jdev - 2020-05-05


  1. Wojtek has left
  2. pulkomandy has left
  3. pulkomandy has joined
  4. strar has left
  5. strar has joined
  6. pulkomandy has left
  7. pulkomandy has joined
  8. moparisthebest has left
  9. moparisthebest has joined
  10. pulkomandy has left
  11. pulkomandy has joined
  12. pulkomandy has left
  13. pulkomandy has joined
  14. pulkomandy has left
  15. pulkomandy has joined
  16. rion has left
  17. rion has joined
  18. Neustradamus has joined
  19. Neustradamus has left
  20. pulkomandy has left
  21. pulkomandy has joined
  22. moparisthebest has left
  23. moparisthebest has joined
  24. pulkomandy has left
  25. pulkomandy has joined
  26. pulkomandy has left
  27. pulkomandy has joined
  28. aj has joined
  29. pulkomandy has left
  30. pulkomandy has joined
  31. aj has left
  32. Yagizа has joined
  33. pulkomandy has left
  34. pulkomandy has joined
  35. pulkomandy has left
  36. pulkomandy has joined
  37. DebXWoody has joined
  38. sonny has left
  39. sonny has joined
  40. DebXWoody has left
  41. pulkomandy has left
  42. pulkomandy has joined
  43. DebXWoody has joined
  44. pulkomandy has left
  45. pulkomandy has joined
  46. lovetox_ has joined
  47. sonny has left
  48. sonny has joined
  49. lovetox_ has left
  50. sonny has left
  51. sonny has joined
  52. sonny has left
  53. sonny has joined
  54. Yagizа larma, everything's working so far. But I have further questions.
  55. Yagizа larma, are there any suggestions about trust management? I don't really understand how to implement it within OMEMO, if Signal Protocol trust management mechanism is not recommended.
  56. alexis has left
  57. alexis has joined
  58. Yagizа larma, what about "kex" atribute of "key" element? Now I just treat it as a replacement for "prekey" attribute in old versions of OMEMO. Is that correct?
  59. pulkomandy has left
  60. pulkomandy has joined
  61. neustradamus has left
  62. pulkomandy has left
  63. pulkomandy has joined
  64. sonny has left
  65. sonny has joined
  66. pulkomandy has left
  67. pulkomandy has joined
  68. Meta Bergman has left
  69. larma Yagizа: Yes kex is what prekey was before. For trust management, you should probably realize an implementation of BTBV https://gultsch.de/trust.html
  70. jonas’ BTBV, the UX nightmare
  71. gav has left
  72. gav has joined
  73. Marc has joined
  74. lovetox_ has joined
  75. larma jonas’: why?
  76. jonas’ larma, "hey scan my QR code, that’s going to be faster than typing a JID" -- and now you have to verify all future keys of that contact
  77. jonas’ this is a hyperbolic example of the (for the user) non-obvious implications in BTBV
  78. larma Well... that's just an issue of Conversations
  79. larma It's not an inherent issue of BTBV
  80. pulkomandy has left
  81. pulkomandy has joined
  82. larma The verification step should always be visible to the user and also users should be able to reenable blind trust if it wasn't their intent to disable it when verifying a device
  83. larma Just look at how Dino did it ;)
  84. flow isn't that just the good old question of where the sweet spot between security and UX is?
  85. jonas’ yes
  86. jonas’ it is
  87. jonas’ though the BT in BTBV is also a security nightmare :)
  88. Yagizа larma, ok, thanx.
  89. flow and the answer is probably: it depends on what you want, there is not that one single sweet spot
  90. jonas’ BTBV is IMO an attempt to have the cake and eat it, which doesn’t quite work
  91. larma UX secret: don't pop up with a new window to verify fingerprint when sending a message and then automatically close it when blind trust is enabled.
  92. jonas’ UX secret: don’t pop up a window
  93. jonas’ UX secret: don’t pop up a window (unless in response to an action of the user)
  94. larma jonas’: but the user pressed send :D
  95. Ge0rG Chromium always pops up the "do you want to sign in" popup when I open a random twitter link. I *HATE* it
  96. jonas’ yeah, that was a stab at pidgin which’ll spam me with fun popup windows on some kind of spam
  97. Yagizа larma, BTW, what about fingerprints? Do I have to change something in fingerprint generation algorithm? Or should I use the same, used with old version?
  98. larma Yagizа: you just have to make sure you are generating the fingerprint from the curve25519 and not the ed25519 key
  99. Yagizа larma, and how can I get that curve25519 key?
  100. Yagizа larma, ratchet_identity_key_pair_get_public() will return ed25519 key when v4 is used, right?
  101. larma All `ec_public_key` are now both ed25519 and curve25519 public keys
  102. larma If you used `ec_public_key_serialize()` before to generate the fingerprint (by removing its first byte) it should still work
  103. larma You can also directly get it using `ec_public_key_get_mont()`
  104. larma Yagizа: Also note that in the bundle that is stored on pep, you should now use the ed25519 key (which you get by `ec_public_key_get_ed`)
  105. larma Yagizа: Also note that in the bundle that is stored on pep, you should now use the ed25519 key in <ik> (which you get by `ec_public_key_get_ed`)
  106. Yagizа larma, ok, thank you!
  107. kikuchiyo has joined
  108. sonny has left
  109. sonny has joined
  110. Yagizа larma, so, I should use ec_public_key_serialize() for fingerprint generation and ec_public_key_get_ed for getting data to publish in bundles?
  111. larma You can also use `get_mont` for fingerprints, it's the same as `serialize` just without the leading byte
  112. larma But yes, `get_ed` for bundles
  113. Yagizа larma, IC. So, I don't need ec_public_key_serialize() at all?
  114. paul has left
  115. paul has joined
  116. pulkomandy has left
  117. pulkomandy has joined
  118. Yagizа larma, and... how can I use IdentityKey, which I extract from bundles information? Now I just store it in local variable, but I don't see any use for it.
  119. Yagizа larma, should I somehow process it?
  120. kikuchiyo has left
  121. kikuchiyo has joined
  122. kikuchiyo has left
  123. eta has left
  124. eta has joined
  125. debacle has joined
  126. asterix has joined
  127. strar has left
  128. lovetox_ has left
  129. sonny has left
  130. edhelas has left
  131. lovetox_ has joined
  132. edhelas has joined
  133. strar has joined
  134. pulkomandy has left
  135. pulkomandy has joined
  136. debacle has left
  137. kikuchiyo has joined
  138. lovetox_ has left
  139. larma Yagizа: Well you probably want to give the user the option to trust a key even before opening a session with it.
  140. Martin has left
  141. Martin has joined
  142. kikuchiyo has left
  143. kikuchiyo has joined
  144. lovetox_ has joined
  145. pulkomandy has left
  146. pulkomandy has joined
  147. lovetox_ has left
  148. lovetox has left
  149. neustradamus has joined
  150. Neustradamus has joined
  151. Yagizа larma, IC. So, how can I get fingerprint from the ed25519 key, extracted from bundle data, received over XMPP?
  152. Zash has left
  153. sonny has joined
  154. Zash has joined
  155. larma Yagizа, you can use `curve_decode_point` on the key from the bundle to get an `ec_public_key`
  156. Guus has left
  157. Guus has joined
  158. goffi has joined
  159. goffi has left
  160. neustradamus has left
  161. neustradamus has joined
  162. Yagizа larma, ok, thanx!
  163. neustradamus has left
  164. neustradamus has joined
  165. debacle has joined
  166. sonny has left
  167. sonny has joined
  168. pulkomandy has left
  169. pulkomandy has joined
  170. kikuchiyo has left
  171. pulkomandy has left
  172. pulkomandy has joined
  173. kikuchiyo has joined
  174. kikuchiyo has left
  175. pulkomandy has left
  176. pulkomandy has joined
  177. lovetox has joined
  178. kikuchiyo has joined
  179. pulkomandy has left
  180. pulkomandy has joined
  181. sonny has left
  182. sonny has joined
  183. goffi has joined
  184. pulkomandy has left
  185. pulkomandy has joined
  186. Guus has left
  187. Guus has joined
  188. strar has left
  189. pulkomandy has left
  190. pulkomandy has joined
  191. pulkomandy has left
  192. pulkomandy has joined
  193. strar has joined
  194. sonny has left
  195. sonny has joined
  196. pulkomandy has left
  197. pulkomandy has joined
  198. alexis has left
  199. goffi has left
  200. lovetox_ has joined
  201. pulkomandy has left
  202. pulkomandy has joined
  203. pulkomandy has left
  204. pulkomandy has joined
  205. pulkomandy has left
  206. pulkomandy has joined
  207. lovetox_ has left
  208. pulkomandy has left
  209. pulkomandy has joined
  210. sonny has left
  211. sonny has joined
  212. Wojtek has joined
  213. pulkomandy has left
  214. pulkomandy has joined
  215. Yagizа has left
  216. kikuchiyo has left
  217. kikuchiyo has joined
  218. alexis has joined
  219. pulkomandy has left
  220. pulkomandy has joined
  221. goffi has joined
  222. debacle has left
  223. goffi has left
  224. goffi has joined
  225. sonny has left
  226. sonny has joined
  227. goffi has left
  228. Yagizа has joined
  229. debacle has joined
  230. debacle has left
  231. debacle has joined
  232. pulkomandy has left
  233. pulkomandy has joined
  234. edhelas has left
  235. edhelas has joined
  236. goffi has joined
  237. lovetox_ has joined
  238. lovetox_ has left
  239. lovetox_ has joined
  240. lovetox_ has left
  241. lovetox_ has joined
  242. lovetox_ has left
  243. lovetox_ has joined
  244. alexis has left
  245. lovetox_ has left
  246. lovetox_ has joined
  247. lovetox_ has left
  248. lovetox_ has joined
  249. pulkomandy has left
  250. pulkomandy has joined
  251. rion has left
  252. kikuchiyo has left
  253. lovetox_ has left
  254. rion has joined
  255. Yagizа has left
  256. Yagizа has joined
  257. Yagizа has left
  258. lovetox has left
  259. pulkomandy has left
  260. pulkomandy has joined
  261. amnesia has joined
  262. amnesia has left
  263. amnesia has joined
  264. lovetox_ has joined
  265. lovetox has joined
  266. amnesia has left
  267. lovetox_ has left
  268. lovetox_ has joined
  269. amnesia has joined
  270. amnesia has left
  271. lovetox_ has left
  272. lovetox_ has joined
  273. DebXWoody has left
  274. lovetox_ has left
  275. lovetox_ has joined
  276. amnesia has joined
  277. amnesia has left
  278. amnesia has joined
  279. amnesia has left
  280. amnesia has joined
  281. amnesia has left
  282. goffi has left
  283. pulkomandy has left
  284. pulkomandy has joined
  285. alexis has joined
  286. amnesia has joined
  287. amnesia has left
  288. amnesia has joined
  289. amnesia has left
  290. pulkomandy has left
  291. amnesia has joined
  292. amnesia has left
  293. pulkomandy has joined
  294. amnesia has joined
  295. amnesia has left
  296. lovetox_ has left
  297. amnesia has joined
  298. amnesia has left
  299. amnesia has joined
  300. amnesia has left
  301. lovetox has left
  302. amnesia has joined
  303. strar has left
  304. strar has joined
  305. pulkomandy has left
  306. pulkomandy has joined
  307. lovetox has joined
  308. asterix has left
  309. Marc has left
  310. amnesia has left
  311. moparisthebest has left
  312. moparisthebest has joined
  313. moparisthebest has left
  314. moparisthebest has joined
  315. pulkomandy has left
  316. pulkomandy has joined
  317. Wojtek has left
  318. Wojtek has joined
  319. Wojtek has left
  320. Wojtek has joined
  321. pulkomandy has left
  322. pulkomandy has joined
  323. Wojtek has left
  324. Wojtek has joined
  325. Wojtek has left
  326. Wojtek has joined
  327. Wojtek has left
  328. Wojtek has joined
  329. Wojtek has left
  330. Wojtek has joined
  331. Wojtek has left
  332. Wojtek has joined
  333. amnesia has joined
  334. Wojtek has left
  335. Wojtek has joined
  336. Wojtek has left
  337. Wojtek has joined
  338. Wojtek has left
  339. Wojtek has joined
  340. Wojtek has left
  341. pulkomandy has left
  342. pulkomandy has joined