by any chance, do some of you will attend januscon.it later this month? I'm asking because as I read some emails/discussions around jingle/call-related stuff... Wondering if we can meet and have some drinks if that's the case :)
lksjdflksjdfhas joined
Daniel
marc0s, no. but let me know in case there is ever a more open source focused conference in italy. i'd love to go, maybe even give a talk
marc0s
Daniel, no that I'm aware of right now. Will ping you if I know of something. Not living in Italy, though :)
lovetox_has joined
bhaveshsguptahas joined
bhaveshsguptahas left
lovetox_has left
pep.has left
lovetoxhas joined
Zashhas left
Zashhas joined
Zashhas left
wurstsalathas left
wurstsalathas joined
ajhas left
pep.has joined
Zashhas joined
bhaveshsguptahas joined
ajhas joined
Danielhas left
Danielhas joined
Danielhas left
Danielhas joined
Lancehas joined
bhaveshsguptahas left
bhaveshsguptahas joined
ajhas left
ajhas joined
bhaveshsguptahas left
bhaveshsguptahas joined
larmahas left
larmahas joined
marc0s
i'm on the process of adding XEP-0402 support to stanzajs and was wondering how a client should actually determine how to store its bookmarks given the server supports both private storage and pep/pubsub. Any ideas/comments/warnings? :)
Daniel
xep 402 is only specified to work with pep
Daniel
but pep and publish options as well as private xml have features announcments on the account disco
bhaveshsguptahas left
marc0s
but, given that disco announcements offer all the options, what should a client use?
gavhas left
pep.
As not many clients (none?) use 402 yet, you probably also want to support the other pep bookmark thing?
pep.
(48?)
bhaveshsguptahas joined
Daniel
what i do (but that's only for bookmarks 1); is to check if my server supports the conversion xep and if it does i use pep because it's more efficient. and if not i publish to private xml because that's more widely used
marc0s
that would be a safe route, yes
Daniel
i haven’t found a strategy to incorperate bookmarks 2 into the mix
Daniel
probably have the conversion xep also convert into bookmarks 2
Zash
Bookmarks Conversion 2: The seriousening
marc0s
I'm not fully aware of the XEP processes, but it does not sound crazy to me to make 411 take 402 into account
Ge0rG
I think that 402 should mandate backend-side conversion between all the stores.
Daniel
402 still lacks a lot of things
Daniel
it should probably also mention that the node needs to be configured
marc0s
should we then need Bookmarks 3: The Good One :)
Zash
Like I mentioned the other day, node item count limits will be fun
Ge0rG
Bookmarks: Revolution
marc0s
Zash, yep :)
Zash
XEP-0927: Bookmarks 2000: This time we finally got it right!
Lancehas left
Lancehas joined
bhaveshsguptahas left
Lancehas left
bhaveshsguptahas joined
bhaveshsguptahas left
bhaveshsguptahas joined
ajhas left
jonas’has left
jonas’has joined
lovetox
im not convinced on 402, i think it makes the bookmark implementation alot more complex
lovetox
right now i request on start my bookmarks, i get all, and if another device changes one, i also get all, and thats it there are only these 2 things to think aobut, request, and notification
lovetox
with a items based approach, you suddenly have to think about stuff like, what if another device deletes on item? do i get a deletion notification once i come online? no .. what if a device adds 2 items while im offline, do i get 2 items when i come online? no .., so im back to requesting all bookmarks items on start anyway, this time with a more overhead as each bookmark is in its own item
jonas’
lovetox, and with one item, you have to think about: what if another device modifies/adds the same item at the same time, e.g. in response to an invite or something
jonas’
what if the modifications aren’t identical
lovetox
so it seems the only benefit is, that if a device adds a bookmark while im online, i get only one item instead of all
jonas’
or rather, what if two devices concurrently edit two different items
lovetox
i would consider this if i modify my bookmarks 50 times per hour
lovetox
but realisticly its probably 3 times a day
lovetox
jonas’, this is highly unlikely, server processes events in order
lovetox
invite means both clients modify the same item in the same way
Daniel
lovetox, i ran into problems with deleting multiple bookmarks in quick sucession
Daniel
meaning delete the second one while the first one is still in flight
lovetox
yes Daniel i can see the problem, especially with ejabberd
lovetox
as it notifys the issuing device with a pep notification
lovetox
if you take this notification serious, you add back the bookmark that you just deleted
Daniel
yes
lovetox
we should fix that in ejabberd though, prosody doesnt do this
Daniel
i'm not sure that ejabberd is broken in that regard?
lovetox
yes, if i issue a publish, and i get a result that it was ok
lovetox
i dont see a reason why i need a pep notification
lovetox
its not "broken"
lovetox
its just useless and leads to problems as we can see
jonas’
lovetox, yes, server processes events in order, but clients have latency to the server
Daniel
useless maybe. but i'm not willing to by that this is the cause of the problem
Daniel
this is just what makes you notice the problem
Daniel
*to buy
lovetox
i feel we just exchange some kind of problems with other kind of problems with 402
Daniel
i mean this is just the most obvious race. but as jonas’ pointed out there are other (unlikely?) races in there as well that involve multiple clients
Daniel
lovetox, what problems do you see with 402 aside from the upgrade path
bhaveshsguptahas left
lovetox
as i wrote above, it just mentions the benefit, that you can modify one item at a time, but it should have much more on implementation notes, probably because no one implemented it yet
bhaveshsguptahas joined
lovetox
stuff like, if you start, you get the last bookmark item that was published
lovetox
probably should ignore it, until you requested all bookmarks
lovetox
stuff like node configuration
Daniel
lovetox, yes bookmarks 2 is not done yet. and you can just configure the node to not send the last item
Daniel
which i agree the xep should do
lovetox
whith what id do we publish, or does the server choose ids
lovetox
how do we make sure we dont overwrite items
Daniel
lovetox, the id is the jid. i think the xep says that
lovetox
ah kk, what i want to say is, i dont see a big problem with the xep, just it obviously was never implemented
lovetox
and my problems with bookmarks1 are not that big, that i jump into the cold water :)
Daniel
also the XEP needs to do something about max items
Daniel
so there are things in the xep that are underspecified a bit
Daniel
but fixing the race seems to be worth while to me
Daniel
also; if you ever wanted to do something like shared bookmarks on the server side (which customers ask about all the time) having multiple items that the server can modify or inject without editing xml seems like a big benefit to me as well
vanitasvitaehas left
vanitasvitaehas joined
guus.der.kinderen
> also; if you ever wanted to do something like shared bookmarks on the server side (which customers ask about all the time) having multiple items that the server can modify or inject without editing xml seems like a big benefit to me as well
Customers ask for this? As in, read-only bookmarks, shared be a group of people?
Daniel
guus.der.kinderen: well the ask for can we put people into group chats by default
Daniel
Like when they first open the app
Daniel
And bookmarks seems like one way of doing that
guus.der.kinderen
Openfire has a plugin for that. It doesn't do anything fancy, only injects additional bookmarks in a persons bookmarks collection.
guus.der.kinderen
Daniel: yeah that's what we use it for, by adding autojoin bookmarks
Daniel
guus.der.kinderen: yes and server side that seems less messy with bookmarks 2
guus.der.kinderen
It's pretty clean in any form. You simply add a list of shared entries to the personal list, and subtract that list while editing.
Daniel
You could then properly reject the deletion. Instead of having it just magically Reeapear
guus.der.kinderen
Right
guus.der.kinderen
Ok, gotta put the kid to bed. Afk.
bhaveshsguptahas left
bhaveshsguptahas joined
vanitasvitaehas left
vanitasvitaehas joined
linkmauvehas left
linkmauvehas joined
bhaveshsguptahas left
bhaveshsguptahas joined
lovetox
Daniel, do you send always set SNI ext, even for starttls?
Daniel
lovetox: why do you ask? I think I didn't but my last refractor yesterday might have accidentally set it
lovetox
im asking because i contemplate doing this
lovetox
gmail xmpp server mandates it
lovetox
it needs sni even on starttls
lovetox
and it would make my code less complex
Daniel
Oh right. Yes now that you mention it I think I did that
lovetox
i dont really care about gmail
bhaveshsguptahas left
Daniel
Well since yesterday my setup tls socket code is the same for starttls, direct tls and tor
bhaveshsguptahas joined
Daniel
So it's not more code. Is what I wanted to say
Zash
I've been trying to make Prosodys certificate and TLS management code treat STARTTLS and TLS+SNI the same.
moparisthebest
Daniel, how are you doing DNS for tor ?
Daniel
moparisthebest: not at all. You have to specify the hostname
Daniel
(if your server doesn't a record to the same machine)
moparisthebest
hmm, then how do you know direct TLS or STARTTLS
lovetox
you dont
lovetox
you expect the server to offer stuff on the standard ports
bhaveshsguptahas left
Daniel
You can enter port 5223 or 443 and then it will assume that this is direct tls
Daniel
Which is debatable for 443 but who cares
moparisthebest
when you run a tor exit node you get to pick what outgoing ports you support, I feel like more might support 443, but I'm not sure
lovetox
also moparisthebest some servers have .onion adresses
bhaveshsguptahas joined
moparisthebest
which you can put in DNS SRV records
lovetox
.onion adresses have DNS records?
Daniel
Yes. I was about to say. If you are serious about tor I'd recommend you put in the onion address in the hostname field
Daniel
That's what I would recommend to my users
moparisthebest
lovetox, no, but I can put a .onion in the SRV record for moparisthebest.com for example
lovetox
how does that help someone that wants connect to a server and only have the .onion adress?
lovetox
why would a hidden tor service, link itself to a non-hidden srv domain record
moparisthebest
why not?
lovetox
because you are not anonym anymore then
Zash
moparisthebest: someone like that would care about leaking the SRV lookup
moparisthebest
don't leak it, look it up over TOR
lovetox
anyway, to support TOR the server admin has to be aware of it
Daniel
How does that help when you can't do SRV over Tor?
lovetox
and a onion service even more so
Daniel
I mean even if you put the onion in dns how are you going to discover it?
Ge0rG
DoH to the rescue!
Daniel
No
moparisthebest
you can, do DoT or DoH to 1.1.1.1 or even regular DNS over TCP to port 53 of dns4torpnlfs2ifuz2s2yf3fc7rdmsbhm6rw75euj35pac6ap25zgqad.onion
moparisthebest
(which cloudflare runs)
bhaveshsguptahas left
Daniel
So I should hard code cloud flare ips in my app? Is cloud flare still going to exist tomorrow?
moparisthebest
maybe, you can hard-code a few, or run your own
lovetox
moparisthebest, if you are serious about TOR, you will *not* DNS anything
lovetox
you will just pass the onion adress to the tor proxy
lovetox
thats it
lovetox
the moment you involve cloudflare, this degrades TOR seriously
Daniel
Yeah if you want to use Tor take 3 minutes to figure out the histename / onion address of your server
moparisthebest
wouldn't it be nice if a user of regularservice.com that happened to have tor could just connect over it automatically without typing .onion addresses though?
Daniel
And maybe go read the privacy policy of your provider while you are at it
lovetox
moparisthebest, i dont think you get the idea of TOR
lovetox
the idea of TOR is that nobody but you yourself and your machine, knows where you gonna connect to
lovetox
this rules out asking anyone for any information regarding your connection target
lovetox
because then you leaked your intent
moparisthebest
I don't think so, after all HTTPS over tor asks for A records right?
moparisthebest
how is this different?
lovetox
im not a tor expert but im pretty sure the tor network makes the dns request
lovetox
not your machine
moparisthebest
the intent is my ISP doesn't know where I'm connecting to
moparisthebest
the built in tor DNS supports A and CNAME and nothing else though, asking an .onion address for SRV records is essentially the same
bhaveshsguptahas joined
lovetox
Tor is not only to hide your intent from your ISP
moparisthebest
it *can* only be for that though?
lovetox
if that would be the case you would not need tor, just DoH
lovetox
and a proxy
moparisthebest
that sounds harder than tor, and also not as secure/the same
lovetox
if you make a dns request via tor, probably it routes it through the tor network
lovetox
means nobody in theory can trace it back to you
lovetox
not even cloudflare
lovetox
and thats the goal
lovetox
not exchaning your ISP for cloudflare trustwise
lovetox
its you trust no one
moparisthebest
and if you ask cloudflare's .onion for a SRV record they also can't trace it to you, right?
moparisthebest
in fact it never even crosses the clearnet for anyone
lovetox
yes, if we could ask a SRV record over the tor proxy this would work
lovetox
but it doesnt, because TOR just does not support SRV
moparisthebest
but asking an .onion is asking over the tor proxy
Daniel
lovetox: it does. If you ask cloud flare over tcp
lovetox
you propose to do the dns request yourself
Daniel
Yes
lovetox
yes that would work, never done anything like that though, so dont know how complex this is
moparisthebest
yes, just like DNS-over-TLS, DNS-over-HTTPS, and DNS-over-XMPP proposes
bhaveshsguptahas left
lovetox
but sounds complicated
Daniel
I'm already dining my normal dns requests myself ✎
it's annoying enough that you should probably just use a library
lovetox
you cant use them, so you have to implement the whole dns request protocl yourself
Daniel
It's not rocket science. But I won't bother any time soon
Daniel
Because
> Yeah if you want to use Tor take 3 minutes to figure out the histename / onion address of your server
moparisthebest
asking an .onion should be as quick as possible, it's not going through any exit nodes anyhow
Daniel
And
> So I should hard code cloud flare ips in my app? Is cloud flare still going to exist tomorrow?
lovetox
moparisthebest, its not about quick, its about implementing another protocol
moparisthebest
time to expose an unbound port over a tor hidden address ran by conversations.im :D
bhaveshsguptahas joined
moparisthebest
wait why can't you use existing dns lookup libraries/tools lovetox ?
moparisthebest
conversations uses minidns or something if I recall
lovetox
i just doubt they let you use them over a tor proxy
lovetox
but never used one
moparisthebest
it's just a socks5 proxy, they should...
lovetox
i know that i cant use python inbuilt one
Daniel
moparisthebest: fwiw minidns doesn't support dns over TLS or https
moparisthebest
you can just do regular TCP on an .onion though, or I can put in a PR to swap minidns out for https://github.com/moparisthebest/jDnsProxy lol (not really)
lovetox
moparisthebest, maybe you missed it, i already agreed with you that it is possible
lovetox
but as Daniel said, the people who want to use TOR are 1% of the users
lovetox
and they can take the 2 minutes to get the onion adress
lovetox
im not going to jump through hoops programming wise to save them those 2 minutes
moparisthebest
that's fair, I'd kind of like it to be seamless to have regular users connect over tor too, but other people probably disagree
Daniel
We are also only talking about the subset of tor users on providers that don't listen on the a record
moparisthebest
FYI this is the cloudflare .onion reference https://developers.cloudflare.com/1.1.1.1/fun-stuff/dns-over-tor/
moparisthebest
I'll be running a public, anonymous-login-supporting DNS-over-XMPP on clearnet and .onion whenever I get back around to finishing setting it up...
linkmauvehas left
jrmuhas left
Lancehas joined
bhaveshsguptahas left
bhaveshsguptahas joined
bhaveshsguptahas left
bhaveshsguptahas joined
💋ᵐyᵃᵇᵃᵇᵉᶻ💋has joined
💋ᵐyᵃᵇᵃᵇᵉᶻ💋
?
tom
whoever 'jdev@muc.xmpp.org/💋ᵐyᵃᵇᵃᵇᵉᶻ💋' is please change your nic
tom
it's making my software freak out
💋ᵐyᵃᵇᵃᵇᵉᶻ💋has left
tom
how did you even join this muc with that nick? It should be invalid
Valid UTF'8 that passes resourceprep and isn't entirely whitespace, so legal under those rules.
Alexhas left
Zash
Altho, it does not pass Prosodys resourceprep if I recompile it without USPREP_ALLOW_UNASSIGNED, but I think it's using Unicode from 1997 or something then.