XSF Discussion - 2018-03-09


  1. Ge0rG

    flow: now that MUCs SHOULD retain message @ids, would you remove <origin-id> from 0359? :)

  2. jonasw

    and then we’re gonna burn 0359 and re-integrate stanza-id into MAM?

  3. jonasw

    + a "Best Practices for Message IDs" informational XEP referenced from all the XEPs which reference message IDs

  4. Ge0rG

    jonasw: awesome idea

  5. Ge0rG

    "This document is a patch of RFC 6120" ;)

  6. jonasw

    i.e. "use at least 120 bits of entropy, however you do that. a uuid4 is fine, if seeded from a proper CSPRNG"

  7. Ge0rG

    "please don't use hex-encoding"

  8. jonasw

    doesn’t matter, in the end. if implementations have easy access to a CSPRNG-seeded uuid4, I prefer them using that over building their own thing which uses rand()

  9. Ge0rG

    Lazy but effective

  10. Ge0rG

    I still hate the 50% bit efficency of hex encoding.

  11. jonasw

    I do too

  12. jonasw

    and uuids don’t improve that with their dashes

  13. Ge0rG

    Right.

  14. jonasw

    getrandom | base64 is my favourite, but yeah.

  15. jonasw

    urlsafe base64 probably

  16. Ge0rG

    But this is probably a sign of the times, where people bundle a 500KB JavaScript application into a 700MB runtime

  17. jonasw

    or implement IM clients whose core message view component is a browser engine.

  18. Ge0rG

    it's webviews all the way down

  19. jonasw

    yeah

  20. jonasw

    (tbf, I plan to implement a non-webview thing optionally for the type of folks who prefer compact monospaced things)

  21. jonasw

    no embedded youtube for those then though!

  22. Ge0rG

    jonasw: you can add another [X] into https://github.com/xsf/xeps/issues/601 ;)

  23. jonasw

    t

  24. jonasw

    so how should a modern client pick it’s resource?

  25. jonasw

    generate a random ID (4-6 chars) and use "$clientname.$randomid"?

  26. jonasw

    for extra fubar, use emoji as random ID :-)

  27. MattJ

    jonasw, that's my personal preference these days

  28. jonasw

    (for extra fubar, I could use emoji as random ID :-))

  29. MattJ

    Even though I spent years telling Ge0rG he was wrong

  30. MattJ

    for this, and for sending to bare JIDs

  31. daniel

    Yes that's what I'm doing

  32. jonasw

    what did change your mind about the resource thing?

  33. daniel

    3 bytes random in base64

  34. daniel

    That's four chars

  35. MattJ

    jonasw, the realisation that the server can override it, so it really doesn't matter - and it's useful for tracking devices

  36. jonasw

    right

  37. MattJ

    My preference would be that bind2 comes along with a device-id built-in

  38. MattJ

    But until that day, this works fine (and is backwards-compatible with all the clients that allow manual resources)

  39. Ge0rG waves his "told you so" sign

  40. Dave Cridland

    I just use a fixed resource string.

  41. Zash

    Holy war!

  42. MattJ

    Server developers will always win this one

  43. Ge0rG

    MattJ: server developers might have the bigger lever, but they don't win by just applying it

  44. Ge0rG

    They can make life miserable for everyone, but in my book that's not synonymous to "win

  45. MattJ

    and here I thought the definition of "to win" was "to make life miserable for everyone who lost"

  46. Ge0rG

    MattJ: I'd say "to win" also includes making life better for yourself

  47. Ge0rG

    Unless you are in for the game.