XMPP Service Operators - 2021-01-11

  1. kikuchiyo has left

  2. bastoon has left

  3. argon3771 has left

  4. argon3771 has joined

  5. argon3771 has left

  6. argon3771 has joined

  7. Licaon_Kter has left

  8. qnix has left

  9. jayteeuk has left

  10. jayteeuk has joined

  11. David has left

  12. David has joined

  13. SouL has left

  14. argon3771

    So I think I'll make the jump over to prosody from ejabberd for the pi. Thanks for all the advice everyone.

  15. Ivan A. has left

  16. Ivan A. has joined

  17. seantodd has left

  18. openchat has left

  19. loopboom has joined

  20. jayteeuk has left

  21. jayteeuk has joined

  22. gav has left

  23. gav has joined

  24. 86ul has left

  25. Kris has left

  26. Holly Lotor has left

  27. Holly Lotor has joined

  28. qnix has joined

  29. jayteeuk has left

  30. jayteeuk has joined

  31. j.r (jugendhacker.de) has left

  32. Jonny has left

  33. Ivan A. has left

  34. Ivan A. has joined

  35. jayteeuk has left

  36. jayteeuk has joined

  37. alex-a-soto has left

  38. jayteeuk has left

  39. jayteeuk has joined

  40. pintosesk has left

  41. pintosesk has joined

  42. jayteeuk has left

  43. jayteeuk has joined

  44. j.r (jugendhacker.de) has joined

  45. pintosesk has left

  46. pintosesk has joined

  47. jayteeuk has left

  48. jayteeuk has joined

  49. argon3771 has left

  50. argon3771 has joined

  51. jayteeuk has left

  52. jayteeuk has joined

  53. thndrbvr has left

  54. Ge0rG has left

  55. junaid has left

  56. loopboom has left

  57. argon3771 has left

  58. argon3771 has joined

  59. gnu has joined

  60. jayteeuk has left

  61. jayteeuk has joined

  62. junaid has joined

  63. loopboom has joined

  64. alex-a-soto has joined

  65. jayteeuk has left

  66. jayteeuk has joined

  67. Bjarkan has left

  68. Bjarkan has joined

  69. mss_cyclist has joined

  70. sol has joined

  71. jayteeuk has left

  72. jayteeuk has joined

  73. qnix has left

  74. qnix has joined

  75. derventio has joined

  76. Huxx has joined

  77. maiki has left

  78. pintosesk has left

  79. Tim has left

  80. ff255 has joined

  81. argon3771 has left

  82. argon3771 has joined

  83. maiki has joined

  84. Licaon_Kter has joined

  85. jayteeuk has left

  86. jayteeuk has joined

  87. Licaon_Kter

    argon3771: because?

  88. Arne has joined

  89. lorddavidiii has joined

  90. derventio has left

  91. SouL has joined

  92. ibikk has joined

  93. pod has joined

  94. jayteeuk has left

  95. jayteeuk has joined

  96. lorddavidiii has left

  97. raucao has left

  98. lorddavidiii has joined

  99. raucao has joined

  100. Suren has left

  101. Suren has joined

  102. mjk has left

  103. mjk has joined

  104. madmalkav has joined

  105. alberto has joined

  106. MattJ

    Because it's better!

  107. MattJ

    What a silly question :P

  108. frog has joined

  109. Licaon_Kter

    MattJ: right, my bad :)

  110. Licaon_Kter

    MattJ: Does Prosody first cache uploaded files in memory?

  111. Bjarkan has left

  112. mjk has left

  113. jayteeuk has left

  114. jayteeuk has joined

  115. MattJ

    Yes, in the current release

  116. MattJ

    That's why we have default limits that everyone just overrides

  117. MattJ

    Next version will dump straight to file, and obviously there is upload_external for all versions which bypasses the issue entirely

  118. Beherit has left

  119. qnix has left

  120. Beherit has joined

  121. Licaon_Kter


  122. Licaon_Kter

    Back in 2018 ejabberd was doing the same, but a quick zinid fix and my 256Mb Pi1 suddendly become usable.

  123. qnix has joined

  124. tom


  125. tom

    I just don't think mod_upload was a good idea

  126. tom


  127. lorddavidiii has left

  128. tom

    If your going to do it, do it right or don't do it at all

  129. tom

    Use mod_upload_external

  130. tom

    Drop mod_upload

  131. Arne


  132. Alex has left

  133. MattJ

    Yeah, it's annoying that we are working to develop a good XMPP server, and suddenly the scope creeps to include developing a good HTTP server as well

  134. MattJ

    I mean, there are whole other projects dedicated to doing that

  135. Bjarkan has joined

  136. MattJ

    Erlang may have an advantage in that regard, I imagine ejabberd is using a ready-made HTTP server implementation

  137. Arne

    will this change with prosody 12 maybe?

  138. MattJ

    https://blog.prosody.im/2020-retrospective/ - see the section about the HTTP server :)

  139. tom

    The spike in popularity is suspect

  140. tom

    I wonder why

  141. jayteeuk has left

  142. jayteeuk has joined

  143. MattJ

    As written just below the graph, I suspect Jitsi Meet installations - at the time there was a lot of hype about the project, lockdowns and Zoom privacy issues every week

  144. MattJ

    A bunch of places wrote "how to set up your own Jitsi Meet" guides and such

  145. lorddavidiii has joined

  146. Licaon_Kter

    MattJ: > Yeah, it's annoying that we are working to develop a good XMPP server, and suddenly the scope creeps to include developing a good HTTP server as well Spoke as zinid did :)) tom: But there's some elegance in having one daemon do to them all, ejabberd still is OOTB ready to serve, no DB, no webserver, no stun/turn needed besides.

  147. tom

    Jack of all master of none

  148. tom


  149. Beherit has left

  150. qnix has left

  151. tom

    There is a finite resource, developer attention

  152. MattJ

    Licaon_Kter, apart from STUN/TURN, Prosody is the same

  153. MattJ

    I'm not sure the world needs another TURN server implementation, especially in Lua just because :)

  154. MattJ

    Because you know, we'd have to find a name for it

  155. Licaon_Kter

    tom: > Jack of all master of none I'd beg to differ, did you test? > There is a finite resource, developer attention True

  156. qnix has joined

  157. tom


  158. tom

    Prosody makes a terrible webserver compared to nginx and a small perl cgi

  159. tom

    By the way MattJ, since those jitsi servers are using prosody apparently, is there any interaction that can be had with my xmpp client and prosody server?

  160. tom

    I tried running disco on meet.jit.si, nothing

  161. Licaon_Kter

    MattJ: eturnal is taken, sorry `prosturner` ?

  162. Licaon_Kter

    tom: the devs don't support it

  163. Beherit has joined

  164. abidal3 has left

  165. Licaon_Kter

    tom: > Yes > Prosody makes a terrible webserver compared to nginx and a small perl cgi I meant ejabberd :)

  166. MattJ

    tom, most are configured for anonymous authentication and support MUC

  167. MattJ

    Most normal clients don't do anonymous auth though

  168. tom

    Course they don't (╯ರ ~ ರ)╯︵ ┻━┻

  169. tom

    They just take

  170. ru_maniac has left

  171. ru_maniac has joined

  172. junaid has left

  173. alberto has left

  174. Ge0rG has joined

  175. Tim has joined

  176. jayteeuk has left

  177. jayteeuk has joined

  178. jayteeuk has left

  179. jayteeuk has joined

  180. derventio has joined

  181. mike has left

  182. mike has joined

  183. Alex has joined

  184. alberto has joined

  185. mss_cyclist has left

  186. mss_cyclist has joined

  187. rom1dep has joined

  188. bastoon has joined

  189. wladmis has joined

  190. 404.city has joined

  191. 404.city has left

  192. neox has joined

  193. Jonny has joined

  194. derventio has left

  195. mehdi has left

  196. Holly Lotor has left

  197. junaid has joined

  198. qnix has left

  199. qnix has joined

  200. tom

    When your setting up onion S2S connections with someone, and it works but your server rejects because of Server-to-server connection failed: Encrypted server-to-server communication is required but was not offered<

  201. tom

    Shouldn't mod_onions or mod_darknet auto-consider .onion servers secure?

  202. tom

    Or is there a way to mark all incoming s2s connections on the loopback interface secure?

  203. gnu has left

  204. lorddavidiii has left

  205. qnix has left

  206. qnix has joined

  207. gnu has joined

  208. frog has left

  209. steven has joined

  210. steven has left

  211. steven has joined

  212. qnix has left

  213. Steven Roose has left

  214. lorddavidiii has joined

  215. Steven Roose has joined

  216. ajeremias has joined

  217. qnix has joined

  218. Viktor Lindberg has left

  219. Viktor Lindberg has joined

  220. alex-a-soto has left

  221. alex-a-soto has joined

  222. ajeremias has left

  223. vu764hd68fxt has left

  224. vu764hd68fxt has joined

  225. ajeremias has joined

  226. 86ul has joined

  227. ajeremias has left

  228. neox has left

  229. neox has joined

  230. Kris has joined

  231. mjk has joined

  232. mss_cyclist has left

  233. mss_cyclist has joined

  234. Viktor Lindberg has left

  235. Viktor Lindberg has joined

  236. nickomemo has joined

  237. rom1dep has left

  238. qnix has left

  239. qnix has joined

  240. jayteeuk has left

  241. jayteeuk has joined

  242. lorddavidiii has left

  243. presprout has joined

  244. argon3771 has left

  245. argon3771 has joined

  246. 404.city has joined

  247. tom

    creep.im: increase the XML stanza size limit, it's causing federation problems

  248. tom

    » Jan 11 03:47:42 s2sout55bd8df13370 info Session closed by remote with error: policy-violation (XML stanza is too big) » Jan 11 03:47:42 s2sout55bd8df13370 info Outgoing s2s stream conference.nuegia.net->creep.im closed: policy-violation (XML stanza is too big)

  249. Licaon_Kter

    creep.im: it's lower than https://github.com/processone/ejabberd/blob/master/ejabberd.yml.example#L40 ?

  250. Ivan A. has left

  251. Ivan A. has joined

  252. Ge0rG

    what kind of monster stanza are you sending?

  253. rom1dep has joined

  254. creep.im

    it's 65536

  255. creep.im

    it's 131072

  256. perflyst has joined

  257. 404.city has left

  258. 404.city has joined

  259. 404.city has left

  260. creep.im

    I've just increased limits both did S2C and S2S (used ejabberd example linked above)

  261. creep.im

    I've just increased limits both for S2C and S2S (used ejabberd example linked above)

  262. lorddavidiii has joined

  263. tom

    Ge0rG: i don't know which stanza triggered it. But sometimes users post news articles in my mucs

  264. tom

    And use omemo

  265. Ge0rG

    is room.pix-art.de down for me or for everyone?

  266. 404.city has joined

  267. Martin

    Ge0rG: > Establishing a secure connection from mdosch.de to room.pix-art.de failed. Certificate hash: 4cd531a9524513d90ff042873b929fb4104c5dbb5d58d9c22a9d23b4639ad634. This certificate is invalid for room.pix-art.de.

  268. Ge0rG

    Martin: thanks

  269. Ge0rG

    also works here again; maybe a short network downtime.

  270. derventio has joined

  271. tom

    Would there be any compat issues with my switching to a ECC certificate?

  272. tom

    Rather than an RSA4096

  273. frog has joined

  274. Gandalf has left

  275. Gandalf has joined

  276. Douglas Terabyte has left

  277. Douglas Terabyte has joined

  278. perflyst has left

  279. 404.city has left

  280. 404.city has joined

  281. argon3771 has left

  282. cuc has joined

  283. argon3771 has joined

  284. Licaon_Kter

    tom: ask 404.city :)

  285. Holger

    We tested this by accident on c.im the other day. Answer is yes :-)

  286. 404.city

    tom, There are no serious problems

  287. Martin

    Holger: Did s2s to all cert checking servers break or "only" to some?

  288. Arne has left

  289. arne-bruen has left

  290. Arne has joined

  291. arne-bruen has joined

  292. 404.city

    tom, There may be problems connecting to spam-scrapyards and abandoned servers

  293. Licaon_Kter

    404.city: were the issues between you and yax.im fixed?

  294. Licaon_Kter

    404.city: were the issues between yours and yax.im fixed?

  295. Holger

    Martin: Only some.

  296. Martin

    Ok, thanks.

  297. Holger

    404.city: There can also be problems connecting to maintained servers.

  298. Holger

    Cipher negotiation fails more easily.

  299. 404.city

    >Licaon_Kter‎: 404.city: were the issues between yours and yax.im fixed? Yes

  300. Holger

    If people decide to use the latest-greatest-strictest TLS setup and are fine with the fact that this can break legitimate communication between users that's obviously fine with me. But please don't pretend that this *won't* break communication. Debugging the resulting breakage can be annoying.

  301. 404.city

    I think in the future ECC will be adopted as the main encryption standard and RSA will be deprecated. Nowadays, this can already be considered an RSA outdated standard. The more servers with ECC there will be, the more problems RSA servers will have. Now RSA is just the majority, but in the future ECC will be the default.

  302. argon3771 has left

  303. argon3771 has joined

  304. Holger

    If we're talking about some point of time in the future you may be right. I thought this was about the implications of switching to an ECC certificate today.

  305. tom

    I thought RSA certs were already switching to ECC

  306. tom

    considered deprecated

  307. tom

    at least, the BIG CAs are moving their root certs to ECC

  308. tom

    Holger: which servers broke when you switched to ecc cert?

  309. rom1dep has left

  310. 404.city

    Many people think that self-signed certificates should be used instead of RSA. They also require compatibility. Let's hold on to the past, we'll be behind those who go into the future

  311. kahlb has left

  312. frog has left

  313. Holger

    404.city: As I said I'm all happy with you going as far into the future as you like. But the question was whether or not this will introduce interop issues. Your answer was 'no', and the correct answer is 'yes'. That's all.

  314. Holger

    tom: You're asking me for domain names?

  315. tom


  316. Holger


  317. x51 has joined

  318. tom

    because i want to know which servers will break if i switch to ecc

  319. Holger

    Ah I'm of no help then. We only had that setup for 2-3 hours because until two of my contacts notified me of borked s2s, both of whom just run small personal servers.

  320. Holger


  321. 404.city

    Holger, Okay, but I don't agree that there are interoperability issues. In this case, self-signed certificates and servers without encryption should also be considered communication problems.

  322. Licaon_Kter

    Holger: how did that end up in the setup?

  323. Holger

    404.city: Are we now discussing the definition of "interop issues" or what? I'm not wasting my time on this nonsense.

  324. Gandalf has left

  325. Gandalf has joined

  326. Holger

    404.city: And yes enforcing TLS obviously breaks interop with non-TLS servers. It's just that the fraction of servers not supporting TLS is tiny. So the trade-off is very different. Security-related questions are basically always decisions on trade-offs, not binary all-or-nothing decisions.

  327. Holger

    Licaon_Kter: We are a huge site with lots of employees plus lots of automation which all needs coordination and in this case things went wrong.

  328. Holger


  329. Licaon_Kter

    Holger: humans? Pfft, they are the worst

  330. Gandalf has left

  331. Licaon_Kter

    Holger: humans? Pfft, they are the ~worst~wurst :)

  332. Ge0rG

    Licaon_Kter: Schtrudelwurst?

  333. Licaon_Kter

    It's a spectrum

  334. Gandalf has joined

  335. mjk has left

  336. mjk has joined

  337. kahlb has joined

  338. cuc has left

  339. frog has joined

  340. 404.city

    i have more problems with signed certificates than switching to ECC. It is worth noting that it was a long time ago, and now all these problematic servers (self-signet sertificat) have been adjusted now to the zeitgeist.

  341. guus.der.kinderen has joined

  342. 404.city

    Holger, Do not worry. I am not discussing a technical issue, I am a philosophical one. Naturally there is a mistake, how loud they are is already a philosophical question. In your case, errors are is critical, not to accept ECC but to use RSA.

  343. pintosesk has joined

  344. guus.der.kinderen has left

  345. guus.der.kinderen has joined

  346. frog has left

  347. derventio has left

  348. mehdi has joined

  349. Ivan A. has left

  350. presprout has left

  351. derventio has joined

  352. Holger

    > more problems with signed certificates You mean you disabled dialback, so that you insist on a valid certificate, and you're annoyed by servers who still don't offer a CA-signed cert?

  353. nickomemo has left

  354. mehdi has left

  355. lorddavidiii has left

  356. lorddavidiii has joined

  357. 86ul has left

  358. 86ul has joined

  359. Gandalf has left

  360. qnix has left

  361. qnix has joined

  362. 404.city

    Holger, Well, how can I tell you ... My friend was hacked through a self-signed certificate when I was young and used xmpp.jp He also used xmpp.jp with self signed certificates. c2s trusted <+> s2s (dialback) <+> c2s (not trusted) = not trusted

  363. 86ul has left

  364. 86ul has joined

  365. frog has joined

  366. presprout has joined

  367. pintosesk has left

  368. pintosesk has joined

  369. sol has left

  370. junaid has left

  371. Ge0rG has left

  372. derventio has left

  373. bastoon has left

  374. qnix has left

  375. kahlb has left

  376. frog has left

  377. sol has joined

  378. bastoon has joined

  379. junaid has joined

  380. Ge0rG has joined

  381. ntuseracc has joined

  382. pintosesk has left

  383. pintosesk has joined

  384. stpeter has joined

  385. qnix has joined

  386. kahlb has joined

  387. presprout has left

  388. 404.city has left

  389. Steven Roose has left

  390. Steven Roose has joined

  391. belong has left

  392. Holly Lotor has joined

  393. Gandalf has joined

  394. Gandalf has left

  395. Gandalf has joined

  396. Gandalf has left

  397. Gandalf has joined

  398. cuc has joined

  399. abidal3 has joined

  400. ff255 has left

  401. ff255 has joined

  402. belong has joined

  403. perflyst has joined

  404. qnix has left

  405. Suren has left

  406. qnix has joined

  407. sonny has left

  408. mehdi has joined

  409. qnix has left

  410. argon3771 has left

  411. argon3771 has joined

  412. qnix has joined

  413. mehdi has left

  414. Suren has joined

  415. belove has joined

  416. Ge0rG has left

  417. Ge0rG has joined

  418. arne-bruen has left

  419. Arne has left

  420. 86ul has left

  421. 86ul has joined

  422. sonny has joined

  423. perflyst has left

  424. perflyst has joined

  425. 404.city has joined

  426. 404.city has left

  427. ntuseracc has left

  428. perflyst has left

  429. frog has joined

  430. 86ul has left

  431. 86ul has joined

  432. kikuchiyo has joined

  433. argon3771 has left

  434. argon3771 has joined

  435. bastoon has left

  436. rom1dep has joined

  437. Gandalf has left

  438. Gandalf has joined

  439. Viktor Lindberg has left

  440. Viktor Lindberg has joined

  441. pintosesk has left

  442. Suren has left

  443. pintosesk has joined

  444. frog has left

  445. mss_cyclist has left

  446. mss_cyclist has joined

  447. pintosesk has left

  448. pintosesk has joined

  449. Suren has joined

  450. arne-bruen has joined

  451. Arne has joined

  452. mss_cyclist has left

  453. Arne has left

  454. arne-bruen has left

  455. mss_cyclist has joined

  456. vanitasvitae has left

  457. Viktor Lindberg has left

  458. Arne has joined

  459. arne-bruen has joined

  460. perflyst has joined

  461. x51 has left

  462. 404.city has joined

  463. Viktor Lindberg has joined

  464. 404.city

    tom, by the way, this is not the case when you have to ask. You can release two ECC + RSA at once by few minute. Certificates can be changed without rebooting. See what you like best)

  465. Gandalf has left

  466. Gandalf has joined

  467. raucao has left

  468. raucao has joined

  469. mehdi has joined

  470. junaid has left

  471. ajeremias has joined

  472. 86ul

    Offtopic I think, but just wondering: can I use my 404.city account also on Matrix, 404.city ?

  473. 404.city

    86ul, On 404.city there is no active Matrix server. Its launch is not planned due to excessive resource consumption within the Matrix network. This is chat not the right place for such conversations. We could get banned for this chatter.

  474. Beherit has left

  475. 86ul

    Thanks anyways

  476. 404.city

    86ul, I will write in private

  477. 86ul


  478. Beherit has joined

  479. ajeremias has left

  480. ajeremias has joined

  481. alex-a-soto has left

  482. alex-a-soto has joined

  483. gnu has left

  484. steven has left

  485. steven has joined

  486. frog has joined

  487. lorddavidiii has left

  488. alberto has left

  489. derventio has joined

  490. Martin

    Ge0rG: Is chat.yax.im down?

  491. qnix has left

  492. 404.city has left

  493. qnix has joined

  494. Arne

    maybe they have a blackout like me an hour ago 😅

  495. madmalkav has left

  496. madmalkav has joined

  497. x51 has joined

  498. madmalkav has left

  499. madmalkav has joined

  500. lorddavidiii has joined

  501. Jonny has left

  502. Jonny has joined

  503. perflyst has left

  504. perflyst has joined

  505. alberto has joined

  506. stpeter has left

  507. perflyst has left

  508. stpeter has joined

  509. perflyst has joined

  510. jayteeuk has left

  511. jayteeuk has joined

  512. perflyst has left

  513. perflyst has joined

  514. jayteeuk has left

  515. jayteeuk has joined

  516. ajeremias has left

  517. argon3771 has left

  518. argon3771 has joined

  519. e2e.ee

    Martin: the yax.im chatroom is up for me.

  520. derventio has left

  521. Martin

    I could leave and rejoin just now. 😃

  522. perflyst has left

  523. perflyst has joined

  524. SJM has left

  525. qnix has left

  526. qnix has joined

  527. ajeremias has joined

  528. SJM has joined

  529. creep.im has left

  530. creep.im has joined

  531. jayteeuk has left

  532. jayteeuk has joined

  533. perflyst has left

  534. perflyst has joined

  535. ajeremias has left

  536. jayteeuk has left

  537. jayteeuk has joined

  538. ff255 has left

  539. naw has joined

  540. vanitasvitae has joined

  541. stpeter has left

  542. perflyst has left

  543. perflyst has joined

  544. neox has left

  545. qnix has left

  546. perflyst has left

  547. perflyst has joined

  548. stpeter has joined

  549. jayteeuk has left

  550. jayteeuk has joined

  551. qnix has joined

  552. derventio has joined

  553. frog has left

  554. frog has joined

  555. jayteeuk has left

  556. jayteeuk has joined

  557. perflyst has left

  558. perflyst has joined

  559. vanitasvitae has left

  560. perflyst has left

  561. perflyst has joined

  562. Jonny has left

  563. perflyst has left

  564. perflyst has joined

  565. perflyst has left

  566. perflyst has joined

  567. perflyst has left

  568. perflyst has joined

  569. perflyst has left

  570. perflyst has joined

  571. Jonny has joined

  572. argon3771 has left

  573. argon3771 has joined

  574. argon3771 has left

  575. argon3771 has joined

  576. perflyst has left

  577. argon3771 has left

  578. argon3771 has joined

  579. argon3771 has left

  580. argon3771 has joined

  581. 86ul has left

  582. 86ul has joined

  583. jayteeuk has left

  584. jayteeuk has joined

  585. madmalkav has left

  586. Jonny has left

  587. naw has left

  588. jayteeuk has left

  589. lorddavidiii has left

  590. jayteeuk has joined

  591. Jonny has joined

  592. 86ul has left

  593. argon3771 has left

  594. argon3771 has joined

  595. Lily has left

  596. Lily has joined

  597. Jonny has left

  598. Jonny has joined

  599. vanitasvitae has joined

  600. frog has left

  601. x51 has left

  602. belong has left

  603. belong has joined

  604. pod has left

  605. Huxx has left

  606. pintosesk has left

  607. ibikk has left

  608. rom1dep has left

  609. alex-a-soto has left

  610. alex-a-soto has joined

  611. pintosesk has joined

  612. jayteeuk has left

  613. jayteeuk has joined

  614. wladmis has left

  615. wladmis has joined

  616. SouL has left

  617. Viktor Lindberg has left

  618. Viktor Lindberg has joined

  619. jayteeuk has left

  620. jayteeuk has joined

  621. argon3771 has left

  622. argon3771 has joined

  623. argon3771 has left

  624. argon3771 has joined

  625. alberto has left

  626. cuc has left

  627. wladmis has left

  628. argon3771 has left

  629. argon3771 has joined

  630. kikuchiyo has left

  631. argon3771 has left

  632. argon3771 has joined

  633. jayteeuk has left

  634. jayteeuk has joined

  635. Arne has left

  636. argon3771 has left

  637. argon3771 has joined

  638. Holly Lotor has left

  639. Holly Lotor has joined