jdev - 2020-02-26

  1. 123

    Hi everyone

  2. 123

    I'll like to create a jabber account

  3. 123

    Can someone please tell me how to do that?

  4. jonas’

    step 1: find a provider

  5. lovetox

    jonas’, and where do we find a list of servers?

  6. Zash

    Search the web for "public xmpp servers" ?

  7. lovetox


  8. lovetox

    that leads me to a list maintained by jabber.at

  9. lovetox


  10. lovetox

    which is better than nothing i guess

  11. lovetox

    but this is the only result on the first page that would be helpfull

  12. lovetox

    now jabber.network, shows you randomly servers, not sure though if its clear to a user that this are compliant servers

  13. lovetox

    this shows me that its good to have a small maintained list of servers within Gajim that i offer registration for

  14. Link Mauve

    lovetox, have a look at the lists Dino and Kaidan and wiki.xmpp.org have independently been trying to come up with.

  15. lovetox

    hm if a server does not use 0156, does that mean i cant connect to it via webclient?

  16. Link Mauve

    You could if you were to have a fallback BOSH proxy configured as an open relay.

  17. lovetox

    so this means no

  18. lovetox

    then i dont get why the compliance tester lists those providers as 100% compliant

  19. lovetox

    using a webclient with your provider is a basic use case i think many people have

  20. lovetox

    so it seems it really was not in the compliance XEPs before but it is now for 2020

  21. lovetox

    not sure how this was missed in the years before

  22. lovetox

    when all BOSH xeps where there for compliance, but no way to discover the bosh service

  23. Link Mauve

    lovetox, another possibility is the service having a sanctioned web client which hardcodes their BOSH or WebSocket endpoint.

  24. Link Mauve

    XEP-0156 “just” allows the user to use any web client of their choice.

  25. Link Mauve

    lovetox, you can direct that request to Daniel, I think he’s the one maintaining the Conversations compliance tester.

  26. jonas’

    it is the *Conversations* compliance tester

  27. jonas’

    why would Conversations care about BOSH

  28. Ge0rG

    If only we had an *XMPP* Compliance Tester.

  29. jonas’

    if only

  30. Ge0rG

    I once performed all the relevant set operations on CS2020 vs CCT

  31. Zash

    Isn't it weird to run tests on deployments when compliance is supposed to apply to implementations?

  32. Ge0rG

    but then I only wrote the results into the xsf@ MUC

  33. Ge0rG

    Zash: no

  34. Ge0rG

    Zash: are you only asking this because it's prohivitively complicated to set up a prosody to be 100% compliant?

  35. Zash

    "prohivitively" yet everyone seems to manage

  36. Zash

    Also, see Snikket

  37. lovetox

    it makes total sense

  38. Zash

    I'm asking because something being in an compliance suite doesn't mean everyone absolutely needs it in their deployment

  39. lovetox

    why would i want to know if prosody x.x is theoretically complicant if i enable the right modules and do the right configuration

  40. Ge0rG

    Zash: that's actually a great example... https://compliance.conversations.im/server/snikket.chat/ --> 94%

  41. lovetox

    As a End User i dont even care what software runs on the server

  42. Zash

    Case in point, your private server doesn't /really/ need 157

  43. Ge0rG

    Zash: I know that you are happy with the XMPP of 2006 and you don't need all the extra modules.

  44. Ge0rG

    snikket.chat is not "your private server".

  45. lovetox

    haha, from the snikket homepage: Secure communication on snikket.chat

  46. Ge0rG

    It has a dozen or two of users who maybe just happened to be in Brussels on a certain day.

  47. Zash

    It's not a public server afaik

  48. lovetox

    Firefox: Your connection is not secure

  49. Link Mauve

    Ge0rG, the one dropping it from 100% to 94% is actually XEP-0368, aka direct TLS.

  50. Ge0rG

    Direct TLS SRV records.

  51. Link Mauve

    It only lowers the amount of roundtrips by one on a connection.

  52. Ge0rG

    Which are undergoing Last Call right now

  53. Link Mauve

    That’s really not something that is absolutely mandatory.

  54. Link Mauve

    Ge0rG, not CFE?

  55. Ge0rG

    Link Mauve: unless you can't parallelize SRV lookups, in which case it adds another rtt

  56. Ge0rG

    Link Mauve: sorry, CFE

  57. Link Mauve

    Are there SRV implementations which can’t do that? /o\

  58. Ge0rG

    Link Mauve: yes

  59. Holger

    Isn't it more about circumventing firewalls doing deep packet inspection?

  60. Zash

    Good resolvers will give you A/AAAA when you ask for SRV

  61. Holger

    Then again ALPN ...

  62. Ge0rG

    Link Mauve: because the useful API abstraction is "open me a secure socket to $service on $domain"

  63. Zash

    Holger: No, it's whatever you want it to be

  64. Link Mauve

    Holger, you can do that with WebSocket or BOSH with probably a lot more success rate in the wild.

  65. Link Mauve

    Ge0rG, so case in point, a deployment doesn’t need 0368.

  66. Ge0rG

    Link Mauve: no, but then it will add one more RTT on clients that support 0368

  67. Ge0rG

    because clients that care about RTTs will first try the direct tls srv

  68. Link Mauve

    Ge0rG, implement SASL2 and Bind2 and you’ll get a wildly more reduced RTT.

  69. Link Mauve

    Ge0rG, then they don’t respect the XEP, since it says to mix them and to obey the SRV order.

  70. Ge0rG

    Link Mauve: see the CFE discussion

  71. Link Mauve

    I’ve read it yes.

  72. lovetox

    Ge0rG, its only tried if there is a record

  73. Ge0rG

    lovetox: but checking for the record is an extra RTT

  74. lovetox

    yes but that does not depend what the server has deployed or not

  75. Ge0rG

    lovetox: yes, it's added alone by the fact that the client supports 0368

  76. lovetox


  77. Ge0rG

    so, if the server has deployed 0368, you have one RTT less than without

  78. lovetox


  79. Ge0rG

    if the client first checks for 0368, then doesn't receive a record and does STARTTLS, it's one RTT more than without

  80. lovetox


  81. lovetox


  82. lovetox

    only if it cant ask in records in parralel

  83. lovetox

    only if it cant ask records in parralel

  84. Ge0rG

    lovetox: which was claimed as very complicated on standards@ in the CFE

  85. lovetox

    but either way i think this does not matter at all

  86. lovetox

    one roundtrip more or less

  87. lovetox

    if you then join 20 MUCs, and are forced to receive a few hundred presences

  88. Ge0rG

    you can pipeline presences, though

  89. lovetox

    hm itś not very complicated just adds complexity for not much gain

  90. Ge0rG

    it's complex and complicated.

  91. lovetox

    is not everything a pipeline in xmpp?! dont know what you mean by that

  92. lovetox

    if you mean to manually delay or queue joins

  93. lovetox

    i dont think this makes much sense

  94. Ge0rG

    lovetox: you authenticate (several RTTs), attempt to restart 0198 (one RTT), bind (one RTT), and then you can send all the joining presences

  95. lovetox

    as a server can not send you stuff in parallel anyway

  96. lovetox

    so in requesting 20 joins at once, this is already a queue

  97. Ge0rG

    and then you'll get a long stream of presences back

  98. lovetox

    yeah and? i would not want to delay that process even further with delaying joins

  99. Ge0rG

    not what I said

  100. lovetox

    what my argument was this takes much more time, than one asking for one more srv record

  101. lovetox

    like magnitueds more

  102. Ge0rG

    lovetox: let me tell you about mobile connectivity on Deutsche Bahn

  103. lovetox

    i think i have to leave now :D

  104. Ge0rG

    if you have multi-second RTTs, they soon add up into your "connect to server" timeout

  105. Zash

    SASL2 would let you do auth + bind in one fewer roundtrip

  106. Zash

    is the idea at least

  107. Zash

    A Resume198-or-Bind operation?

  108. Ge0rG

    also what about 0198 auto-resume

  109. Ge0rG

    Zash: I've been asking for that for years

  110. Ge0rG

    in the context of MAM - https://mail.jabber.org/pipermail/standards/2017-January/032016.html

  111. lovetox

    from a library view this random extension thing in bookmarks is a bit work

  112. lovetox

    the easy way is i give the client a list of all the child nodes of the extension node

  113. Ge0rG

    I'd be glad already if clients stopped butchering my *mandatory* bookmark elements

  114. lovetox

    its harder if i want to give some abstraction over the extension elements to the client

  115. lovetox

    because then i have to mix xml lib objects, with some structs i create

  116. lovetox

    hm i could split it into known extensions and unknown

  117. lovetox

    or maybe this is so crazy custom that i simply should not care as library

  118. lovetox

    and the client just has to operate on the xml lib object

  119. lovetox

    hm what my lib is missing a way to compare xml objects