jonasw
the pdf including the text contains quite a bit more
-
jonasw
notably, the blue tones are not included in the design specs on the top left
-
Guus
Ah, that's by the original designer
-
Guus
Raja
-
Guus
he's who I talked to earlier.
-
Guus
also, it lists a typeface? :)
-
Guus
Eurostile Bold Extended
-
Guus
https://www.google.be/search?q=Eurostile+Bold+Extended&tbm=isch&tbo=u&source=univ&sa=X&ved=0ahUKEwjh86TbwtvWAhXQJFAKHca3B5EQsAQIMA&biw=1855&bih=990
-
Guus
seems to be it :)
-
jonasw
that PDF is super weird
-
jonasw
but I guess that’s what you get from opening PDFn with inkscape
-
Guus
those appear to be printing masters
-
Guus
it's probably what the original authors of the PDF generation had available at the time
-
jonasw
making a test build with patched PDFs
-
jonasw
(now I in fact wonder if all built PDFs contain the whole printing master...)
-
jonasw
(or if something is smart enough to crop that out)
-
jonasw
(which I doubt, because it’s pdflatex we’re speaking about)
-
jonasw
well, xelatex
-
Guus
how big is it? If it's just a fraction of the total size, I wouldn't bother improving it further
-
jonasw
a few kiB
-
jonasw
I was just wondering conceptually
-
jonasw
because that’s essentially the XMPP Corporate Design ;-)
-
jonasw
thereifixedit: https://sotecware.net/files/noindex/xep-0391.pdf cc @ Guus
-
Guus
fun fact: the font used for the 'XMPP' text in our logo is also used in 2001: A Space Odyssey, for the interface of HAL. :)
-
Guus
ah, much better, thanks!
-
jonasw
let’s push that
-
jonasw
now I get the feeling that I did already quite a lot today! :-)
-
Guus
and it's only 10 am :)
-
jonasw
exactly!
-
Guus
wanna pop over to jdev and see if you have feedback on my question there? :)
-
Guus
oh, you already were there :)
-
jonasw
there you go ;-)
-
Guus
tx :)
-
Ge0rG
It's 10 AM and I feel like weekend already
-
jonasw
Ge0rG, good news: weekend for me already. wait. that’s only good news for me. sorry.
-
Guus
you just told us you were available.
-
Guus
that might've been a mistake :P
-
jonasw
Guus, do you have power over the dockerhup by now? If so, does that include the xeps builds? That’d be good to know.
-
Kev
He does, yes.
-
jonasw
great. Just in case there are issues again, but I suspect now that we don’t source stuff from sourceforge anymore, it should be fine
-
Guus
(what Kev said)
-
Flow
dwd: What was the motivation for renaming the 'mechanism' to 'task' in SASL2?
-
Kev
IIRC because it can do things other than present SASL mechs. I could be wrong.
-
Flow
k, thanks
-
dwd
It also can't do the things mechanisms do. Like change the authorization identifier. Plus they need one to start.
-
Flow
can <task> could also contain a SASL mech?
-
dwd
Doubtful.
-
Flow
Wasn' t one idea that multiple mechs could be chained with SASL2?
-
Guus
did you use two different clients just now, dwd?
-
Guus
your nickname had different colors in Spark
-
dwd
Guus, Conversations for both those (Gajim for this one). Probably Conversations was detached; it looks like it injected a delay stamp.
-
dwd
Flow, So yes, the idea originally was that all these things are SASL mechs. But in practise, when developing, they're not. The first thing is a SASL mech, any subsequent ones are similar to mechanisms but distinct in that they're provided with an authzid, and cannot change it.
-
Flow
authzid was the thing which would allow you to impersonate another entity, right?
-
Kev
Not impersonate, but yes.
-
dwd
Flow, No, the authzid is the (most important) output of the SASL process. In XMPP, it's your jid.
-
Flow
ahh, ok, then it's the authcid I was thinking about
-
Kev
It's the thing that tells you what you are.
-
dwd
Flow, Probably not.
-
Flow
then what's the authcid again?
-
Guus
you authentiCate with authcid, you are then authoriZed for using authzid
-
Flow
An authorization identity is an OPTIONAL identity included by the initiating entity to specify an identity to act as
-
dwd
Flow, The authentication identifier is the identifier used to identify you to the SASL mechanism. Typically you don't specify an authzid, and again typically in XMPP the authcid is just the local-part of the jid and the authzid is then figured out from that.
-
Flow
That does sound like authzid is what I said it is
-
dwd
Flow, It is optional to supply, because it can be derived (normally).
-
dwd
Flow, You do, always, end up with an authzid. Worth looking at TLS+EXTERNAL as an example - your authcid there is the certificate (or arguably the Subject of it). The authzid might be derived from it (usually from a SAN) or you might supply it.
-
dwd
Flow, There's no "impersonation" going on, though that, too, in as option (known as "Proxy Authentication", because you're authenticating to be a proxy for another user)
-
Flow
So what exactly is the problem that following SASL mechs can't change the authzid? Usually you either never provide the authzid or you provide it, in which case all chained mechs should/must provide the same
-
dwd
Flow, There's absolutely no power on earth that'll make me try to implement that. It's a nightmare.
-
Flow
And what is the point in being able to optionally supply the authzid? Re-using the same credentials for different accounts?
-
Flow
Anyway, I don't see a problem that subsequent mechs can not change the authzid
-
Guus
I'm no expert, but, I thought it was primarily used when the username you authenticate with isn't an exact match with the account name that you're authenticate for.
-
dwd
Flow, Sometimes to avoid confusion (like with TLS+EXTERNAL), sometimes for Proxy Auth. Also, if you've a username from, say, Active Directory that's not valid for XMPP, this be a way around that problem too.
-
Flow
I think we mixing two aspects of authzid: The one is where a sasl mech can optionally provide it, the other one is that you only know your full JID after being authenticated
-
dwd
Flow, Input and output, is all.
-
Flow
For chaining mechs, only the former can be possibly relevant, and I don't see why we can't simply say that all chained mechs must provide the same authzid, if they provide any at all
-
dwd
Flow, Why do you want to?
-
Flow
Guus: Yep, besides that your username can be completly different from the localpart of the JID you get
-
Flow
dwd: Why do I want to chain SASL mechs? Well the idea sounded appealing to me back then. And I don't see why we gave up on it
-
dwd
Flow, Because I tried implementing it and it was horrible.
-
dwd
Flow, Whereas I *have* implemented the current spec, along with TOTP etc, and it all works well.
-
Flow
dwd: Maybe, but what is different by having tasks now? SASL mechs are basically just a sequences of challenges and responses, surely tasks are very similar to that?
-
dwd
Flow, Yes, the protocol interface is the same, but the internal server-side interface is pretty different.
-
Flow
dwd: shouldn't ex4 in xep388 show a bare jid, or, when do I get a full JID at this stage?
-
Flow
ahh, we do bind2 there also
-
Flow
uh and bind2 still has no support for a client provided part ☹
-
Kev
Is anyone ready to implement bind2? If so I'll try to find time to add that.
-
Flow
and sasl2 can be used without bind2? A lot of possibilities ☺
-
Flow
(but it's getting complicated)
-
Kev
dwd: Did you do bind2 with sasl2, or not?
-
dwd
Kev, I've been toying with a bind2 embedded in sasl2 in my implementation just to see, but I've not tried it yet.
-
Flow
Kev: ex2 in xep388 hints at bind2
-
dwd
Flow, Also ISR. But I've not quite finished 198 resumption yet, so...
-
dwd
Flow, I think I said (read: I meant it to say) it was a hypoethetical extension, in ex2.
-
moparisthebest
ha AOL is finally killing AIM
-
moparisthebest
I... didn't know it was still alive
-
Alex
ya, just read the news here: https://aimemories.tumblr.com/
-
SamWhited
That's AIM, MSN Messenger, and Yahoo Messenger all gone… the 90's are finally over :'(
-
moparisthebest
well we still have XML >:)
-
SamWhited
Only the worst part of the 90's are still around…
- SamWhited goes to rewatch `The Fresh Prince of Bel-Air' to make himself feel better
-
dwd
moparisthebest, Where? We're now using a "React-like wire protocol", remember?
-
moparisthebest
dwd, I haven't heard of that but it sounds terrifying
-
dwd
No, no. It's great. It'll get us all the cool kids now. Better than json.
-
Guus
I heard you use this argument a few days ago
-
Guus
so presumably, there now is a newer fashion.
-
moparisthebest
...
-
moparisthebest
longtime guy in IRC channel mentions jabber, I say that's awesome when did you start using it
-
moparisthebest
he says just now to try to talk to some drug dealers from darkweb sites
-
moparisthebest
so, that's nice haha
-
zinid
definitely success
-
dwd
moparisthebest, Well, at least we have a dedicated niche market.
-
moparisthebest
yea use is exploding in a certain market segment I guess
-
moparisthebest
anyone want to sign up and ask about usability issues, UI problems etc
-
Guus
yeah, lets fix those nasty spam control issues that they're experiencing for them
-
moparisthebest
I can probably get the .onion site domain haha
-
moparisthebest
see here is a segment that probably values forward secrecy over long term archives right?
-
dwd
moparisthebest, Depends if they have a sideline in blackmail, I guess.
-
moparisthebest
guess the 'seller' is using jodo.im I'm guessing it has IBR enabled judging by the flash 9.0 required on the http page