jdev - 2020-03-31

  1. sonny has joined

  2. Sam Whited has left

  3. Sam Whited has joined

  4. sonny has left

  5. sonny has joined

  6. amnesia has left

  7. Martin has left

  8. Martin has joined

  9. lovetox has left

  10. amnesia has joined

  11. lovetox has joined

  12. amnesia has left

  13. strar has left

  14. strar has joined

  15. DebXWoody has joined

  16. SouL has joined

  17. strar has left

  18. strar has joined

  19. moparisthebest has left

  20. Guus has left

  21. Guus has joined

  22. adrien has left

  23. adrien has joined

  24. strar has left

  25. strar has joined

  26. Marc has left

  27. Marc has joined

  28. kikuchiyo has joined

  29. pulkomandy has left

  30. goffi has joined

  31. pulkomandy has joined

  32. DebXWoody has left

  33. kikuchiyo has left

  34. kikuchiyo has joined

  35. strar has left

  36. kikuchiyo has left

  37. kikuchiyo has joined

  38. asterix has joined

  39. wurstsalat has left

  40. wurstsalat has joined

  41. strar has joined

  42. asterix has left

  43. asterix has joined

  44. pulkomandy has left

  45. kikuchiyo has left

  46. pulkomandy has joined

  47. kikuchiyo has joined

  48. kikuchiyo has left

  49. kikuchiyo has joined

  50. asterix has left

  51. asterix has joined

  52. asterix has left

  53. asterix has joined

  54. asterix has left

  55. asterix has joined

  56. kikuchiyo has left

  57. pulkomandy has left

  58. kikuchiyo has joined

  59. pulkomandy has joined

  60. pulkomandy has left

  61. kikuchiyo has left

  62. lovetox has left

  63. kikuchiyo has joined

  64. pulkomandy has joined

  65. asterix has left

  66. asterix has joined

  67. asterix has left

  68. asterix has joined

  69. DebXWoody has joined

  70. kikuchiyo has left

  71. kikuchiyo has joined

  72. kikuchiyo has left

  73. dendang has joined

  74. asterix has left

  75. asterix has joined

  76. asterix has left

  77. asterix has joined

  78. kikuchiyo has joined

  79. lovetox has joined

  80. debacle has left

  81. kikuchiyo has left

  82. larma has left

  83. larma has joined

  84. asterix has left

  85. asterix has joined

  86. larma has left

  87. larma has joined

  88. asterix has left

  89. asterix has joined

  90. kikuchiyo has joined

  91. kikuchiyo has left

  92. asterix has left

  93. asterix has joined

  94. kikuchiyo has joined

  95. kikuchiyo has left

  96. asterix has left

  97. asterix has joined

  98. amnesia has joined

  99. pulkomandy has left

  100. pulkomandy has joined

  101. kikuchiyo has joined

  102. Martin has left

  103. asterix has left

  104. asterix has joined

  105. Martin has joined

  106. Martin has left

  107. Martin has joined

  108. Martin has left

  109. Martin has joined

  110. paul has left

  111. paul has joined

  112. Martin has left

  113. Martin has joined

  114. Martin has left

  115. amnesia has left

  116. Martin has joined

  117. pulkomandy has left

  118. pulkomandy has joined

  119. Martin has left

  120. Martin has joined

  121. Martin has left

  122. Martin has joined

  123. Martin has left

  124. Martin has joined

  125. asterix has left

  126. Martin has left

  127. amnesia has joined

  128. asterix has joined

  129. Martin has joined

  130. Martin has left

  131. Martin has joined

  132. amnesia has left

  133. amnesia has joined

  134. Martin has left

  135. asterix has left

  136. asterix has joined

  137. Martin has joined

  138. Martin has left

  139. Martin has joined

  140. Martin has left

  141. Martin has joined

  142. Martin has left

  143. Martin has joined

  144. Martin has left

  145. Martin has joined

  146. Martin has left

  147. Martin has joined

  148. Martin has left

  149. Martin has joined

  150. Martin has left

  151. Martin has joined

  152. Martin has left

  153. Martin has joined

  154. debacle has joined

  155. asterix has left

  156. asterix has joined

  157. tsk has joined

  158. asterix has left

  159. asterix has joined

  160. moparisthebest has joined

  161. asterix has left

  162. pulkomandy has left

  163. asterix has joined

  164. pulkomandy has joined

  165. debacle has left

  166. asterix has left

  167. asterix has joined

  168. asterix has left

  169. asterix has joined

  170. tsk has left

  171. amnesia has left

  172. pulkomandy has left

  173. pulkomandy has joined

  174. tsk has joined

  175. Sam Whited

    Was anyone here around during the JSF days? I'm trying to get a sense of how its mission was different from the XSFs since my understanding is that it was more software focused

  176. pulkomandy has left

  177. pulkomandy has joined

  178. amnesia has joined

  179. Kev

    Sam Whited: Very few people who're still active. Alex, Edwin, Ralph. Me just about. Not sure about Dave, but I suspect not.

  180. Kev

    Peter, obviously.

  181. Kev

    I've probably forgotten someone, but it's that sort of number of people, I think.

  182. Sam Whited

    Kev: thanks, I'll reach out to them directly

  183. Ge0rG

    Sam Whited: are you going to make a history write-up? That'd be very interesting

  184. pulkomandy has left

  185. Sam Whited

    Ge0rG: I wasn't planning on it, but that would be fun if I learn anything interesting

  186. Ge0rG

    As somebody who is very interested in having a JSF 2.0 of sorts today, I'm probably too biased to do such a thing.

  187. amnesia has left

  188. Sam Whited

    Ge0rG: I've been vaguely thinking about that which is why I asked. I'd like to have something like Apache but for XMPP projects. Something that can act as a fiscal sponsor to help projects raise money, provide a common set of guidelines and dev practices and infrastructure for stuff under its umbrella, etc. but before I ask people what they'd want out of it I figured I'd see what existed before. I'm also not convinced that there is enough interest in XMPP in general to even make it possible, but you never know. Anyways, just doing very preliminary research.

  189. Wojtek has joined

  190. jonas’

    Sam Whited, you should attend board meetings more often

  191. jonas’

    also maybe become a member again so that you see what’s going on on members@

  192. Sam Whited

    jonas’: I still don't see the point of being a member of the XSF.

  193. jonas’

    so that you get a say on that matter

  194. Ge0rG

    Sam Whited: nobody is _against_ creating such an organization, but the XSF isn't it, and looks like so far nobody had the resources to actually start it.

  195. Sam Whited

    Ge0rG: right, that's why I was thinking about doing it separate from the XSF.

  196. jonas’

    you’re most definitely not the first one with that thought

  197. Ge0rG

    I think that the XSF (and XMPP overall) would vastly benefit from having it, though.

  198. Sam Whited

    yah, probably not

  199. Sam Whited

    jonas’: a say in what matter?

  200. jonas’

    Sam Whited, the direction of the XSF and how funds are used.

  201. Sam Whited

    jonas’: I don't think this should be the XSF, they should be two separate organizations.

  202. jonas’

    MattJ, cc @ you, I think you brought something like that up in one of the more recent board meetings, too ^

  203. jonas’

    Sam Whited, yes, and I think such an organisation should have its roots in the XMPP and XSF communities

  204. Sam Whited

    jonas’: I agree, but like I said, this is just me doing some preliminary research.

  205. pep.


  206. jonas’

    I’m saying there’s already efforts in that direction and I suggest you join them. the more the better.

  207. MattJ

    I bring it up all the time

  208. pep.

    I'm also interested fwiw

  209. MattJ

    to anyone who will listen, or who thinks the XSF is capable of doing all the things people want it to do :)

  210. pep.

    "jonas’> Sam Whited, yes, and I think such an organisation should have its roots in the XMPP and XSF communities", I agree

  211. pulkomandy has joined

  212. MattJ

    Well it's unlikely to have its roots in the Matrix community, I agree :)

  213. pep.

    No but it could be perceived as a "FU the XSF, it doesn't work, we're doing our own thing"

  214. MattJ

    I almost thing, so what if it is? (which is unlikely if you're up-front about the goals)

  215. MattJ

    I almost think, so what if it is? (which is unlikely if you're up-front about the goals)

  216. MattJ

    Modern XMPP also has/had that risk

  217. MattJ

    Even the name and domain :)

  218. Ge0rG

    I'm pretty sure it won't, because the XSF is very clear about its razor-sharp focus on Protocol.

  219. MattJ

    (XSF should register legacyxmpp.org on 1st April)

  220. Ge0rG

    MattJ: you could do it right now.

  221. MattJ

    Oh look, that's tomorrow

  222. asterix has left

  223. MattJ

    Must finish my MAM update in time

  224. asterix has joined

  225. Sam Whited

    I kind of forgot about modern XMPP, I'm glad to see this exists. I like the goal of providing docs and UI/UX guidelines and what not.

  226. Ge0rG

    MattJ: because you want it to appear on the Humorous track?

  227. asterix has left

  228. asterix has joined

  229. pulkomandy has left

  230. MattJ

    With DNS-over-XMPP on the Standards Track and MAM on the Humorous track we'll be good

  231. amnesia has joined

  232. asterix has left

  233. asterix has joined

  234. MattJ

    Hmm, I wonder how many libraries/clients would get tripped up by an iq type='get' in one namespace, and the result having a payload with a different namespace

  235. jonas’

    ... why would they

  236. MattJ

    Because people make assumptions

  237. pulkomandy has joined

  238. jonas’

    why do tehy?

  239. jonas’

    why do they?

  240. MattJ


  241. Sam Whited

    seems like the easiest thing to do would be to match based on ID then just decode whatever is in the result, and I would assume most people would do the easiest thing and it wouldn't cause problems

  242. Ge0rG

    MattJ: you'd be surprised how many implementations ignore the xmlns altogether

  243. flow

    well it does

  244. flow

    if you only match on the id, then you are potentially open to spoofed replies

  245. asterix has left

  246. MattJ

    You match on (jid, id) though

  247. asterix has joined

  248. Zash

    and type

  249. Zash

    (jid, id, type=(result|error))

  250. Ge0rG

    Monal won't work on my account because I have a Cisco user on my roster who has a Cisco-namespaced <presence> element inside the jabber:client <presence> element

  251. jonas’

    or have a sufficiently unpredictable ID :)

  252. pep.

    I'm just patching our minidom implementation in Rust to force namespaces everywhere. It's just not possible to retrieve an element without specifying a namespace, unless you loop over everything all the time

  253. flow

    and even (jid, id) is not that trivial as it seems, since there could be multiple values for jid

  254. flow

    including, in some cases, nil

  255. jonas’

    don’t get me started on the ambiguity of an absent @to/@from on stanzas

  256. flow

    so you may simply want to generate "good" IDs and be done…

  257. Sam Whited

    Why would there be multiple values for JID? Do you just mean the server being the domain or the empty attribute?

  258. jonas’

    Sam Whited, that’s not what empty attribute means

  259. Zash

    jonas’, when is it ambigous?

  260. jonas’

    absent attribute refers to your *account*, not to the server domain.

  261. Sam Whited

    oh right, that one. Is that what you menat?

  262. jonas’


  263. jonas’

    Zash, you can’t simply match on the verbatim string, you have to take into account your currently bound-to JID after resource binding, since some servers will always do one thing (present or absent attribute) even if you always send present/absent

  264. Sam Whited

    yah, that's irritating. I just have my library normalize that on all incoming stanzas

  265. jonas’

    so you have to, in your processing loop, alias empty jid to locally bound bare JID, which is annoying to do

  266. jonas’

    I recall having issues with normalising that actually

  267. Ge0rG

    jonas’: nothing wrong with empty @from/@to... Until you send a message to yourself and the Carbon copy you receive doesn't have one of those set, but it means a different thing ;)

  268. Zash

    Just don't find the text that suggests that empty to/from is different from the bare account jid.

  269. flow

    jonas’, do you remember which issues you had exactly?

  270. jonas’

    (also, of course it requires the stanza broker to know your local JID, because we all hate self-contained things)

  271. jonas’

    I’ll have to check the git log

  272. Sam Whited

    What is a "stanza broker"?

  273. jonas’

    Sam Whited, the thing which takes the stanzas from the XML stream and hands it to handlers

  274. jonas’

    I think it’s called mux in mellium

  275. Sam Whited

    Oh, that's not what does the noramlization in my case (I don't think, if it does it shouldn't be, I can't remember)

  276. Sam Whited

    The session (or connection) knows your JID, and whenever any tokens are read from it it can normalize them

  277. jonas’

    my point is that there’s *no* layer which should need to know about your locally bound JID in the stanza processing pipeline

  278. Ge0rG

    Sam Whited: are you also normalizing <forwarded> stanzas? :D

  279. Sam Whited

    Ge0rG: I don't remember how that works, but those are wrapped in an actual stanza, no? I should probably look, if not I'm probably breaking something there

  280. jonas’

    flow, possibly the normalisation issues were purely in aioxmpp

  281. Ge0rG

    Sam Whited: yes they are, but they are also <message/> stanzas and there are no guarantees whatsoever on them having @from/@to set correctly

  282. Sam Whited

    Ge0rG: I don't do any automatic handling at all of those right now, my library is a bit low-level for that. If a package was ever written to handle them, it would have to do its own normalization to remain self contained.

  283. Zash

    I like to think of it as stanzas inheriting the logical to/from of the parent stream.

  284. Zash

    After resource binding one could think of those as from=full jid to=bare jid

  285. Ge0rG

    Zash: that's the logical thing indeed, except that for some people it's not obvious that you have a stream to your account.

  286. jonas’

    Zash, however, as a client, you set @to to the domain, not to the bare account JID

  287. jonas’

    Zash, however, as a client, you set stream:stream/@to to the domain, not to the bare account JID

  288. Zash

    jonas’: Imagine that it changes during resource binding

  289. rion has left

  290. rion has joined

  291. jonas’

    that does make no sense to me

  292. Zash

    I kinda wish resource binding was a stream restart thing

  293. jonas’

    changing on SASL, that’d make sense, because that actually binds you to a JID

  294. jonas’

    changing on SASL, that’d make sense, because that actually binds you to a bare JID of some kind

  295. debacle has joined

  296. Zash

    Drop the resource binding iq hack, server tells you to/from in the post-sasl restart

  297. jonas’

    that’d be kind of sexy, except that the client speaks first on stream resets

  298. Zash


  299. Zash

    + SASL2 gets rid of the stream restart

  300. Zash

    Tho you could just drop the to/from that the client sends. The server knows who you are after auth and it knows who you authed to.

  301. Zash

    And by drop I mean the server ignores it.

  302. asterix has left

  303. Sam Whited

    I'm always torn about the restarts. On the one hand, they're logical and they're probably good from a security perspective. On the other hand, the entire connection process takes forever on a crappy network and anything we can do to speed that up makes me happy.

  304. asterix has joined

  305. Zash

    I did something like that in an experimental CBOR protocol once. No stream restarts, just a message that updates top-level properties like to/from

  306. jonas’

    I don’t even know what stream restarts are supposed to do. the @to is only interesting for client->server really pre-STARTTLS as an SNI-surrogate

  307. jonas’

    aren’t they?

  308. flow

    jonas’, rumar is that they are supposed to reset the xml parser state

  309. flow

    jonas’, rumor is that they are supposed to reset the xml parser state

  310. Zash

    and thus throw away auth related state that might linger

  311. asterix has left

  312. Zash

    which is why it's weird to me that SASL2 drops the restart

  313. jonas’

    flow, ah, that makes sense

  314. asterix has joined

  315. jonas’

    I’ll probably forget that again, but it *does* make sense

  316. pulkomandy has left

  317. MattJ

    Pretty sure there have been protocol security problems in the past that didn't apply to XMPP because we do restarts

  318. pulkomandy has joined

  319. Zash

    Also older SASL mechanisms can negotiate encryption and stuff, which requires a clear point where it's activated.

  320. flow

    I think it's not that bad to have them

  321. flow

    not sure about the motivation to drop them in sasl2 though

  322. Kev

    You need a stream restart after integrity is negotiated.

  323. Kev

    Both starttls and SASL can negotiate integrity, I think.

  324. jonas’

    Kev, see, that argument I don’t get

  325. amnesia has left

  326. Zash

    Never seen it used in SASL tho, only seen the traces of it in DIGEST-MD5

  327. jonas’

    I can see the argument that you want to throw away an XMPP parser/serialiser after having done auth with it, or that you don’t want to keep an XML pipeline hooked up to a stream potentially in the middle of a TLS handshake. But I don’t get that integrity argument

  328. Sam Whited realizes that as we speak I am extremely far behind on my phone because the connection got dropped and on this crappy mobile network it takes ages to be re-established.

  329. Sam Whited

    I'm always confused when I walk up to my laptop and there's a ton of new messages I hadn't seen.

  330. paul has left

  331. tsk has left

  332. Kev

    jonas’: Because if you assume pre-integrity that things might have been injected into the stream, people could have mangled your to/from and stream id, as well as injecting things into your XML parser.

  333. jonas’

    right, so to/from/stream id are 100% irrelevant, aren’t they?

  334. Kev

    So you're potentially doing authorisation based on injected data.

  335. Kev

    I don't believe they are, no.

  336. jonas’

    you authenticate the server with TLS/SASL, likewise for the client.

  337. jonas’

    I never saw the stream ID used for anything

  338. paul has joined

  339. Zash

    It's used in dialback

  340. asterix has left

  341. asterix has joined

  342. jonas’

    that’s more interesting

  343. asterix has left

  344. asterix has joined

  345. jonas’

    (maybe my view is too client-centric?)

  346. Kev

    I think it might be :)

  347. jonas’

    but clients are most hurt by stream restarts either way

  348. Zash

    Didn't the non-SASL auth also use the stream id?

  349. Zash

    > SHA1-encrypted Hmmm

  350. Zash

    > SHA1(concat(sid, password))

  351. Zash

    Obsoleted nearly 12 years ago? Why do we still ship code for this?

  352. Zash

    Altho I fondly remember typing https://xmpp.org/extensions/xep-0078.html#example-3 into a telnet console once upon a time

  353. moparisthebest

    I think it should be brought back, just the PLAIN though, and only over TLS of course

  354. moparisthebest

    if it's good enough for HTTP why not XMPP

  355. Zash


  356. moparisthebest

    SASL made sense before TLS was mandatory, I don't really think it brings any advantages nowadays though

  357. Zash

    This notion makes me sad

  358. moparisthebest

    unless you see "complexity" or "not being able to upgrade ever" as an advantage

  359. moparisthebest

    are there actual advantages to SASL ?

  360. lovetox

    you mean SASL SCRAM?

  361. Kev

    There's an advantage to having a choice of mechanisms, if that's the question. And once you've got a choice of mechanisms, why not use SASL.

  362. lovetox

    yeah there is more than sasl scram

  363. lovetox

    you need a protocol to tell the server how you are going to auth

  364. lovetox

    may it be via 2FA or external via client cert or even PLAIN

  365. Zash

    "good enough for http", but the web uses a lot of OAuth and stuff that only works if you're a browser

  366. moparisthebest

    client cert can be handled at the TLS layer, 2FA can just be a token appended to your password which makes it the same as PLAIN

  367. moparisthebest

    fair re: oauth ugh

  368. Zash

    Also, I sure hope you're not making the argument that popular == good

  369. asterix has left

  370. asterix has joined

  371. pulkomandy has left

  372. pulkomandy has joined

  373. paul has left

  374. paul has joined

  375. dendang has left

  376. dendang has joined

  377. moparisthebest

    no, I'm arguing that PLAIN user+pass is "good enough" and KISS and sasl-scram and friends is needless complexity for no gain

  378. dendang has left

  379. dendang has joined

  380. dendang has left

  381. dendang has joined

  382. asterix has left

  383. asterix has joined

  384. asterix has left

  385. asterix has joined

  386. lovetox

    i agree about sasl scram over tls is probably not very useful

  387. lovetox

    but not about getting rid of extendable protocol that can define any kind of auth mechanism

  388. Ge0rG

    it's useful because you don't need to store the password on the client

  389. Zash

    or on the server

  390. Zash

    or send it over the wire

  391. Zash

    even if TLS helps there

  392. Sam Whited

    More useful than not having an upgrade path if SHA-1 gets broken?

  393. Zash

    and it's cheap to verify for the server, even if you did a billion rounds of PBKDF2

  394. Zash

    Does this exact discussion with these exact words get repeated every couple of months?

  395. Sam Whited

    Unrelated: but is Apache Vysper still being developed? Randomly wound up on its Git page and there are a bunch of recent commits by names I don't recognize. That is suprising

  396. sonny has left

  397. Zash


  398. Sam Whited

    yah, they're not wrong, it's not easy to find. Good to know.

  399. Zash

    Looks like they did a bunch of stuff last year

  400. SouL

    Hmm, is it a XMPP server?

  401. Zash


  402. SouL

    I thought it had something different to it (a reason to make it active again that other XMPP servers do not have or something)

  403. asterix has left

  404. asterix has joined

  405. lovetox

    moparisthebest, fyi you cant do the full client cert spec without sasl

  406. lovetox

    a cert could be valid for more than one account

  407. lovetox

    so you need a way to tell the server the account you want to auth with

  408. lovetox

    don't know though if anyone does that

  409. asterix has left

  410. asterix has joined

  411. moparisthebest

    Ge0rG, and how is not storing the password on the client useful?

  412. moparisthebest

    your xmpp account password should already only be used for xmpp, so if someone has access to your account, it doesn't really matter if they have the password or not

  413. jonas’

    moparisthebest, that’s a pretty strong "should" there

  414. jonas’

    first: user reality begs to differ. second: single-sign-on systems *do* exist.

  415. moparisthebest

    should be a MUST , we need to stop catering to idiots

  416. moparisthebest

    if someone uses "password" or "mustang1" across all their accounts, it doesn't really matter that the xmpp client doesn't store it locally

  417. jonas’

    if someone uses "7GvdunCpiwkUKty9dj3/u8l5" for their company single-sign-on which also has an XMPP client, it does matter though

  418. jonas’

    if someone uses "7GvdunCpiwkUKty9dj3/u8l5" for their company single-sign-on which also has an XMPP service, it does matter though

  419. Zash

    Uh in those cases you can't use SCRAM anyways since you need to send that password in plain text to some validation service.

  420. asterix has left

  421. asterix has joined

  422. asterix has left

  423. asterix has joined

  424. jonas’


  425. Zash

    ... unless it's some OAuth-derivative thing

  426. asterix has left

  427. asterix has joined

  428. alexis has left

  429. sonny has joined

  430. asterix has left

  431. asterix has joined

  432. moparisthebest

    jonas’, does it? cause their browser stores it in plaintext in that case, also probably outlook

  433. asterix has left

  434. asterix has joined

  435. pulkomandy has left

  436. pulkomandy has joined

  437. Martin has left

  438. asterix has left

  439. asterix has joined

  440. Martin has joined

  441. Martin has left

  442. Martin has joined

  443. pulkomandy has left

  444. pulkomandy has joined

  445. Martin has left

  446. Martin has joined

  447. jonas’

    moparisthebest, "others are bad, let’s also be bad"

  448. Martin has left

  449. Zash

    burning coal works just fine, let's do more of that!

  450. Martin has joined

  451. moparisthebest

    jonas’, yep, if it provides no benefit in any case and brings complexity, let's not bother

  452. moparisthebest

    so far we've established it's useless if it's unique to the xmpp account, or in the case of single sign on, where is it useful then?

  453. jonas’

    I don’t agree with your assessment of the SSO situation

  454. Zash

    I don't agree that there's no benefit.

  455. Martin has left

  456. Martin has joined

  457. Martin has left

  458. Martin has joined

  459. Martin has left

  460. asterix has left

  461. asterix has joined

  462. Martin has joined

  463. Martin has left

  464. Martin has joined

  465. asterix has left

  466. asterix has joined

  467. tsk has joined

  468. pulkomandy has left

  469. asterix has left

  470. asterix has joined

  471. Martin has left

  472. Martin has joined

  473. pulkomandy has joined

  474. asterix has left

  475. asterix has joined

  476. tsk has left

  477. DebXWoody has left

  478. rion has left

  479. rion has joined

  480. strar has left

  481. strar has joined

  482. dendang has left

  483. Marc has left

  484. Marc has joined

  485. asterix has left

  486. asterix has joined

  487. alexis has joined

  488. pulkomandy has left

  489. pulkomandy has joined

  490. pulkomandy has left

  491. pulkomandy has joined

  492. alexis has left

  493. Martin has left

  494. Martin has joined

  495. adrien has left

  496. adrien has joined

  497. alexis has joined

  498. adrien has left

  499. adrien has joined

  500. asterix has left

  501. asterix has joined

  502. alexis has left

  503. alexis has joined

  504. alexis has left

  505. alexis has joined

  506. alexis has left

  507. asterix has left

  508. asterix has joined

  509. kikuchiyo has left

  510. kikuchiyo has joined

  511. alexis has joined

  512. kikuchiyo has left

  513. asterix has left

  514. goffi has left

  515. wurstsalat has left

  516. Wojtek has left