XMPP Service Operators - 2020-01-16

  1. alien

    > MattJ has written: > That's different to "nobody is" :) > Windows servers Gaming servers, GeForce Now servers?

  2. alien

    Hey, colleagues! I'm a bit new to Jabber administration. Nice to see such a dedicated community

  3. Licaon_Kter

    alien: 👍

  4. alien

    Are there any working Matrix gateways for XMPP? I know that there is Spectrum and libpurple matrix plugin but they say there is an issue with capital insensitive usernames

  5. Licaon_Kter

    alien: why would you bother?

  6. jonas’

    alien, there is the bifröst bridge, which even seems to be running/deployed somewhere, but I don’t know where

  7. jonas’

    Ge0rG, do you know more about the current state of affairs? ^

  8. alien

    Licaon_Kter: I want to put all my IMs in one app

  9. Licaon_Kter

    alien: riiiight

  10. Ge0rG

    alien, jonas’: there is a running semi official bridge on half-shot.uk

  11. Ge0rG

    And the official one will be deployed "only two weeks from now" since April

  12. Licaon_Kter


  13. alien

    Ge0rG: I mean I want to self host it, but thanks

  14. Ge0rG

    alien: https://github.com/matrix-org/matrix-bifrost/

  15. MattJ

    Ge0rG: did you try running it?

  16. Ge0rG

    MattJ: no, it requires a home server

  17. MattJ


  18. Ge0rG

    but I'm sure somebody will come up with a mod_matrix_c2s based on the 1.0 protocol

  19. alien

    Ge0rG‎, that's not what I'm looking for. I mean I want matrix to be available inside my XMPP client, like ICQ in good old days

  20. Ge0rG

    alien: yes, that's what bifröst will do for you

  21. alien

    Ge0rG‎, as far as I understand from READER, it's not. It's a matix puppeting bridge for libpurple and XMPP to use XMPP inside of matrix

  22. MattJ

    No, I have joined matrix channels from XMPP through it

  23. MattJ

    And the reverse is possible, matrix devs use it to hang out in XMPP chats sometimes

  24. Licaon_Kter

    > but I'm sure somebody will come up with a mod_matrix_c2s based on the 1.0 protocol 1.0 being the monolothic perpetual modifying protocol?

  25. MattJ

    No! The single unified standard that every Matrix implementation will magically implement in its entirety :)

  26. Licaon_Kter


  27. Link Mauve

    Licaon_Kter, already more than six months ago. :p

  28. Link Mauve

    Although from what I’ve heard, their main client still mostly use endpoints marked unstable, and every other client has to either do the same or deal with the lack of features that ensues.

  29. Link Mauve

    It doesn’t seem very pleasant.

  30. Licaon_Kter

    But....the French deployment....but decentralization with matrix.org...but...

  31. Licaon_Kter

    > ECDSA is one of the worst crypto algorithms in modern use OMG CVE-2020-0601 Ge0rG was right all along???!???

  32. genofire

    https://nvd.nist.gov/vuln/detail/CVE-2020-0601 - Windoof

  33. jonas’

    Link Mauve, something about Experimental XEPs ;)

  34. Ge0rG

    Licaon_Kter: it's not a problem in ECDSA but in what kind of curve configurations windows will accept

  35. Ge0rG

    Of course, it's idiotic to have a design where the attacker can submit the properties of the desired algorithm. But it's even more idiotic to have an algorithm that will leak your private key if you reuse a nonce

  36. Licaon_Kter

    I know, implementations can foobar anything ;)

  37. Holger

    > something about Experimental XEPs Sure we do the same thing, but their marketing keeps claiming they do _better_ by avoiding the fragmentation resulting from the modularity of our specs.

  38. Ge0rG

    Holger: at least they *do have* marketing

  39. Holger


  40. jonas’

    Holger, I think the main difference is that they have a flagship client on each plattform, so they can back that claim up.

  41. jonas’

    (and call all other clients "unfinished" side projects)

  42. Ge0rG

    jonas’: on some platforms, they have two

  43. alien

    > MattJ has written: > No, I have joined matrix channels from XMPP through it Can you give me some links on how to setup it pls?

  44. MattJ

    I've never run the bridge myself. As Ge0rG noted, it requires running a Matrix server as well as the bridge, as well as your XMPP server

  45. MattJ

    I don't have the resources to run a Matrix server on my VPS

  46. MattJ

    I use the one Ge0rG mentioned, running at half-shot.uk

  47. Martin

    How can one join a Matrix room from xmpp with half-shot.uk?

  48. MattJ

    Martin, #room#matrix.org@half-shot.uk

  49. Martin


  50. Ge0rG

    You can also disco#items on that domain, but it'll return invalid JIDs

  51. Martin

    16.01.20 18:10:06 - mdosch.de: Establishing a secure connection from mdosch.de to half-shot.uk failed. Certificate hash: 708dbe9a9b04bf458dba6c08496aae36cc70d2da68c2bc00f9e9cea028823a99. Error with certificate 0: certificate has expired.

  52. Martin

    Yeah, that looks already promising!

  53. Martin

    Or is this why it's called half shot? It got a cert but it's expired.

  54. MattJ

    I guess my s2s has stayed up

  55. Ge0rG

    https://xmpp.net/result.php?id=1466209 is very interesting as well

  56. Martin

    Reckless? 😁

  57. Link Mauve

    Ge0rG, c2s isn’t any relevant though, I started a s2s test.

  58. Link Mauve

    Certificate has expired it seems.

  59. ij

    Using the half-shot.uk bridge also means that they can monitor every connection and every message, regardless whether or not it’s a MUC or private chat?

  60. Ge0rG

    ij: yes

  61. Link Mauve

    Ge0rG, https://xmpp.net/result.php?id=1466210

  62. ij

    @Ge0rG - who’s running the bridge? GCHQ in an undercover operation? ;) Well, it’s nice to have that kind of bridges for occational use, but not more…

  63. Ge0rG

    ij: NSA maybe

  64. muppeth

    ij, you ask who is running half-shot bridge?

  65. ij

    not seriously

  66. Ge0rG

    Because everybody knows that Half-Shot is