XMPP Service Operators - 2019-08-19

  1. Allo has left
  2. Allo has joined
  3. Jonny has joined
  4. Jonny has left
  5. Jonny has joined
  6. rom1dep has joined
  7. Jonny has left
  8. Jonny has joined
  9. aj has joined
  10. rom1dep has left
  11. rom1dep has joined
  12. Jonny has left
  13. Jonny has joined
  14. Jonny has left
  15. ThibG has left
  16. tom Is there any reason not to allow http plaintext connections to your http_upload server?
  17. Jonny has joined
  18. Jonny has left
  19. Jonny has joined
  20. Jonny has left
  21. ThibG has joined
  22. Jonny has joined
  23. Jonny has left
  24. Jonny has joined
  25. Jonny has left
  26. Jonny has joined
  27. Jonny has left
  28. Pingu from Woodquarter has joined
  29. Licaon_Kter has joined
  30. rom1dep has left
  31. pod has joined
  32. drops has left
  33. drops has joined
  34. volker has joined
  35. xsteadfastx has joined
  36. Jonny has joined
  37. Jonny has left
  38. Holger tom: I'd ask about the Gajim stuff in the Gajim room.
  39. Jonny has joined
  40. Holger tom: > Is there any reason not to allow http plaintext connections to your http_upload server? Sure, you might not want to allow the man in the middle to intercept your users' uploads.
  41. tom but is there any reason to make https mandatory instead of optional?
  42. tom having https as an option metigates that, but as a cdn, Is it not good to allow plaintext access as well?
  43. Holger The upload extension doesn't support offering more than a single URL.
  44. Holger So you can't offer the client to choose between HTTP and HTTPS.
  45. drops has left
  46. drops has joined
  47. tom true, but clients (not uploaders) downloading static content can overide the https to do http
  48. ThibG has left
  49. volker has left
  50. holger has joined
  51. volker has joined
  52. volker has left
  53. volker has joined
  54. drops has left
  55. drops has joined
  56. volker has left
  57. volker has joined
  58. Jonny has left
  59. volker has left
  60. volker has joined
  61. Jonny has joined
  62. drops has left
  63. drops has joined
  64. ElDuderino has joined
  65. Holger Just blindly try HTTP and retry via TLS if that fails?
  66. Holger If people wanted this behavior it would make more sense to extend the spec accordingly. But I doubt you'll convince people in these HTTPS-everywhere times.
  67. Licaon_Kter tom: what's the usecase for non-httpS ?
  68. tom well, for static content that's not confidential
  69. tom for private conversations OMEMO would encrypt anyways
  70. tom http is less overhead and can be easily cached my client-side proxies like squid or polipo
  71. tom *by
  72. tom also, when I do TLS I set it up right. so that means blacklisting all insecure cihpersuites
  73. tom which realisticly only allows chacha20 and AESG
  74. tom the worst thing I want to do is provide a false sense of security. where if you turn on https and I want to be secure, but if you use http on purpose you don't have the illusion of security
  75. tom *AESGCM
  76. ThibG has joined
  77. tom older clients may not be able to speak TLSv1.2: ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-GCM-SHA384
  78. Holger All other ciphersuites are "insecure", sure.
  79. drops has left
  80. drops has joined
  81. Jonny has left
  82. drops has left
  83. drops has joined
  84. Jonny has joined
  85. Jonny has left
  86. bowlofeggs has left
  87. WebPigeon has left
  88. Jonny has joined
  89. WebPigeon has joined
  90. perflyst has joined
  91. perflyst has left
  92. perflyst has joined
  93. kmq has joined
  94. UsL has left
  95. ThibG has left
  96. ThibG has joined
  97. Maranda has left
  98. Maranda has joined
  99. volker has left
  100. volker has joined
  101. madmalkav has joined
  102. UsL has joined
  103. drops has left
  104. volker has left
  105. volker has joined
  106. perflyst has left
  107. perflyst has joined
  108. marc0s has joined
  109. perflyst has left
  110. Jonny has left
  111. Jonny has joined
  112. Jonny has left
  113. Jonny has joined
  114. morgan has joined
  115. sezuan has joined
  116. tom give or take a few cipher modulo and hash length 128/256/384
  117. WebPigeon has left
  118. morgan has left
  119. morgan has joined
  120. marc0s has left
  121. jonas’ that’s not even TLSv1.3
  122. ThibG has left
  123. ThibG has joined
  124. marc0s has joined
  125. Holger I'm convinced it makes sense to break interop (i.e. better don't get the cat pic at all than to take the risk) by not offering ciphers such as, say, AES-128-CBC-SHA one someone shows how exactly to break it.
  126. tom what about tls 1.3?
  127. Holger I'm convinced it makes sense to break interop (i.e. better don't get the cat pic at all than to take the risk) by not offering ciphers such as, say, AES-128-CBC-SHA once someone shows how exactly to break it.
  128. tom nevermind
  129. tom I'm not asking about my cipherlist
  130. morgan has left
  131. Holger tom: Sure, you're just making the point that you need HTTP for interop because you can't offer HTTPS except with a super-restrictive cipherlist because anything else would impose a false sense of security 🙂
  132. tom well not exactly. I don't /need/ plaintext access I'm just wondering if there should be any plaintext access
  133. tom no clients have problems with my restrictive cipherlist that I know of
  134. pep. Let's just use http everywhere because TLS is not perfect anyway and it provides a false sense of security :)
  135. jonas’ that’s the usual symptom of restrictive cipher lists
  136. Holger tom: Well many have. But whatever. I do see your points about overhead and proxies. I just doubt you'll convince people.
  137. jonas’ I didn’t notice that I lost connectivity to jabber.ru until someone pointed it out out-of-band *shrug*
  138. jonas’ I didn’t notice that I lost connectivity to jabber.ru until someone pointed it out out-of-band
  139. jonas’ I didn’t notice that I lost connectivity to jabber.ru due to TLS foo until someone pointed it out out-of-band
  140. pep. Also tom it'd be great if you stopped taking over this channel for every single topic you want to talk about. Please
  141. jonas’ it *is* operations, pep.
  142. jonas’ it *is* related to operations, pep.
  143. tom > I do see your points about overhead and proxies. I just doubt you'll convince people. I'm not worried about convincing people, I'm just wondering if there is any other scenario besides the proxy example
  144. pep. jonas’: it started with gajim and jingle
  145. jonas’ I didn’t scroll up that far
  146. tom >pep.‎: Also tom it'd be great if you stopped taking over this channel for every single topic you want to talk about. Please this channel is idle 90% of the time. If anybody else has a topic they'd like to talk about nothing's stopping them from bringing it up
  147. pep. It's idle 90% of the time so what. Let's all have a single channel with every xmpp users so that it's not idle at all?
  148. Holger tom: That's the usual response of people being asked to stay on topic. The problem is not everybody joined here is interested in having his phone beeping when it's about Jingle for Gajim. I'm not, for one.
  149. tom maybe the gajim conversation was a bit offtopic
  150. Holger (Personally I *am* somewhat interested in Gajim and Jingle, but I joined this room with the phone to be notified of actual operators stuff quickly; while I'm joined to the Gajim room only on my desktop. Just to give an example.)
  151. holger has left
  152. holger has joined
  153. tom sure
  154. holger has left
  155. holger has joined
  156. pep. tom: fwiw, join the gajim room and talk about what you want to do re UI, and the codebase in there. The current maintainer has done a huge amount of work cleaning it up, there are probably parts you can merge in your potential 0.16 fork if it happens
  157. pep. Ah you have joined, cool :)
  158. andrey.utkin has joined
  159. drops has joined
  160. sol has joined
  161. morgan has joined
  162. morgan has left
  163. drops has left
  164. aj has left
  165. morgan has joined
  166. morgan has left
  167. Jonny has left
  168. Jonny has joined
  169. WebPigeon has joined
  170. morgan has joined
  171. aj has joined
  172. marc0s has left
  173. morgan has left
  174. morgan has joined
  175. marc0s has joined
  176. WebPigeon has left
  177. morgan has left
  178. volker has left
  179. volker has joined
  180. reset has left
  181. reset has joined
  182. drops has joined
  183. volker has left
  184. volker has joined
  185. drops has left
  186. volker has left
  187. volker has joined
  188. marc0s has left
  189. volker has left
  190. volker has joined
  191. marc0s has joined
  192. volker has left
  193. volker has joined
  194. mimi89999 has joined
  195. morgan has joined
  196. volker has left
  197. volker has joined
  198. reset has left
  199. Jonny has left
  200. morgan has left
  201. volker has left
  202. volker has joined
  203. Jonny has joined
  204. rom1dep has joined
  205. volker has left
  206. volker has joined
  207. volker has left
  208. volker has joined
  209. volker has left
  210. volker has joined
  211. Maranda has left
  212. Maranda has joined
  213. ibikk has left
  214. reset has joined
  215. morgan has joined
  216. morgan has left
  217. holger has left
  218. holger has joined
  219. madmalkav has left
  220. madmalkav has joined
  221. dinosaurdynasty has left
  222. dinosaurdynasty has joined
  223. Chobbes has joined
  224. sol has left
  225. bowlofeggs has joined
  226. morgan has joined
  227. morgan has left
  228. morgan has joined
  229. kmq has left
  230. ibikk has joined
  231. Maranda has left
  232. morgan has left
  233. morgan has joined
  234. aj has left
  235. volker has left
  236. volker has joined
  237. dinosaurdynasty has left
  238. morgan has left
  239. dinosaurdynasty has joined
  240. dinosaurdynasty has left
  241. dinosaurdynasty has joined
  242. ibikk has left
  243. morgan has joined
  244. ibikk has joined
  245. curen has joined
  246. morgan has left
  247. drops has joined
  248. volker has left
  249. morgan has joined
  250. morgan has left
  251. Allo has left
  252. morgan has joined
  253. drops has left
  254. morgan has left
  255. marc0s has left
  256. marc0s has joined
  257. drops has joined
  258. morgan has joined
  259. sezuan has left
  260. morgan has left
  261. Jonny has left
  262. ThibG has left
  263. ThibG has joined
  264. volker has joined
  265. morgan has joined
  266. Licaon_Kter has left
  267. Licaon_Kter has joined
  268. drops has left
  269. drops has joined
  270. morgan has left
  271. Licaon_Kter has left
  272. Licaon_Kter has joined
  273. Licaon_Kter has left
  274. Licaon_Kter has joined
  275. morgan has joined
  276. volker has left
  277. volker has joined
  278. volker has left
  279. Jonny has joined
  280. volker has joined
  281. morgan has left
  282. Licaon_Kter has left
  283. morgan has joined
  284. Jonny has left
  285. Jonny has joined
  286. Jonny has left
  287. Jonny has joined
  288. lash has joined
  289. morgan has left
  290. volker has left
  291. volker has joined
  292. morgan has joined
  293. drops has left
  294. Licaon_Kter has joined
  295. curen has left
  296. drops has joined
  297. morgan has left
  298. morgan has joined
  299. marc0s has left
  300. marc0s has joined
  301. perflyst has joined
  302. morgan has left
  303. Jonny has left
  304. Jonny has joined
  305. Jonny has left
  306. Jonny has joined
  307. Jonny has left
  308. Jonny has joined
  309. Jonny has left
  310. Jonny has joined
  311. Jonny has left
  312. Jonny has joined
  313. Jonny has left
  314. perflyst has left
  315. perflyst has joined
  316. drops has left
  317. perflyst has left
  318. perflyst has joined
  319. Jonny has joined
  320. perflyst has left
  321. perflyst has joined
  322. drops has joined
  323. morgan has joined
  324. Chobbes has left
  325. Chobbes has joined
  326. Jonny has left
  327. Jonny has joined
  328. volker has left
  329. volker has joined
  330. madmalkav has left
  331. madmalkav has joined
  332. morgan has left
  333. holger has left
  334. holger has joined
  335. morgan has joined
  336. morgan has left
  337. Jonny has left
  338. Jonny has joined
  339. Jonny has left
  340. morgan has joined
  341. andrey.utkin has left
  342. Jonny has joined
  343. volker has left
  344. volker has joined
  345. morgan has left
  346. Chobbes has left
  347. Chobbes has joined
  348. Chobbes has left
  349. ibikk has left
  350. ibikk has joined
  351. Pingu from Woodquarter has left
  352. morgan has joined
  353. morgan has left
  354. WebPigeon has joined
  355. morgan has joined
  356. Jonny has left
  357. morgan has left
  358. WebPigeon has left
  359. morgan has joined
  360. WebPigeon has joined
  361. Jonny has joined
  362. Chobbes has joined
  363. an has left
  364. an has joined
  365. Jonny has left
  366. kmq has joined
  367. Jonny has joined
  368. Jonny has left
  369. Jonny has joined
  370. drops has left
  371. drops has joined
  372. bowlofeggs has left
  373. bowlofeggs has joined
  374. kmq has left
  375. volker has left
  376. volker has joined
  377. drops has left
  378. an has left
  379. an has joined
  380. drops has joined
  381. morgan has left
  382. drops has left
  383. Jonny has left
  384. Jonny has joined
  385. drops has joined
  386. madmalkav has left
  387. madmalkav has joined
  388. drops has left
  389. marc0s has left
  390. marc0s has joined
  391. morgan has joined
  392. drops has joined
  393. marc0s has left
  394. morgan has left
  395. volker has left
  396. volker has joined
  397. carlos has left
  398. morgan has joined
  399. Chobbes has left
  400. marc0s has joined
  401. madmalkav has left
  402. volker has left
  403. volker has joined
  404. Jonny has left
  405. Jonny has joined
  406. morgan has left
  407. Jonny has left
  408. WebPigeon has left
  409. morgan has joined
  410. morgan has left
  411. morgan has joined
  412. Jonny has joined
  413. Licaon_Kter has left
  414. morgan has left
  415. volker has left
  416. hawar has joined
  417. hawar has left
  418. Jonny has left
  419. Jonny has joined
  420. ElDuderino has left
  421. Allie has left
  422. perflyst has left
  423. Allie has joined
  424. Allo has joined
  425. Jonny has left
  426. Jonny has joined
  427. afrogeek has joined
  428. Jonny has left
  429. Jonny has joined
  430. Jonny has left
  431. Jonny has joined
  432. mathieui has left
  433. mathieui has joined
  434. WebPigeon has joined
  435. debacle has joined
  436. Jonny has left
  437. ThibG has left
  438. ThibG has joined
  439. Jonny has joined
  440. debacle has left
  441. pod has left
  442. marc0s has left
  443. marc0s has joined