jdev - 2026-01-08

  1. theTedd

    I haven't checked, but I would guess not; that would minimally require the block sizes to match exactly with your desired 'decorations', which wouldn't be the case in general

  2. theTedd

    It also assumes there is no block-chaining

  3. fpyrih

    I'm reading Double Ratchet uses AES which has a fixed block size of 128 bits, but IDK

  4. fpyrih

    oh, but > As cryptographic primitives, the Double Ratchet Algorithm uses for symmetric encryption the Advanced Encryption Standard (AES), *partially in cipher block chaining mode* (CBC) (from Wikipedia)

  5. fpyrih

    > It also assumes there is no block-chaining why would this be a problem? I have some Comp. Sci. education, but I'm no expert on crypto or math (as you probably already figured out 😅)

  6. vpzom

    you would also be assuming the message is a valid JSON string

  7. fpyrih

    mmm you're right, I wouldn't be able to modify the message in order to escape any double quotation marks, for example 🤔

  8. jjj333_p (any pronouns)

    i was also under the impression that matrix encryption contained json content which most xmpp clients wont understand unless youre gonna give the user raw json

  9. fpyrih

    yes, matrix's encrypted payload is json

  10. fpyrih

    which you probably can't strip from the ciphertext

  11. fpyrih

    maybe a Gajim plugin to encrypt/decrypt JSON payloads if the other person's resource is a Matrix client could work 🤔

  12. jjj333_p (any pronouns)

    yes allthough that solution is quite messy

  13. fpyrih

    yeah, it's probably better to implement MLS & MIMI support 🤔

  14. fpyrih

    I've been reading a bit on those, too

  15. singpolyma

    WASM provided by the gateway convert decrypted payloads to xmpp stanza equivalent

  16. fpyrih

    I'm trying to figure a way to preserve the E2EE. I wouldn't want the gateway to be a MitM.

  17. vpzom

    I don't think there's any way that wouldn't require a change to clients

  18. fpyrih

    Do y'all think implementing MLS support for some XMPP client would make for a good GSoC proposal?

  19. singpolyma

    Not unless the student is somehow an MLS expert

    🥲 1
  20. jjj333_p (any pronouns)

    kinda random and not at all urgent, but since theres the android app devs in here, whats the jvm solution for omemo?

  21. jjj333_p (any pronouns)

    just thought of it because of the encryption discussoin

  22. fpyrih

    > Not unless the student is somehow an MLS expert you think so? 😮 even when there's MLS libraries available?

  23. franco

    Maybe a mentor that has MLS experience, suffices? 🤔

  24. Benson

    Exploratory projects are also ok for GSoC.

    🎉 1
  25. Benson

    Some code needs to be produced, but scope and time expectation should fit the contributor and provide value to the XSF.

    🤝 1
  26. Syndace

    fpyrih, bridging e2ee is unfortunately not feasible currently. OMEMO can't be bridged to Matrix, there are other insolvable incompatibilities beyond the payload format. MLS might become a solution in the future, but the standard is just not there yet. MIMI is unfinished and it's questionable whether it will ever become a standard. It currently depends on experimental features that I believe are not available in the few existing MLS libraries. There are multiple competing drafts for how MLS could work in 1-to-1 chats but none is finalized. There have been efforts in the XMPP community to integrate MLS, but they have been mostly deferred for now due to the reasons named above. Also, MLS for XMPP is without a doubt too much/difficult for a GSoC project.

    😮 1
  27. Guus

    Hey Syndace, it's been a while! Will we see you at the summit?

  28. badrihippo

    Hey! Off topic for this but on topic for potential GSoC projects: is XEP-0501 (Pubsub Stories) a client-only thing or does it require server support as well?

  29. badrihippo

    I'm guessing client-only given that Movim manages to pull it off, but just wanted to confirm

  30. Syndace

    Hey Guus! I won't join Summit in person this year but I will do so online :) Hope I can make it next year!

  31. theTedd

    > Hey! Off topic for this but on topic for potential GSoC projects: is XEP-0501 (Pubsub Stories) a client-only thing or does it require server support as well? The server just needs to provide PubSub

  32. rako

    Do you know if there's a xep/knowledge on how to efficiently synchronize a pubsub node ? Let's say I have a table with all entries in a node, when I get online I get a <message> for each new remote change but if I made changes locally I can't know what to push without also storing it in a special queue. Is there something like a server-side "last-modified" I can store, and then just compare with my local changes to see if I need to push them ?

  33. theTedd

    The usual approach is to add 'published' and 'updated' datestamps in the entries themselves

  34. badrihippo

    > The server just needs to provide PubSub That's great thanks

  35. rako

    > The usual approach is to add 'published' and 'updated' datestamps in the entries themselves Yeah, we have that with atom entries in 0472 for instance but I was wondering if there was a more generic way. Also, adding it in the entry still doesn't tell me I need to publish it when I'm connected. I guess I need to keep a queue then