-
goffi
Hi. I'm implemeting OMEMO media sharing, and it seems that there is an incoherence: doc says that key is 32 bytes and IV 12 bytes, in hex it's 64 + 24 = 88 but the example URL fragment is 96 bytes, and a quick test with Gajim give me a fragment of 96 bytes too. So it the XEP text wrong or am I missing something?
-
goffi
(talking about the URL in example at https://xmpp.org/extensions/inbox/omemo-media-sharing.html#aesgcm)
-
Daniel
we originally used 16 byte IVs; but the aes-gcm spec says you should use 12
-
Daniel
so for legacy reasons everyone keeps sending 16 for now; but have read support for 12
-
Daniel
except chatsecure i think which only supports reading 16
-
Daniel
which is why we haven’t switched over yet
-
goffi
ok so for reading both should be implemented. For writting is it still recommanded to use 16 or should I use 12? Is there any client not supporting reading 12?
-
Daniel
yes chatsecure; last time i checked
-
goffi
ah right sorry you just say that above :)
-
goffi
Thanks Daniel
-
renken
are there tests provided to verify the correctness of a given RFC implementation? I'm working on implementing RFC 6122 and I'd like to improve and extend my test cases. The dependency on Unicode makes it a bit complex to come up with a complete set of tests
-
Zash
Hm, wasn't there a project for that?
-
Zash
There's a few test cases in in https://github.com/igniterealtime/jxmpp/tree/master/jxmpp-strings-testframework/src/main/resources/xmpp-strings/jids
-
Zash
Not sure about the coverage of Unicode yet tho
-
renken
the ones you provided are very helpful, thanks Zash.
-
Zash
And then there's the thing with RFC 6122 being obsoleted by RFC 7622 but I don't know if anyone is there yet
-
renken
PRECIS isn't implemented yet as far as I know
-
renken
libidn2 team were thinking about releasing libprecis but no news. ICU team's case is vague too https://unicode-org.atlassian.net/browse/ICU-11981 https://libidn.gitlab.io/libidn2/manual/libidn2.html#Stringprep-and-libidn2
-
Zash
I've got that ICU ticket bookmarked 🙂
-
renken
:D
-
renken
prosody discussed PRECIS as well https://issues.prosody.im/533
-
Guus
didn't sco0ter do PRCIES?✎ -
Guus
didn't sco0ter do PRECIS? ✏
-
Zash
libidn being obsoleted by libidn2 when we're using the stringprep stuff .. looks like we're going with ICU for now
-
Guus
(in Babbler?)
-
renken
Guus, I'm not familiar with sco0ter sorry. Zash, it leaves us with a hybrid implementation. 6122 for localpart and resourcepart, 7622 for domainpart (IDNA2008)
-
Zash
There were rumors of some Rust folks maybe planning on some PRECIS stuff
-
Zash
Hm?
-
Zash
Isn't 6122 IDNA2008 + STRINGPREP?
-
renken
no
-
renken
6122 IDNA2003 + STRINGPREP
-
Zash
Wasn't that what was before 6122?
-
renken
yeah
-
Zash
https://tools.ietf.org/html/rfc6122#section-1.1 sounds like IDNA2008 or do I need to read more carefully?
-
renken
well I follow https://tools.ietf.org/html/rfc6122#section-2.2
-
renken
>A domainpart consisting of a fully qualified domain name MUST be an "internationalized domain name" as defined in [IDNA2003];
-
Zash
> or do I need to read more carefully? No, I need make dinner. Looking at these things only leads to tears 🙁
-
renken
eat well
-
Zash
It does say > software implementations are encouraged to begin migrating to IDNA2008
-
renken
yeah that's what I meant by "hybrid"
-
Zash
I think there's also some compat options in IDNA2008 (or at least in ICU) that somehow minimizes the differences (and hopefully, pain) between '03 and '08
-
renken
of course. both PRECIS and IDNA2008 are backward compatible as far as I know
-
Zash
`UIDNA_NONTRANSITIONAL_TO_ASCII` does ... something (in ICU)
-
renken
their docs are a bit vague ...
-
rion
Can you guys make a page maybe on xsf wiki how to live with c/c++ and without PRECIS implementation?
-
rion
It seems some distros are eager to remove old libidn :(
-
renken
if distros are eager to remove libidn, it's because the libidn team is pushing idn2? no? iirc libidn also offers stringprep whereas libidn2 doesn't offer anything (neither stringprep nor precis)
-
renken
an alternative would be to use ICU because it offers (deprecated) idna2003 support, idna2008 and stringprep
-
Zash
ICU also has "confusable" mapping stuff
-
renken
such as?
-
Zash
http://www.unicode.org/reports/tr39/
-
renken
oh yeah that's neat. it helps with address spoofing and forging
-
Zash
Right, that, like if someone joins as "Zаsh" (using a cyrillic small letter a)
-
renken
I assume XMPP users are nice people and delay security considerations until later oops
-
renken
oh yeah Zash, apparently HenryⅣ `\u2163` gets mapped to Henryiv in stringprep however it's illegal in precis. interesting
-
renken
henry*
-
Zash
Fun
-
jonas’
and this is why we don’t go there (PRECIS)
-
Zash
I'd like to have the option but I'm not sure if there's any rush
-
renken
I don't know. I'm still a beginner but personally PRECIS seems more organized and structured properly
-
renken
care to elaborate, jonas’?
-
jonas’
renken, PRECIS and Stringprep aren’t compatible. if some entities are on PRECIS, and some are on stringprep, chaos ensues
-
jonas’
in addition, PRECIS isn’t pinned to a unicode version, so different entities on different unicode versions coudl very well be of different opinions on what constitutes a "legal" string
-
Zash
Bad enough things happen already
-
Zash
🤖️ says hi
-
jonas’
#robotface
-
renken
I see. thanks for the explanation
-
renken
sad unicode life
-
jonas’
read also: https://mailarchive.ietf.org/arch/msg/xmpp/a-WhzOTyOq168GujQHgzQ1-DURI
-
Zash
jonas’, how much chaos do we get if we do the postel thing?
-
jonas’
postel?
-
Zash
"be conservative in what you send, liberal in what you receive"
-
jonas’
helps only partially
-
jonas’
it helps with the plain out rejection, but if unicode comes up with different normalisation mappings, you’ll get havoc with user passwords and stuff
-
Zash
Altho here I mean being Very Strict when creating things locally, while not being as strict with incoming data
-
jonas’
I’d also expect a MUC service to enforce a single unicode version across all nicknames it allows
-
Zash
Yeah, that.
-
Zash
And locally created users.
-
Zash
usernames*
-
Zash
Hm did we already add that to Prosody for MUC?
-
Zash
Ah yeah (trunk tho)
-
Zash
and room localparts
-
jonas’
flow, is there any documentation on creating a MAXS plugin?