-
Ellenor Malik
XMPP over XMPP
-
jonas’
Ge0rG, in-band✎ -
jonas’
Ge0rG, out-of-band ✏
-
Ge0rG
jonas’: you still have three weeks to reapply!
-
Daniel
jonas’: if you come to the meetup on Thursday I can remind you oob
-
jonas’
Ge0rG, no? reapplications close on Feb 23rd
-
jonas’
Daniel, that’d mean leaving the house
-
jonas’
I suppose
-
Ge0rG
jonas’: I'm sorry, you are right
-
jonas’
nice try to get me kicked out of council! ;)
-
MattJ
Heh
-
Ge0rG
jonas’: not just you! :P
-
pep.
https://github.com/xsf/xmpp.org/pull/679 Anybody with superpowers to review plz? :)
-
Ge0rG
> The next Summit will happen next year. 😁
-
emus
Have you hear that the BND is financing open source projects with 5000€ similar to GSoC?
-
Ge0rG
Yes.
-
dwd
That's the German Foreign Intel agency?
-
vanitasvitae
emus: yeah
-
Ge0rG
dwd: yes
-
pep.
Ge0rG, I'm very hopeful!
-
dwd
I suppose it's possible that XMPP projects would be favoured there.
-
Ge0rG
dwd: the ones that were "recently" uncovered to have backdoored Crypto AG
-
Ge0rG
(the involvement was known since 1997, but apparently it's big news in 2020)
-
dwd
Ge0rG, Hah. That's such an old story, and moreover a repeated pattern that's been occurring since after WW2.
-
Ge0rG
dwd: indeed
-
edhelas
> BND financing open source projects > OMEMO:2 incoming > 🤔
-
dwd
Ge0rG, First case I'm aware of is the UK selling Enigma systems post-war. However, I have a suspicion that there's a similar case after the Napoleonic wars.
-
pep.
edhelas, conspiracy!
-
dwd
edhelas, I'm not sure that wold be relevant. It's unclear to me if that would fit the threat model.✎ -
pep.
Daniel is an undercover agent
-
dwd
edhelas, I'm not sure that would be relevant. It's unclear to me if that would fit the threat model. ✏
-
pep.
oops
-
dwd
edhelas, In particular, BND presumably do trust their server, and probably more than the mobile devices used in the field.
-
vanitasvitae
edhelas: shhhh
-
pep.
Curious to know if there's anything you can do to prevent messages leaking once a terminal is compromised :x (as long as it's not known to be)
-
dwd
pep., It's more that if you think a device might be compromised, with OMEMO/Signal/etc the device has a cleartext archive, whereas without it won't and you can cut access to the server-side archive.
-
pep.
without what e2ee it won't have a cleartext archive?
-
pep.
I'm not sure I understand
-
pep.
You mean the client won't explicitely store locally?
-
dwd
pep., For example, with WhatsApp, the device stores a database of all the message history.
-
dwd
pep., Whereas with Pando (for example) we explicitly don't, and instead pull that from the server.
-
pep.
That doesn't mean it doesn't see the cleartext messages
-
dwd
pep., Sure. But there's a matter of the effect of a compromise post-discovery.
-
pep.
(you kinda have to, I don't have bionic e2ee-capable eyes)
-
dwd
pep., The question isn't who and what device can see the messages. The question is where the archive is kept at rest.
-
pep.
Well this assumes you have any doubts
-
dwd
pep., Well, only in as much as if someone compromises a device without your knowing all bets are off no matter what you do.
-
pep.
what I said above :)
-
dwd
pep., So not much point in considering that case. Instead, consider the cases where endpoint compromise is known.
-
dwd
pep., And decide which you think is the greater risk - for some, that'll be the server being compromised, for others, the client. Which you feel is the bigger risk means you might want OMEMO-style encryption or not.
-
pep.
Sure there's a point in considering it as well. It's certainly a lot easier to get a hold of a user terminal when that user is targetted. When the user is not targetted directly and people are just interested in data, it's probably faster to try and compromise the server and I bet there's lots of servers not that good security-wise
-
dwd
pep., Right, but for a foreign intel agency, I would suspect the risk of a compromised client is probably higher.
-
dwd
pep., Same for us, actually. I believe the risk of a community nurse leaving their phone in a patient's house is higher than someone breaking into our servers.
-
dwd
pep., But that won't be the same for everyone, of course.
-
pep.
Who knows.. One would hope they employ capable people and they give us the freedom to act✎ -
pep.
Who knows.. One would hope they employ capable people and they give them the freedom to act ✏
-
Zash
Myeah, forgetting my phone somewhere does seem more likely than someone breaking into my server room and/or server.
-
dwd
Zash, But if you ran your server for thousands on people, the risk profile might change.✎ -
dwd
Zash, But if you ran your server for thousands of people, the risk profile might change. ✏
-
dwd
Zash, For you, if not for your users.
-
Zash
I don't, so my users == { me }
-
dwd
My best understanding of why WhatsApp have encryption is to protect themselves from subpoena activity, not for security for their users as such.
-
Zash
Makes sense.
-
emus
vanitasvitae, Ge0rG: I mean lets take away their money - modern problems need modern solutions :)
-
Ge0rG
dwd: it has helped very much, hasn't it? https://www.reuters.com/article/us-facebook-brazil/facebook-executive-jailed-in-brazil-as-court-seeks-whatsapp-data-idUSKCN0W34WF
-
pep.
Open reuters > Get visually agressed by cookies' consent bs > Manage consent > JS error..
- Ge0rG has the "I don't care about cookies" extension and didn't notice anything
-
pep.
I have a similar extension but I still get their annoying popup
-
Neustradamus
I have a little request, can you open: https://nl.movim.eu/?feed/pubsub.movim.eu/Movim When you click on the publication titles, have you the publication or other?
-
MattJ
I get prompted to download the atom feed
-
pep.
Firefox?
-
MattJ
Yes
-
pep.
I'm not sure browsers parse this correctly anymore.. curl tells me "content-type: application/atom+xml; charset=UTF-8" so that's correct right?
-
Neustradamus
Thanks guys, you have confirmed the problem to edhelas, I am not alone ;)
-
pep.
Neustradamus, I'd say your client is the issue. Use a proper feed reader
-
edhelas
the problem is that the feed reader is not taking the alternate + text/html
-
edhelas
but only the first alternate, that is kinda an issue; so i'll fix that one
-
Neustradamus
The problem is linked to (for example): </content> <link rel="enclosure" type="image/png" href="https://upload.movim.eu/files/9d94237298995552fa13436420195fbca436dce7/jDBsJ9BW7g66gCZ3G3ARICSq5T3dsAg9j75CnNOr/image.png"/> <link rel="alternate" href="https://upload.movim.eu/files/9d94237298995552fa13436420195fbca436dce7/jDBsJ9BW7g66gCZ3G3ARICSq5T3dsAg9j75CnNOr/image.png"/> <link rel="alternate" type="text/html" href="https://nl.movim.eu/?node/pubsub.movim.eu/Movim/87633da7-3963-4923-aabc-54ac5f6ad1d8"/> </entry>
-
pep.
edhelas, if that's a problem to you then then I think it's before that.
-
pep.
HTTP Headers
-
edhelas
Neustradamus I actually told you 2min ago that I will fix the issue, why bothering the people here about that ?
-
Neustradamus
edhelas: I sent here before you understand the problem
-
edhelas
also, Atom implementation in Movim is definitly not a topic related to this chatroom
-
Neustradamus
edhelas: I can not join the main mucroom ;)
-
pep.
yes you've been banned, for reasons one can understand
-
Neustradamus
I know that some people do not like when we inform about problems, we can see a new time today. If no people inform, no solution ;)
-
MattJ
Sometimes it's not about the information, but about the delivery
-
Alex
Reminder that the current application period ends by the end of this week. In case you want to appy, recruit someone to apply, or need to reapply: https://wiki.xmpp.org/web/Membership_Applications_Q1_2020 Thanks
-
Daniel
jonas’: ^
-
Guus
Daniel is yours a haiku? 🙂
-
jonas’
application done, thanks
-
dwd
jonas’, Any chance we can last call XEP-0345 again? I have no idea what happened to it last time. Board, BTW, not Council.
-
pep.
It's be voted in by board
-
pep.
Last board
-
dwd
pep., Has it? Showing as Proposed, currently.
-
pep.
I was the only one to answer the LC and board didn't take that into account anyway
-
jonas’
I must’ve missed that one, can you dig up records?
-
dwd
pep., And LC ending over two years ago.
-
pep.
hmm when was that again..
-
moparisthebest
again, many people aren't getting all mailing list posting because xsf's mailmain still breaks DKIM and SPF and therefore DMARC
-
moparisthebest
I get maybe half of the emails sent to the list, it depends on the email settings of the sender
-
moparisthebest
(please fix mailmain)
-
jonas’
I love how those "anti spam" technologies break valid usecases while not preventing spam.
-
jonas’
but yeah, we should probably get that fixed
-
moparisthebest
why do I keep typing mailmain instead of mailman...
-
Zash
Those aren't anti-spam
-
jonas’
AFAIK it involves: - Turn off the footer - Turn off the subject prefix - Enable the masquerading of From for DMARC-protected domains
-
moparisthebest
so dmarc allows a pass if *either* SPF or DKIM passes, you can't not break SPF, so if you simply stop breaking DKIM that should fix everything
-
moparisthebest
which yes, turn off footer and subject prefix
-
jonas’
it will fix everything related to DMARC, but break the UX
-
moparisthebest
make sure the List-Unsubscribe header is set, and you'll be golden
-
jonas’
can we get a mailman admin, please?
-
pep.
What are the cons again of validating dkim at the mailing list level and having the mailing list then do dkim itself? Not being able to validate end-to-end?
-
jonas’
cc @ MattJ
-
jonas’
pep., the cons are that it doesn’t help
-
pep.
how so
-
jonas’
(also, operational cost)
-
jonas’
pep., you still break the DKIM signature of the original sender
-
Zash
Just masquerade the Sender and be done with it
-
pep.
You remove it even. The list signs itself
-
moparisthebest
you can do that too ^
-
moparisthebest
I mean, instead
-
jonas’
pep., and then the receiver looks up the DMARC record and sees that there should be a signature for that sender
-
pep.
jonas’, the sender being the list?
-
jonas’
depends
-
jonas’
I always get confused with Sender vs. MAIL-FROM vs. From:
-
jonas’
and also Return-Path
-
Zash
From is purely metadata, you can put whatever you want there
-
pep.
Well Return-Path is the list here, and I'd put both enveloppe and the other as the list anyway and sign with the list.
-
Zash
!= routing data
-
jonas’
pep., requires setting up and maintaining a DKIM thing though
-
pep.
If I want to validate who sent what I'd use normal gpg signing
-
jonas’
pep., yeah, tell that please to the DKIM idiots
-
pep.
not what I'm saying
-
Zash
pep.: Footers can break gpg tho
-
jonas’
Zash, they’re attached as separate text/plain part
-
Zash
Right. Not on every list tho.
-
pep.
I always assume DKIM allows us to validate point-to-point. I'd expect the list to do the validation always, not a host at the other end of the chain
-
Zash
*mumble* Google Groups
-
pep.
assumed*
-
moparisthebest
I get people have opinions re: DKIM/SPF/DMARC but that's not really relevant, they are a thing most email providers implement, and if we want most people to be able to recieve mail to the list, it has to be fixed
-
jonas’
moparisthebest, yeah, help me get hands on a mailman admin
-
pep.
moparisthebest, yeah I'm proposing a practical solution :p
-
jonas’
pep., setting up and maintaining OpenDKIM is *not* practical
-
jonas’
(on the XSF resource budget either way)
-
pep.
semantics
-
pep.
Meaning I'm not just talking about protocols because I like to talk about protocols
-
moparisthebest
(I run rspamd which does DKIM+SPF+DMARC+spam stuff automatically, and is easier to set up than opendkim+spf+spamassassin+amavisd+everything else)
-
jonas’
I love especially how rspamd depends on redis, but doesn’t support redis clusters.
-
moparisthebest
but beside the point, there are basically 2 ways it can be fixed: 1. stop breaking DKIM signatures (don't add footer or mangle subject) 2. send from xmpp domain instead
-
moparisthebest
the XSF mail server *should* already be validating dmarc/dkim/spf or it can be used to forward unauthorized mail/spam
-
moparisthebest
does anything actually stop me from sending mail as a board member to a board-only mailing list?
-
jonas’
moparisthebest, this is a question I’ve been asking myself for quite some time and which I wanted to pen-test after having asked board, but I never got around to actually do that.
-
moparisthebest
what's the official way to get that on the board's agenda as a question?
-
jonas’
send a message to board@
-
jonas’
someone will hopefully fish it out of the moderation queue
-
pep.
moparisthebest, "as a board member"?
-
jonas’
aside from that I may still have +w on the board trello, or you can ask pep. who’s on board, too.
-
pep.
I don't think you can send stuff to board@ if you're not subscribed can you?
-
moparisthebest
pep., like, impersonating your email for instance
-
jonas’
pep., but the subscription only checks From
-
jonas’
(or maybe Sender)
-
pep.
ah I see
-
pep.
We're not using board@ anyway, and I don't like it
-
moparisthebest
and if it doesn't do dkim/dmarc/spf or something, then I can happily send "official board emails" from ralphm or pep. or whoever
-
pep.
So you can send what you want. Plus I always sign my emails :P
-
jonas’
email from is not to be trusted. news at 11.
-
pep.
yeah
-
moparisthebest
right, and all those are terrible hacks to add authentication to it :/
-
pep.
yes
-
moparisthebest
it's getting better, but hacking that on after the fact is rough
-
moparisthebest
also ARC incoming...
-
moparisthebest
http://arc-spec.org/ ^
-
pep.
dwd, MR 20190307T15:16:48Z 000 <ralphm> motion carries. Let the Editors go through to the mechanics to move XEP-0345 to Active.
-
MattJ
http://logs.xmpp.org/xsf/2019-03-07#2019-03-07-e58b19e060a046e8
-
pep.
I was looking for that
-
jonas’
ah, that’s clearly my fault
-
jonas’
fixing that now
-
pep.
It's indeed not been processed by editors, but I wouldn't go as far as saying it's your fault. There are many other editors :x
-
jonas’
were there back then though?
-
pep.
No, but there are others
-
jonas’
reminds me to ask board to clean up editor membership
-
pep.
yeah
-
jonas’
I abused my privileges to create https://trello.com/c/8Q5XQWks/388-clean-up-editor-team-memberships
-
pep.
how dare you
-
pep.
Thanks, looks good
-
dwd
I always sign my emails too - I put "Dave." at the bottom.
-
pep.
Indeed. Just like signatures we use on legally binding documents, it's been proven it works very well
-
pep.
(I had a hard time making it less sarcastic)
-
jonas’
Subject: [Standards] ACTIVE: XEP-0345 (Form of Membership Applications)
-
jonas’
there we go
-
pep.
Thanks :)
-
jonas’
ah, I need to re-last-call '402
-
lovetox
dwd, the example in 402 for publish options is not the best
-
lovetox
you use max_items = 10000
-
lovetox
if you are a new client and there are existing bookmarks, this results 99% in a failed publish
-
dwd
lovetox, PRs welcome. I didn't actually write that one, I think Link Mauve did (he actually wrote most of that spec at this point, we should make him an author).
-
Daniel
Yeah I think that probably predates the max thing in pubsub
-
lovetox
ah k, yeah we should change that, there is a new max-items=max in pbusub
-
lovetox
though this probably also will fail, because no server supports that yet
-
Daniel
And having a 'magic' number was the best we good do before
-
Zash
Ugh
-
Daniel
Yes 'atomic bookmarks in pep' probably just depends on max being supported
-
Daniel
Which should be mentioned somewhere
-
Ge0rG
has the "max" bike shedding settled yet?
-
dwd
Daniel, "PEP Native Bookmarks". I bikeshedded the name a bit further.
-
Ge0rG
IIRC there was a revamp by server developers who objected because "max" is not a valid integer
-
jonas’
dwd, though I consider that name slightly confusing
-
jonas’
I plan to bikeshed on that one
-
Daniel
Yes you can name it whatever you want as long as it's called atomic bookmarks in pep
-
dwd
Daniel, NUCLEAR BOOKMARKS
-
Zash
QUANTUM BOOKMARKS
-
Daniel
That's a compromise I can live with
-
Ge0rG
http://www.quickmeme.com/img/ab/ab32ca63f3cf210c253a92780beda430d37b32bc0cc9e8a9856d1c2f72d8b56a.jpg
-
Ge0rG
Did we have "Schrödinger's Bookmarks" yet?
-
dwd
Ge0rG, Heisenberg's Bookmarks? You know how to store them or what they are, but not both?
-
Ge0rG
dwd: I appreciate that. +1
-
Ge0rG
Also what's the dance I need to perform to determine whether PEP on my server is persistent?
-
Ge0rG
(as in: stored to disk, not to RAM)
-
Daniel
I think there is a feature
-
Ellenor Malik
> dwd has written: > edhelas, In particular, BND presumably do trust their server, and probably more than the mobile devices used in the field. Trusting the server does not seem like a viable threat model ever
-
Zash
Ge0rG, `#persistent-items` maybe?
-
pep.
I'd like the max_items=max thing to be settled so that we can actually use the feature :x
-
Zash
But muh validation code :(
-
Ge0rG
I wouldn't be opposed to make `-1` the new max.
-
pep.
I'll let you bikeshed the thing, I just need the feature
-
Ge0rG
because max_items=0 can obviously mean "you shall not pass", but -1 is actually something like "unlimited" in computerese
-
Ge0rG
But I suppose the author is already fed up with the unicode discussion
-
dwd
Ellenor Malik, At all? Ever? I trust my server because it's in the same room as me right now, and only I have access.
-
Ellenor Malik
Never ever.
-
dwd
Ellenor Malik, For anything?
-
Ge0rG
dwd: but you are not always in that room, are you?
-
dwd
Ge0rG, Pretty much. :-)
-
Ge0rG
dwd: I've heard rumors of you being in Brussels and not having your server room around you
-
dwd
Ge0rG, Lies.
-
dwd
Ge0rG, And/or a clone.
-
Ge0rG
maybe your server is an evil twin now.
-
Ellenor Malik
"Only I have access." Only true if you built the processor, hard disk, and everything yourself.
-
Ge0rG
or maybe the evil twin was in Brussels indeed, and told people embarassing stories about the origins of your na,e✎ -
Ge0rG
or maybe the evil twin was in Brussels indeed, and told people embarassing stories about the origins of your name ✏
-
jonas’
Ellenor Malik, so you can’t trust the client either. Your argument is invalid.
-
dwd
Ellenor Malik, OK, but the same goes for your client device, so you're saying nobody can trust anything, and we may as well all go home.
-
jonas’
^5, dwd
-
Ellenor Malik
> jonas’ has written: > Ellenor Malik, so you can’t trust the client either. Your argument is invalid. to be clear, the first part does not imply the second part
-
Ellenor Malik
it's best to trust as few links as possible
-
dwd
Ellenor Malik, Yes, I agree, keep the attack surface low etc. I just suggested that there were cases where the risk to the client device was higher than the risk to the server.
-
dwd
Ellenor Malik, Certainly not true in all cases.
-
Ellenor Malik
encrypt everything to the best of your ability
-
dwd
Ellenor Malik, Encryption doesn't solve any problems, though, it just moves problems around.
-
Daniel
If the BND can't trust their servers they probably have bigger issues
-
dwd
Daniel, Right, that.
-
dwd
Daniel, Well. Actually it's not that simple. But they probably trust the server more than the clients at least.
-
Ellenor Malik
assuming you can partially trust the endpoints, encryption makes problems smaller
-
pep.
Ellenor Malik, "it depends"
-
pep.
on the making problems smaller part
-
Daniel
Also something something accountability
-
dwd
Ellenor Malik, No, I disagree. The BND might not even trust its *users* as much as its server.
-
lovetox
what is the idea behind
-
lovetox
<conference xmlns='urn:xmpp:bookmarks:1'/> is a valid bookmark?
-
lovetox
why would someone publish this, and what should i do with that if i receive it
-
dwd
lovetox, The pubsub item id gives you the jid, remember.
-
lovetox
ahh
-
lovetox
kk thanks
-
dwd
lovetox, So probably quite obvious if you actually see it in the wild.
-
moparisthebest
vanitasvitae: (re: a/v) not even an Android phone or any laptop with internet and jitsi meet?
-
vanitasvitae
moparisthebest: we could try that, but I doubt it will be as good as Cisco's teleconferencing.
-
moparisthebest
WebEx is considered good???? Yikes
-
vanitasvitae
We'll see if we come up with something on site :)