-
Ge0rG
I'm looking for public servers that have: - IBR with a captcha - Redirection from IBR, https://xmpp.org/extensions/xep-0077.html#redirect - IBR and run ejabberd
-
Martin
Maybe also ask in operators
-
Ge0rG
Martin: right, thanks
-
pep.
jonas’, your ToS thing is up for the taking I assume? Talking about IBR
-
pep.
I'm finally working on opening up my service and that's a requirement to me. (at least if we get things going I know I won't be stuck with http redirects forever)
-
jonas’
pep., -v please
-
pep.
Long ago when we did gdpr stuff you proposed a tos spec
-
jonas’
I know
-
jonas’
you can invent something better than that, sure
-
jonas’
I don’t intend to continue to work on it
-
pep.
Right that was my question. I might as well reuse the name :P
-
DebXWoody
I'm going to implement XEP-0373. Just tried to add my JID like xmpp:user@domain.tld. https://xmpp.org/extensions/xep-0373.html#openpgp-user-ids gpg> adduid Ihr Name ("Vorname Nachname"): xmpp:test@domain.tld Email-Adresse: Kommentar: Sie haben diese User-ID gewählt: "xmpp:test@domain.tld" Bitte keine Emailadressen als Namen oder Kommentar verwenden It's not possible, because gpg says: The name look like a email address. --quick-adduid is working.
-
flow
DebXWoody, that's more of an gpg API issue
-
DebXWoody
Yes, but it should look like I did?
-
DebXWoody
Add the xmpp URI as name and keep mail and comment empty.
-
flow
I haven't verified that gpg will then produce the according rfc4880 subpacket, but it's not unreasonable that it does
-
flow
IIRC gpg provides a dump command to inspect the rfc4880 structure
-
flow
one potentially want to use that to verify that the result is compliant to xep373✎ -
pep.
I think I used xmpp URIs in the email or comment field last time I tried✎ -
flow
you potentially want to use that to verify that the result is compliant to xep373 ✏
-
pep.
I think I used xmpp URIs in the email last time I tried ✏
-
flow
I'd guess either of name or mail address is fine
-
pep.
flow, hmm, that'S gonna be slightly problematic if gpg doesn't accept it. Assume most implementations will use gpg / gpgme or similar for this :/
-
flow
pep., well they should use the high level gpg api for taht
-
flow
besides older gpg versions are known to have a problematic api
-
flow
mostly because older gpg versions had no api, so gpg APIs where build around the gpg command line interface and parsed the gpp output
-
flow
every reasonable OpenPGP API lets you create the User ID Packet with an arbitrary string
-
flow
cause that is what rfc4880 specifies: https://tools.ietf.org/html/rfc4880#section-5.11
-
pep.
ok
-
flow
in the example DebXWoody gave, gpg is trying to prevent the user doing something uncommon (assuming the user wants to use gpg as gpg believes it should be used)
-
flow
they should use the high level gpg api for taht → they should *not* use the high level gpg API for that
-
lovetox
gpg lets you do this
-
lovetox
you just have to pass the proper commands
-
lovetox
there is a command that lets you skip all those checks
-
lovetox
for example --allow-freeform-uid
-
lovetox
Disable all checks on the form of the user ID while generating a new one.
-
flow
lovetox, yep, DebXWoody already mentioned --quick-add-uid
-
pep.
One wouldn't use gpg directly though right? :/
-
pep.
I mean gnupg
-
lovetox
if the command line app will not support something,i think your chances are low that you can do it programmatically
-
flow
pep., yes, you would want to use an library providing an OpenPGP API
-
flow
for gnugp there is gpgme, but I can't comment on its suitability nor usability
-
flow
but there a dozens of alternatives
-
pep.
dozens?
-
flow
https://neopg.io/
-
flow
https://sequoia-pgp.org/
-
flow
paul's pgpainless (java)
-
flow
https://www.openpgp.org/software/developer/
-
lovetox
gpgme is not very advanced
-
lovetox
i remember when i implemented gpg in gajim, it didnt even had an api for importing a key
-
lovetox
the python bindings i mean
-
flow
the situation of python openpgp APIs was not good a few years ago, I hope that changed
-
lovetox
i think someone worked on the python gpgme bindings
-
lovetox
and it can do now more but didnt look since a year
-
pep.
Yeah last time I checked was the berlin sprint last year
-
pep.
Using the Rust binding of gpgpme. I might use sequoia someday if I tackle this again
-
flow
sequoia is in very good standing
-
flow
definetly something to look out for
-
pep.
It's been a few years I've known about them, just never had the chance
-
DebXWoody
gpgme is ok: https://codeberg.org/xmpp-messenger/xmppc/src/branch/master/src/mode/pgp.c#L99
-
DebXWoody
I like the idea of XEP-0373 and 0027 is obsolete. But I don't get why there is https://xmpp.org/extensions/xep-0373.html#synchro-pep within XEP-0373? Is it ok to skip it or is the client in those case not XEP-0373? My key is on a Nitrokey / Smartcard and I would like to use this key for 0373. There is no need to sync the private key and there is also no need to create a new one for me.
-
flow
DebXWoody, nothing in xep373 mandates that this is mandatory-to-implement
-
DebXWoody
ok
-
flow
the xep(s) deliberately keep a degree of freedom here, while sketching a schema that could work to get the average users to use OpenPGP encrypted XMPP messages (without ideally even being aware that she/he does)✎ -
flow
the xep(s) deliberately keep a degree of freedom here, while sketching a scheme that could work to get the average users to use OpenPGP encrypted XMPP messages (without ideally even being aware that she/he does) ✏