XSF Discussion - 2019-03-16


  1. Ge0rG

    moparisthebest: we just discovered a valid use case for DoX over in jdev! If you are using a proxy (`connect` or socks), you need a way to resolve SRV without leaking the domain to your local network. So you need to tunnel DNS over the proxy

  2. ralphm

    🤣

  3. flow

    Ge0rG, and the DoX server endpoint would be?

  4. ralphm

    Well, I imagine that, like with browsers, this is configurable and/or discoverable.

  5. moparisthebest

    Ha awesome

  6. moparisthebest

    I think browsers just hardcode the endpoint...

  7. moparisthebest

    Firefox let's you change it in about:config

  8. moparisthebest

    Android let's you change it deep into settings

  9. Wiktor

    And in XMPP one can auto discover endpoint by querying server disco info, like http upload. :)

  10. jonas’

    Wiktor, ... and how do you connect to something you can query?

  11. moparisthebest

    Wiktor: you still need a resolver jid/pass + ip + port hardcoded

  12. moparisthebest

    Well, the "querier" account, then you can auto discover the resolver

  13. moparisthebest

    With DNS you'll always need something hardcoded I think

  14. moparisthebest

    Assuming you don't want to leak anything to local DHCP provided DNS server

  15. Ge0rG

    moparisthebest: you should set it up to use anonymous login.

  16. Wiktor

    DoX has the same bootstrapping problem as Do-Anything. I'm not thinking on using it for first query, but for all subsequent queries in the system, effectively upgrading privacy.

  17. moparisthebest

    Yep I need to set up an account with anonymous login firewalled to only contact the resolver

  18. moparisthebest

    Anyone else can do it too though :)

  19. Ge0rG

    moparisthebest: also the correct xmpp URI would be xmpp://user:password@domain/botjid?params

  20. moparisthebest

    It supports params like that?

  21. Ge0rG

    There is a XEP and an RFC for XMPP URI schemes.

  22. moparisthebest

    that's unfortunately tricky and obnoxious

  23. moparisthebest

    in my program I need a clear seperation between "configuration only for this program" and "params sent to endpoint"

  24. moparisthebest

    since it supports http:// anything after the ? gets sent to the server, anything after the # does not

  25. moparisthebest

    so, I just use the same URI parser code for xmpp:// urls, not at all a format that is standard or anyone else can use, but meh

  26. moparisthebest

    it's compatible with my made up tls:// tcp:// and udp:// urls

  27. Ge0rG

    It's incompatible with my brain.

  28. ralphm

    moparisthebest: if you are going to use things that kinda look like an xmpp URI, please make it valid. Bad examples are copy/pasted and the end result would be terrible.

  29. ralphm

    Also don't invent your own URI schemes.

  30. Ge0rG

    What ralphm said.

  31. moparisthebest

    I don't consider them URI schemes I consider them configuration file formats

  32. ralphm

    Then don't let them look like URIs.

  33. Zash

    Is there interest in a XEP with more detailed s2s errors to attach to bounced stanzas? `remote-server-not-found` and `remote-server-timeout` doesn't quite cover the range of possible problems.

  34. ralphm

    As application-specific conditions?

  35. Zash

    Yes

  36. ralphm

    Sounds like a great idea. Would it be mostly informative for debugging, or do you also expect clients and other entities to handle such detailed conditions differently?

  37. Zash

    Yes, informative machine-readable information. Aiding in debugging by providing users with more info to report is one potential benefit.

  38. ralphm nods

  39. flow

    Zash, +1

  40. flow

    Although I am not sure if it adds that much additional value compared to adding the detaield error information into <text/>

  41. flow

    OTOH it can't hurt

  42. Ge0rG

    Speaking of which...

  43. Zash

    It would be nice if one could hint about whether it's a transient error or something more permanent. Not sure that's possible tho.

  44. ralphm

    Huh? You can use the type attribute?

  45. ralphm

    https://tools.ietf.org/html/rfc6120#section-8.3.2

  46. Zash

    Oh, right

  47. Zash

    Wait, I mean, how do you know?

  48. ralphm

    Well, if you don't know, you can't hint.

  49. ralphm

    But, if you're going to create app-specific conditions you could include meta data. Like how long this condition has already lasted.

  50. Zash

    Good idea

  51. ralphm

    Something like suddenly getting an explicit . record for SRV would signal a permanent condition.

  52. ralphm

    (although I guess that's <gone/>)

  53. ralphm

    I'd also mention the usefulness of including the 'by' attribute pointing to the local server, so you can see which entity determined the condition.

  54. Ge0rG

    What about adding a delay element?

  55. Ge0rG

    We have a standard for that

  56. Link Mauve

    “15:52:02 Andrew Nenakhov> Do any clients support 0385? I'm not a fan of it, but if it has some spread, I might reconsider”, I only know of Movim, which uses it the same way Conversations uses OOB AIUI.