-
Martin
https://xmpp.org/extensions/xep-0420.html#affix_elements > Prevent known ciphertext and message length correlation attacks. The content of this element is a randomly generated sequence of random length between 0 and 200 characters. TODO: sane boundaries? Hmm, so I should change rpad to '200-messagelength%200' 🤔
-
Martin
https://files.mdosch.de/upload/zPDnDQiM8CUtYgpq9Vfe0zGK/pHxv-z42S7ykFzi6A5dxbg.jpg
-
Martin
BTW, why we have two jdev? 🤔
-
Link Mauve
The old one got replaced with the new one because the old server was extremely old.
-
Link Mauve
It isn’t in use any longer (AFAIK).
-
pep.
Wasn't it destroyed?
-
Link Mauve
I don’t know.
-
Martin
About the first question, don't you think 200 chars is pretty long for the rpad?
-
jonas’
Martin, mind that when generating the padding, you need to count utf-8 bytes, not unicode codepoints btw✎ -
jonas’
Martin, mind that when generating the padding based on the message length, you need to count utf-8 bytes, not unicode codepoints btw ✏
-
Martin
He, i think I have to change that.
-
Martin
Should be OK now: > go build . && echo "â˜"|./go-sendxmpp --ox martin@mdosch.de > Message length: 3 > Rpad length: 97 > Rpad: e1f49f122ccf5a860024a1eaabb8de9811d6d3a1ff89dc8f838d7b317c49f9011bea3dddf8f6bc4432c976947bbd42137cf25b870aad04680a0eda3d876bcdabb47b50a319f1ab87d4adcf460c4a98a91f9b25cf9b3150ccff1493960cbb72931e But I think I rather stick with padding to a multiple of 100 as 200 seems a bit exaggerated…
-
lovetox
i have a server, which when in muc, the muc reflection of the message has 2 stanza-id nodes
-
lovetox
one with a "by" attr of the muc jid, so archive of the muc
-
lovetox
one with a "by" attr of the account of the user who sent the message
-
lovetox
.. why why why
-
lovetox
the spec is great about it
-
lovetox
everything is written like it allows multiple stanza id elements
-
lovetox
but then in the last sentence
-
lovetox
The value of the 'by' attribute MUST be the XMPP address of the entity assigning the unique and stable stanza ID. For one-on-one messages the assigning entity is the account. In groupchats the assigning entity is the room.
-
lovetox
no .. the assigning entity is whatever is in the by attr and not necessarily the room or account