The OMEMO XEP doesn't provide a way to ensure that all the connected clients/resources have matching key bundles published, does it?
machas left
kikuchiyohas left
inkyhas joined
kikuchiyohas joined
Millesimushas left
jubalhhas joined
pep.
It doesn't, no
bunghas left
bunghas joined
defanor
Seems like if it (as well as the OpenPGP one) did, clients could take that responsibility from a user (i.e., at least show whether decryption issues seem likely), making the usage a bit easier.
flow
can't a client discover if his bundle is published?
Millesimushas joined
defanor
AIUI a client can check whether its own bundle is published, since they know their own device ID, but others (those who want to send them a message) can't check IDs of all the connected devices.
pep.
defanor, you can deduce it, but yeah there's no explicit mechanism to get this information
9lakeshas left
pep.
You see a new deviceid in the list you can't associate it right away
flow
defanor, why just *connected* devices?
flow
wouldn't you want to also check for offline devices too?
defanor
Well, with connected ones it at least seems possible; offline ones may include future ones if we're considering history/offline messages.
flow
it appears that this boils down that we don't have a way to register and unregister user devices, and even if we had, it would probably be not absolutely reliable
flow
I am not sure why it should be the possiblity of the sending entity to ensure that the receiving entity has published all bundles
flow
even if the sending entity could determine that a bundle is missing, it can't do much about it
flow
also the receiving entity has an inventive to ensure that the bundles of all their devices are up-to-date
flow
*should be the *responsibility* of the sending entity
bunghas left
bunghas joined
defanor
Here's the awkward situation that happens sometimes: a user (receiving entity) connects from two clients/devices, only one publishes the keys, incoming messages get encrypted, the user is confused. They indeed should publish keys from every client or from none now, to ensure reliable delivery, and only stick to clients supporting those then, but it's not the sort of thing most users know about or do, I think. I'm even hesistant myself to publish the keys, since I may have to connect using a client without OMEMO or OpenPGP support, and then there will be all the awkwardness with lost messages again.
flow
there shouldn't be any lost message, but potentially warning messages from the receiving client that the received message could not be encrypted
flow
(in an ideal world that is)
defanor
Yeah, that's the best-case scenario; I saw them both hidden/eaten by a client, and just that situation where you have to ask the other party to disable the encryption and resend messages.
flow
defanor, I am also not sure what your idea to improve the situtation exactly is?
pulkomandyhas left
pulkomandyhas joined
flow
because I feel any "improvement" could lead to open up a encryption downgrade attack vector✎
flow
because I feel any "improvement" could lead to open up an encryption downgrade attack vector ✏
flow
basically UX with mixed OMEMO and non-OMEMO clients is sometimes terriable and I think there is not much you can do about it✎
flow
basically UX with mixed OMEMO and non-OMEMO clients is sometimes terrible and I think there is not much you can do about it ✏
defanor
I think if it was possible at least to find out whether currently connected target user's devices seem capable of decrypting messages, it'd mitigate the issue: the sending client's UI would be able to show what to expect. That's far from perfect too, but better than to not know even whether to expect the connected clients to be able to read (decrypt) the message.
flow
well if you have presence subscription to the receiving entity, then you could query the clients for the omemo feature
larmahas joined
flow
although, I am not sure if the omemo xep currently says that clients should annouce such a feature
Wojtekhas joined
jubalhhas left
flow
so yes, mandating that clients annouce that feature and having the sending entity check if all clients support it, could maybe improve the situation a bit
defanor
Supporting a feature at all is indeed a suggestion that they potentially can decrypt messages, but knowing that the keys are published by those clients/devices gives a bit more certainty still.
pep.
« flow> although, I am not sure if the omemo xep currently says that clients should annouce such a feature » also that doesn't say they're actually using it at the moment you query
flow
of course, it's a bandaid
flow
and I believe the don't want that kind of logic in encrypted messaging
9lakeshas joined
pulkomandyhas left
pulkomandyhas joined
bunghas left
9lakeshas left
bunghas joined
marmistrzhas left
goffihas joined
Ingolfhas left
Ingolfhas joined
inkyhas left
marmistrzhas joined
xnamedhas joined
dezanthas left
dezanthas joined
atomicwatchhas joined
SouLhas left
SouLhas joined
bunghas left
bunghas joined
bunghas left
dezanthas left
dezanthas joined
PapaTutuWawahas joined
MattJ
FWIW this is something I intend to add to Snikket in the future (server-side sanity check that all your devices have published keys)
pep.
I guess Snikket can do that because it's Snikket
MattJ
It's just a little tricky when we don't currently know what devices exist
MattJ
pep.: partly, though it would be sensible to have some all-or-nothing check for other servers too
pep.
My poezio OMEMO plugin is temporarily borked, should I prevent people from sending encrypted messages to me at all?
MattJ
That's up to you 🙂
pep.
Or am I condemned to receive encrypted messages at all times? :x
machas joined
MattJ
If you publish keys.... pretty much yes
MattJ
Even if only one of your clients published keys, that's it
pep.
That's in theory, and in some threat model
marc0shas left
marc0shas joined
jonas’
no, that's what happens in practice ;)
pasdesushihas left
tskhas left
dogehas joined
machas left
machas joined
pep.
No it's not, maybe only with that-one-client
pep.
Or maybe in Snikket
sonnyhas left
sonnyhas joined
jonas’
and you can't control what clients other people use
jonas’
so it's what happens in practice :)
pep.
Practice is a mix of all this
xnamedhas left
tskhas joined
pep.
Atm I'd say the behaviour much more depends on what the user has set their client to do in a specific tab. If it's set to encrypt then surely the client will encrypt as long as the user doesn't change the setting. Dino for sure doesn't change when the recipient has published keys, I've been bitten multiple times when opening a tab I had never opened (1:1 or group). And I'm sure there's also some of this in C. If the other side starts sending me unencrypted messages, I'll continue sending messages not because C "knows" it was encrypted before but because it's now configured to encrypt
Yagizаhas joined
xnamedhas joined
machas left
x51has joined
nephelehas joined
nephelehas left
nephelehas joined
pasdesushihas joined
bunghas joined
nephelehas left
atomicwatchhas left
nephelehas joined
atomicwatchhas joined
machas joined
PapaTutuWawahas left
Wojtekhas left
Wojtekhas joined
kikuchiyohas left
x51has left
Wojtekhas left
Wojtekhas joined
9lakeshas joined
Millesimushas left
Wojtekhas left
9lakeshas left
x51has joined
jgarthas joined
9lakeshas joined
Millesimushas joined
kikuchiyohas joined
pulkomandyhas left
dogehas left
pulkomandyhas joined
kikuchiyohas left
Yagizаhas left
Yagizаhas joined
jubalhhas joined
pulkomandyhas left
pulkomandyhas joined
nephelehas left
nephelehas joined
kikuchiyohas joined
kikuchiyohas left
Wojtekhas joined
Wojtekhas left
FireFlyhas left
FireFlyhas joined
x51has left
thomaslewishas joined
kikuchiyohas joined
machas left
larmahas left
thomaslewishas left
qy
now i remember why i burnt out on rewriting to c++
qy
having to write a snazzy weechat api wrapper
qy
i definitely did not KISS, and as such it got instantly ridiculous