jdev - 2024-02-04

  1. Guus

    Alex: thanks. So it is reasonably usable, I suppose? I didn't see much commits after the original one, which made me wonder.

  2. Alex

    It works perfect. It's just a Promise which gives you back the IQ result including all the messages. Can share my code when I get back to my Laptop tomorrow

  3. MSavoritias (fae,ve)

    what xep would be used to write xmpp emails? specifically the format of an email subject-title/content

  4. MSavoritias (fae,ve)

    is there a subject defined in the rfcs? a quick search in xeps didnt turn up much

  5. wgreenhouse

    subject and thread are both in the RFC

  6. MSavoritias (fae,ve)

    ah that makes sense thanks

  7. Alex

    and there is message type normal, In the very old Jabber days many clients used this as an email replacement

  8. moparisthebest

    MSavoritias (fae,ve): have you seen the Cheogram XMPP<->SMTP gateway? A public instance is running and open source if you want to run your own

  9. MSavoritias (fae,ve)

    yeah i have. i was more interested how it happened technically. somebody asked and i got curious

  10. MSavoritias (fae,ve)

    im low key curious in making an email like ui in xmpp at some point :)

  11. singpolyma

    Cheogram Android pre release has UI to add message subject now

  12. MSavoritias (fae,ve)

    how? is it on unecrypted messages? i run latest pre release

  13. MSavoritias (fae,ve)

    ah i got it

  14. MSavoritias (fae,ve)

    nice :D

  15. singpolyma

    Yes, obviously we can't do it with omemo legacy and we don't have ox or mls yet

  16. MSavoritias (fae,ve)

    i did manage to send it in an omemo chat

  17. MSavoritias (fae,ve)

    but yeah makes sense

  18. singpolyma

    Hmm. I may not have banned it there I forget, but it won't be encrypted

  19. MSavoritias (fae,ve)

    mls and ox cant come soon enough. it would be nice to have only two encryptions to care

  20. MSavoritias (fae,ve)

    yeah i thought it wouldnt be allowed since its not encrypted

  21. singpolyma

    I'm starting to imagine defaulting to OX if the other party supports it, with a "require forward secrecy" option to disable it so we're exposing the consequences to the user, not just the spec names

  22. MSavoritias (fae,ve)

    that actually sounds like a good compromise

  23. lovetox

    sounds like developing for the 1% nerds

  24. MSavoritias (fae,ve)

    maybe forward secrecy by default is too much

  25. lovetox

    most of your users dont care what forward secrecy is, and will only be confused if its in the UI

  26. singpolyma

    lovetox: definitely it is. Currently I default to TLS only but I hear from that 1% all the time about it 😂

  27. MSavoritias (fae,ve)

    it can be under a menu or something in an expert setting

  28. MSavoritias (fae,ve)

    the forward secrecy

  29. MSavoritias (fae,ve)

    it needs a good ui to backup keys for ox tho too

  30. lovetox

    thats obscuring it too much in my opinion, people who search for that also know what OMEMO is

  31. MSavoritias (fae,ve)

    or put it on an encrypted pep on the server

  32. MSavoritias (fae,ve)


  33. singpolyma

    Yeah. Way better than a menu that says "omemo" which no one even should need to know what that is

  34. MSavoritias (fae,ve)

    thats the point imo

  35. lovetox

    you dont need to obscure it with a forward secrecy setting, where nobody actually then knows what will happen

  36. cal0pteryx

    singpolyma: is there an issue tracker for Cheogram somewhere? I fail to find one

  37. singpolyma

    Yeah the consequences need to be clearly documented for sure. Turning on forward secrecy will probably turn off encryption at rest for example, lots of nuance that's hard to communicate

  38. singpolyma

    cal0pteryx: https://soprani.ca/todo but it's read only, you file by just complaining do me in any MUC 😉

  39. cal0pteryx

    Alright: mentioning somebody in a muc by pressing the avatar will print 'null' if the participant os offline

  40. singpolyma

    cal0pteryx: oh, thanks! I'd hat that bug reported but not with so much detail so I couldn't reproduce. I'll fix that for sure

  41. lovetox


  42. lovetox

    Prosody sets this sentence "Complete and submit the form ..."

  43. lovetox

    seems to me to much from a protocol perspective, of course its a form, of course we need to submit it, but the client does, not the user

  44. lovetox

    in Gajim the form looks like a settings dialog, no form submitting is visible to the user

  45. cal0pteryx

    singpolyma: thanks :)

  46. pep.

    "sounds like developing for the 1% nerds" also in activist circles :)

  47. pep.

    Well, just email + PGP, not xmpp bridged to email

  48. pep.

    And yeah no these people wouldn't especially know what OX or OMEMO mean

  49. pep.

    Nor forward secrecy