XSF logo XSF Discussion - 2017-10-15


  1. lskdjf has joined
  2. lskdjf has left
  3. Ge0rG has left
  4. lovetox has left
  5. lskdjf has left
  6. pep. jonasw, I think it's *"Trainer\*Innen"* :P
  7. lovetox has joined
  8. pep. (Hopefully your client doesn't already convert what I just wrote)
  9. alacer has joined
  10. pep. This "I want to change XHTML-IM" fashion is going really quick and I don't like that
  11. Syndace has joined
  12. pep. I'm really curious as to what is going to come out of that new markdown-y spec. But I don't expect much
  13. Valerian has left
  14. Valerian has joined
  15. Ge0rG has left
  16. Zash pep.: People will run a random markdown js lib over stuff, and there'll be a high chance that they pick one that defaults to passing html trough and then we're back at square 1
  17. pep. Certainly
  18. pep. /popcorn
  19. pep. And we would have lost a few weeks for nothing
  20. pep. Weeks of talking, months of incompatibilities, yeras of ranting
  21. pep. Weeks of talking, months of incompatibilities, years of ranting
  22. pep. Weeks of talking, months of ranting, years of incompatibilities
  23. pep. Or are we ever really done ranting
  24. lskdjf has joined
  25. Valerian has left
  26. Ge0rG has left
  27. Tobias has joined
  28. Zash pep.: When we die
  29. Syndace has joined
  30. lskdjf has joined
  31. lskdjf has joined
  32. Ge0rG has left
  33. lovetox has left
  34. Guus has left
  35. la|r|ma has left
  36. la|r|ma has joined
  37. daniel has left
  38. Guus has joined
  39. Ge0rG has left
  40. Guus has left
  41. Guus has joined
  42. Guus has left
  43. Guus has joined
  44. Ge0rG has left
  45. Guus has left
  46. lumi has left
  47. alacer has joined
  48. Guus has joined
  49. Guus has left
  50. Guus has joined
  51. stefandxm has left
  52. alacer has joined
  53. Ge0rG has left
  54. nyco has left
  55. nyco has joined
  56. Valerian has joined
  57. Ge0rG has left
  58. moparisthebest Just for Zash I'll write a bot with a dead mans switch to rant in here after I die
  59. alacer has joined
  60. Ge0rG has left
  61. ralphm has left
  62. daniel has left
  63. daniel has joined
  64. Guus has left
  65. Guus has joined
  66. daniel has left
  67. alacer has joined
  68. jere has left
  69. daniel has joined
  70. Ge0rG has left
  71. Ge0rG has left
  72. jere has joined
  73. tux has joined
  74. jjrh has left
  75. jjrh has left
  76. Syndace has left
  77. Syndace has joined
  78. stefandxm has joined
  79. Ge0rG has left
  80. jjrh has left
  81. jjrh has left
  82. stefandxm has left
  83. Ge0rG has left
  84. jabberatdemo has joined
  85. SamWhited has left
  86. jabberatdemo has left
  87. Ge0rG has left
  88. Ge0rG has left
  89. daniel has left
  90. uc has joined
  91. daniel has left
  92. Ge0rG has left
  93. daniel has joined
  94. Ge0rG has joined
  95. uc has joined
  96. alacer has joined
  97. stefandxm has joined
  98. Ge0rG has left
  99. Ge0rG has left
  100. Valerian has left
  101. Valerian has joined
  102. daniel has left
  103. Guus has left
  104. ThurahT has left
  105. stefandxm has left
  106. ThurahT has joined
  107. Valerian has left
  108. Ge0rG has left
  109. daniel has joined
  110. Valerian has joined
  111. daniel has left
  112. Ge0rG has left
  113. Guus has joined
  114. sonny has left
  115. Guus has left
  116. Guus has joined
  117. Ge0rG has left
  118. Ge0rG has left
  119. Ge0rG has left
  120. daniel has left
  121. Valerian has left
  122. waqas has left
  123. zinid has left
  124. zinid has joined
  125. Guus has left
  126. Guus has joined
  127. jubalh has joined
  128. jubalh has left
  129. Ge0rG has left
  130. uc has joined
  131. alacer has left
  132. alacer has joined
  133. Ge0rG has left
  134. Ge0rG has left
  135. stefandxm has joined
  136. valo has joined
  137. jubalh has joined
  138. Ge0rG has left
  139. stefandxm has left
  140. Ge0rG has left
  141. jubalh has left
  142. la|r|ma has left
  143. la|r|ma has joined
  144. Ge0rG has left
  145. arc has joined
  146. daniel has left
  147. arc has left
  148. arc has joined
  149. Tobias has joined
  150. arc has left
  151. arc has joined
  152. Ge0rG has left
  153. Tobias has joined
  154. alacer has joined
  155. Ge0rG has left
  156. Syndace has joined
  157. Syndace has joined
  158. tux has joined
  159. SouL has left
  160. Ge0rG has left
  161. zinid has left
  162. emxp has joined
  163. emxp has left
  164. emxp has joined
  165. stefandxm has joined
  166. lovetox has joined
  167. lovetox has left
  168. Ge0rG has left
  169. stefandxm has left
  170. arc has left
  171. ralphm has left
  172. arc has joined
  173. Ge0rG has left
  174. emxp has left
  175. emxp has joined
  176. uc has joined
  177. ralphm has joined
  178. arc has left
  179. arc has joined
  180. jubalh has joined
  181. tim@boese-ban.de has left
  182. Ge0rG has left
  183. arc has left
  184. tim@boese-ban.de has joined
  185. remko has joined
  186. Ge0rG has left
  187. jubalh has left
  188. alacer has joined
  189. uc has joined
  190. arc has joined
  191. Syndace has joined
  192. Ge0rG has left
  193. Tobias has joined
  194. Tobias has joined
  195. remko has joined
  196. arc has left
  197. remko has joined
  198. arc has joined
  199. lskdjf has joined
  200. Tobias has joined
  201. Ge0rG has left
  202. Tobias has joined
  203. efrit has joined
  204. arc has left
  205. arc has joined
  206. stefandxm has joined
  207. arc has left
  208. arc has joined
  209. remko has joined
  210. Ge0rG has left
  211. arc has left
  212. arc has joined
  213. alacer has joined
  214. arc has left
  215. arc has joined
  216. Ge0rG has left
  217. Flow has joined
  218. arc has left
  219. arc has joined
  220. dwd has left
  221. Tobias has joined
  222. arc has left
  223. arc has joined
  224. dwd has left
  225. remko has joined
  226. Ge0rG has left
  227. Guus has left
  228. alacer has joined
  229. arc has left
  230. arc has joined
  231. Flow Zash: I'm not sure if that most "markup to HTML" converter libs would pass html trough, but I could be wrong. On the other hand: The whole stackexchange network, and things like discourse, are facing the same situation, and I've never heard that either of them was vulnerable to malicious HTML injection
  232. Zash Flow: Pick the first markdown library you can find and try?
  233. Flow Zash: Is that challenging me to do a evaluation of the situation or so that I see the very first lib I pick failing? ;)
  234. Zash Since the original implementation does html passthough, I suspect it to be highly likely that it be the default.
  235. Flow Ok, but then what do all the sites displaying HTML generated from CommonMark do?
  236. Zash Even pandoc, the glorious saviour of all markup, defaults to html right through
  237. arc has left
  238. Flow Is it probably more a matter of unsafe defaults?
  239. arc has joined
  240. efrit has left
  241. Zash Defaults matter.
  242. alacer has joined
  243. Flow Course
  244. Flow https://github.com/commonmark/cmark#security
  245. remko has joined
  246. Flow by default we will do the unsafe thing because convenience
  247. pep. Yay
  248. arc has left
  249. arc has joined
  250. Zash If we could just invent some sufficiently complicated to get wrong XML format...
  251. alacer has joined
  252. Ge0rG has left
  253. arc has left
  254. arc has joined
  255. jubalh has joined
  256. Flow dwd: does xep388 <failure/> have a way to tell the client to try it with a different SASL mech again? Or do we even have that in the standard SASL profile? asking because of ISR
  257. dwd Flow, ISR has - hopefully - nothing to do with that. Either you're authenticated or not, and if you're authenticated ISR will either succeed or not.
  258. goffi has joined
  259. nyco has left
  260. nyco has joined
  261. Flow dwd: whut? the idea has always been that ISR is used to authenticate the resumption
  262. arc has left
  263. arc has joined
  264. dwd Flow, But also, no. I'm not sure what would trigger that. The user exists but authentication failed? That case is normally treated equally to the user not existing for security reasons.
  265. Ge0rG has left
  266. Flow dwd: caused by the service, for some reason, "forgetting" the isr token, e.g. because of a restart
  267. Flow i.e. a fallback to "full" SASL auth, instead of lightweight ISR auth
  268. dwd Flow, So you're advocating a user enumeration attack? :-)
  269. dwd ISR is not, and must not be, authentication. We went through this I don't know how many times.
  270. Zash Does the token contain the username?
  271. Flow dwd: It's authenticating the stream resumption, I don't know how many times we went through this
  272. Flow Zash, no
  273. arc has left
  274. dwd Flow, ISR is just '198 resumption but as a '388 extension, right? The authentication happens within a normal SASL mechanism. You've proposed HT-* for this purpose, but one could use anything.
  275. arc has joined
  276. dwd Flow, So ISR+SCRAM is valid (just more round-trips). But also ISR+EXTERNAL, which is entirely reasonable.
  277. Flow sure, but ISR alone is also an option
  278. dwd No, it isn't. I'm very sure we had this argument before. If you make ISR an authentication mechanism in its own right it should not be conducted within the XSF.
  279. Flow also, I don't see how one could do ISR + another SASL mech, after xep388 moved away from multi SASL mechs to 'tasks'
  280. dwd Well, because ISR isn't a SASL mech to begin with.
  281. Flow but SASL-HT is
  282. Flow and ISR is based on it
  283. dwd Sure. But HT-* is *just* a SASL mechanism that you *could* use with ISR, surely?
  284. Flow so it's SASL-HT+SCRAM what you are suggesting
  285. Flow dwd: no
  286. dwd Well, then, the design is wrong.
  287. Flow I don't think so, but please elaborate
  288. Syndace has left
  289. dwd Flow, If you can't use resume a session when authenticating using, say, EXTERNAL, the design is clearly wrong.
  290. arc has left
  291. dwd Since EXTERNAL is relying on (for example) a TLS certificate or session resumption, and HT-* is weaker, then by *allowing* HT-* you're weakening security.
  292. Flow well that was possible until you switched xep388 from chained SASL mechs to tasks
  293. dwd No, that's rubbish.
  294. Flow I'd say tha just HT-* is sufficently secure for some deployments, but if you want to use HT-* with a strong mech, then it should be possible to do this
  295. Ge0rG has left
  296. arc has joined
  297. dwd That does not make sense. HT-* *is* a SASL mechanism.
  298. dwd So why would you need to use it *with* anything else?
  299. Flow The initial idea of our SASL2 was to make it possible to chain multiple SASL mechs
  300. dwd No it wasn't. I know this because the initial idea was mine.
  301. Flow maybe your idea was different, but the first versions of SASL2 did make it possible to chain SASL mechs
  302. dwd The idea was to have an extensible SASL profile that could have secondary authentication includedm like 2FA. I thought (wrongly) these oculd be modelled as SASL mechanisms.
  303. Flow and I still think they should be
  304. Flow but that's mostly unrelaeted to this discussion I think
  305. dwd Well, I tried it, and they can't.
  306. Flow well maybe a sample of one is not enough
  307. arc has left
  308. jubalh has joined
  309. arc has joined
  310. Flow but back to the topic: ISR is now based on SASL HT-*, and if xep388 doesn't allow chained SASL mechs (maybe additional to tasks), then it's ISR with HT-*, or standard SM resumption without SASL HT-*
  311. dwd Well, that's rather my point - no it isn't. There's no reason why ISR needs to be tied to HT-*.
  312. Flow the only other mechanism suitable is probably EXTERNAL
  313. Flow I don't see the point in ISR + SCRAM
  314. Flow becasue then you could do simply standard SM resumption and SCRAM
  315. dwd Sure. But ISR+SCRAM will be substantially fewer round-trips.
  316. dwd Just one more, actually, than ISR+HT-*.
  317. Flow and I doubt if ISR+HT-* is substantially weaker then ISR+EXTERNAL
  318. Flow or any other mech
  319. dwd Flow, You're deluded if you think that's the case.
  320. Flow If the lifetime of the hashed token is limited?
  321. dwd HT-* is, at its core, just a hash of a plaintext token held on the server in the clear. That immediately means an attacker can obtain that token and use it, potentially.
  322. arc has left
  323. arc has joined
  324. dwd That's not a bad thing, because we can mitigate that with limited lifetime etc. But to think it offers the same level of security as a client certificate is really not right at all.
  325. Flow I think everything is off as soon as an attacker is able to obtain things from the service
  326. Zash dwd: an attacker with access to server internals?
  327. Flow of course, you could argue that an attacker possibly has only access to some server internals and so
  328. dwd Zash, an attacker with access to the database, probably. Typical breach. And yes, you could handwave over keeping the tokens out of persistent storage etc.
  329. Flow I hope that no one stores the HT-* in a database, should be small enough to hold it in memory
  330. jonasw clustering?
  331. Flow and probably something I should write into the I-D
  332. jonasw somebody will do that
  333. Flow jonasw, clustering doesn't automatically mean that you have to store the token in a db
  334. Ge0rG has left
  335. Flow but of course, somebody will do something unreasonable
  336. jonasw sure, but it may be the convenient choice
  337. Flow damn you, convenience
  338. dwd Flow, But anyway, the point is that if ISR works with *any* SASL mechanism in principle, then if HT-* is a problem we just use something else.
  339. Flow dwd, sorry didn't get the last part
  340. Flow If i'm not mistaken nothing in the current ISR ProtoXEP currently limits the mech to HT-*
  341. dwd Well, we need to fix that then.
  342. tux has joined
  343. Flow but of course, it's written with HT-* in mind
  344. Flow dwd, fix what?
  345. Flow I'm currently more worried how much more complex the SASL2-ISR combination is, compared to my initial ISR ProtoXEP…
  346. jonasw how many round-trips does ISR save if you use any other SASL mechanism?
  347. Flow Altough I believe in Holger to implement any complex beast in ejabberd :)
  348. jonasw i.e. what’s the difference to just resuming in that case?
  349. Flow jonasw, IIRC 1 round-trip
  350. Flow but I haven't counted recently
  351. Kev has left
  352. stefandxm has left
  353. arc has left
  354. arc has joined
  355. Syndace has left
  356. remko has joined
  357. arc has left
  358. arc has joined
  359. Ge0rG has left
  360. uc has joined
  361. arc has left
  362. arc has joined
  363. mimi89999 has joined
  364. alacer has joined
  365. Guus has joined
  366. jubalh has left
  367. Guus has left
  368. arc has left
  369. Guus has joined
  370. arc has joined
  371. Ge0rG has left
  372. Guus has left
  373. Guus has joined
  374. Guus has left
  375. Guus has joined
  376. Flow dwd, I think we talked past each other, for most of the time. Which made us didn't talk about what should happen if HT-* failes because of an experied token (my initial question). In that sense, it is probably different than most SASL mechs, in the sense that you could fallback to another SASL mech
  377. arc has left
  378. Tobias has joined
  379. arc has joined
  380. alacer has joined
  381. tux has joined
  382. lumi has joined
  383. stefandxm has joined
  384. remko has joined
  385. alacer has joined
  386. Ge0rG has left
  387. Flow prably the simplest approach would be "client knows that he just did a HT-* auth that failed, so let's retry (possible on a new connection) e.g. SCRAM"
  388. jere has left
  389. jere has joined
  390. Syndace has left
  391. Kev FWIW, I think dwd's right about just about everything above.
  392. Ge0rG has left
  393. Flow sure, was mostly a misunderstanding what ISR+SASL-MECH means. He was talking about using ISR with SASL-MECH, and I was talking about using ISR with SASL HT-* and SASL-MECH chained
  394. remko has joined
  395. alacer has joined
  396. Ge0rG has left
  397. arc has left
  398. arc has joined
  399. arc has left
  400. alacer has left
  401. arc has joined
  402. Syndace has joined
  403. Syndace has joined
  404. arc has left
  405. alacer has joined
  406. arc has joined
  407. Syndace has joined
  408. waqas has joined
  409. Syndace has joined
  410. ralphm has left
  411. tux has joined
  412. efrit has joined
  413. lovetox has joined
  414. Ge0rG has left
  415. uc has joined
  416. remko has joined
  417. arc has left
  418. arc has joined
  419. remko has joined
  420. la|r|ma has joined
  421. alacer has left
  422. Guus has left
  423. tux has joined
  424. Kev has left
  425. Kev has left
  426. la|r|ma has left
  427. la|r|ma has joined
  428. intosi has joined
  429. mimi89999 has left
  430. lskdjf has left
  431. lskdjf has left
  432. goffi has left
  433. goffi has joined
  434. dwd has left
  435. dwd has left
  436. alacer has joined
  437. ralphm has joined
  438. Guus has left
  439. Guus has joined
  440. Guus has left
  441. Guus has joined
  442. Guus has left
  443. Guus has joined
  444. Guus has left
  445. Guus has joined
  446. Guus has left
  447. Guus has joined
  448. Guus has left
  449. ralphm has left
  450. remko has joined
  451. Valerian has joined
  452. Guus has joined
  453. Guus has left
  454. remko has joined
  455. alacer has joined
  456. SamWhited has left
  457. alacer has joined
  458. daniel has left
  459. Guus has joined
  460. Tobias has joined
  461. Guus has left
  462. jere has left
  463. jere has joined
  464. Guus has joined
  465. arc has left
  466. arc has joined
  467. Guus has left
  468. Guus has joined
  469. Tobias has joined
  470. arc has left
  471. arc has joined
  472. uc has left
  473. valo has joined
  474. remko has joined
  475. Tobias has joined
  476. daniel has left
  477. daniel has joined
  478. Tobias has joined
  479. daniel has left
  480. daniel has joined
  481. Valerian has left
  482. daniel has left
  483. daniel has joined
  484. lskdjf has left
  485. lskdjf has left
  486. alacer has joined
  487. efrit has left
  488. lskdjf has left
  489. stefandxm has left
  490. remko has joined
  491. efrit has joined
  492. lskdjf has left
  493. daniel has left
  494. lskdjf has left
  495. jubalh has joined
  496. efrit has left
  497. Valerian has joined
  498. efrit has joined
  499. mimi89999 has joined
  500. alacer has joined
  501. alacer has left
  502. alacer has joined
  503. efrit has left
  504. arc has left
  505. arc has joined
  506. intosi has joined
  507. arc has left
  508. arc has joined
  509. alacer has left
  510. Kev has left
  511. remko has joined
  512. stefandxm has joined
  513. lskdjf has joined
  514. efrit has joined
  515. intosi has left
  516. lskdjf has left
  517. ralphm has joined
  518. intosi has joined
  519. lskdjf has left
  520. Guus has left
  521. jubalh has left
  522. lskdjf has left
  523. arc has left
  524. arc has joined
  525. SamWhited has left
  526. remko has joined
  527. arc has left
  528. arc has joined
  529. lskdjf has joined
  530. arc has left
  531. arc has joined
  532. daniel has joined
  533. lskdjf has left
  534. arc has left
  535. Guus has joined
  536. lskdjf has left
  537. sezuan has joined
  538. arc has joined
  539. daniel has left
  540. Guus has left
  541. Guus has joined
  542. Guus has left
  543. Guus has joined
  544. daniel has joined
  545. Syndace has joined
  546. Guus has left
  547. lskdjf has joined
  548. jubalh has joined
  549. remko has joined
  550. daniel has left
  551. lskdjf has left
  552. Guus has joined
  553. sezuan has left
  554. lskdjf has left
  555. Guus has left
  556. Guus has joined
  557. sezuan has joined
  558. lovetox has left
  559. lovetox has joined
  560. Valerian has left
  561. Valerian has joined
  562. jubalh has left
  563. daniel has joined
  564. Guus has left
  565. Guus has joined
  566. lskdjf has joined
  567. Guus has left
  568. waqas has left
  569. Guus has joined
  570. Guus has left
  571. jubalh has joined
  572. alacer has joined
  573. Guus has joined
  574. Guus has left
  575. valo has joined
  576. remko has joined
  577. intosi has joined
  578. dwd has left
  579. jubalh has left
  580. Guus has joined
  581. alacer has joined
  582. arc has left
  583. dwd has left
  584. arc has joined
  585. Guus has left
  586. daniel has left
  587. arc has left
  588. daniel has joined
  589. arc has joined
  590. Tobias has joined
  591. Guus has joined
  592. arc has left
  593. arc has joined
  594. arc has left
  595. arc has joined
  596. Guus has left
  597. remko has joined
  598. jubalh has joined
  599. dwd has left
  600. dwd has left
  601. dwd has left
  602. dwd has left
  603. mimi89999 has left
  604. dwd has left
  605. dwd has left
  606. intosi has joined
  607. dwd has left
  608. dwd has left
  609. efrit has left
  610. remko has joined
  611. efrit has joined
  612. jubalh has left
  613. sonny has joined
  614. Flow has left
  615. arc has left
  616. arc has joined
  617. pep. hmm, I was wondering about Consistent Color Generation. I remember we were talking about XHTML-IM styles/colors the other day, I suppose it's the same issue here? edhelas
  618. pep. (i.e., doesn't fit in the color theme)
  619. intosi has left
  620. Guus has joined
  621. intosi has joined
  622. mark.erd has joined
  623. remko has joined
  624. mark.erd has left
  625. mark.erd has joined
  626. goffi has left
  627. arc has left
  628. arc has joined
  629. Guus has left
  630. mark.erd has left
  631. mark.erd has joined
  632. arc has left
  633. arc has joined
  634. intosi has left
  635. mark.erd has left
  636. arc has left
  637. lumi has left
  638. Guus has joined
  639. jjrh has left
  640. arc has joined
  641. Guus has left
  642. Guus has joined
  643. arc has left
  644. arc has joined
  645. remko has joined
  646. Guus has left
  647. Guus has joined
  648. arc has left
  649. arc has joined
  650. ralphm has left
  651. intosi has joined
  652. tux has joined
  653. Syndace has left
  654. Tobias has joined
  655. emxp has joined
  656. jjrh has left
  657. edhelas is there a place where I can find a proper way to detect if a JID is valid or not ?
  658. Guus has left
  659. Guus has joined
  660. mathieui the RFC? :p
  661. pep. https://tools.ietf.org/html/rfc7564
  662. dwd has left
  663. pep. I don't know of tools doing that
  664. edhelas sure, but is there some nice PRECIS/regex thing that I can reuse ?
  665. pep. I don't think it's a one regex job :x
  666. pep. But I've never ever read it. Maybe implementations have examples
  667. pep. But I've neven ever read it. Maybe implementations have examples
  668. edhelas https://github.com/movim/movim/issues/492 got that, don't know how to fix it
  669. pep. But I've never even read it. Maybe implementations have examples
  670. Valerian has left
  671. pep. I think I linked a lib doing PRECIS in php the other day
  672. pep. https://github.com/tom--/precis I don't know how compliant that is though
  673. dwd has left
  674. dwd has left
  675. tim@boese-ban.de has joined
  676. dwd has left
  677. dwd has left
  678. sezuan has left
  679. dwd has left
  680. Kev has left
  681. dwd has left
  682. Valerian has joined
  683. uc has joined
  684. dwd has left
  685. edhelas has left
  686. edhelas has joined
  687. dwd has left
  688. dwd has left
  689. intosi has left
  690. dwd has left
  691. debacle has joined
  692. efrit has left
  693. intosi has joined
  694. intosi has left
  695. efrit has joined
  696. jubalh has joined
  697. mimi89999 has joined
  698. intosi has joined
  699. Guus has left
  700. intosi has left
  701. Guus has joined
  702. Guus has left
  703. Guus has joined
  704. jere has left
  705. zinid has left
  706. arc has left
  707. arc has joined
  708. daniel has left
  709. daniel has joined
  710. Guus has left
  711. Guus has joined
  712. jubalh has left
  713. Guus has left
  714. jubalh has joined
  715. lovetox has left
  716. Guus has joined
  717. intosi has joined
  718. remko has joined
  719. sonny has left
  720. sonny has joined
  721. intosi has left
  722. Guus has left
  723. Guus has joined
  724. Valerian has left
  725. Valerian has joined
  726. Steve Kille has left
  727. Guus has left
  728. Steve Kille has left
  729. Guus has joined
  730. dwd has left
  731. remko has joined
  732. Guus has left
  733. Guus has joined
  734. Valerian has left
  735. dwd has left
  736. tux has left
  737. tux has joined
  738. Valerian has joined
  739. arc has left
  740. arc has joined
  741. arc has left
  742. arc has joined
  743. dwd has left
  744. dwd has left
  745. arc has left
  746. daniel has left
  747. daniel has joined
  748. arc has joined
  749. dwd has left
  750. dwd has left
  751. dwd has left
  752. lskdjf edhelas, why would a client need to validate jids (perfectly)? the client would only need to forward everything to the server and let the validation be done there. There is the point that it might be convinient to show a user that what they are doing definitly won't work, but that check mainly should not have false negatives - false positives aren't so bad because the server will detect them. so in practice .+@.+ should work fine...
  753. dwd has left
  754. dwd has left
  755. dwd has left
  756. dwd has left
  757. dwd has left
  758. remko has joined
  759. dwd has left
  760. arc has left
  761. arc has joined
  762. dwd has left
  763. Syndace has joined
  764. dwd has left
  765. dwd has left
  766. dwd has left
  767. Guus has left
  768. Guus has joined
  769. SamWhited edhelas: I've got a validator you can use somewhere if you still need one. I'll seems it your way when I'm next at my desk.
  770. dwd has left
  771. dwd has left
  772. efrit has left
  773. Guus has left
  774. dwd has left
  775. jere has joined
  776. Guus has joined
  777. daniel has left
  778. la|r|ma has joined
  779. Guus has left
  780. Guus has joined
  781. vanitasvitae has joined
  782. efrit has joined
  783. debacle has left
  784. efrit has left
  785. remko has joined
  786. dwd has left