XMPP Service Operators - 2021-04-05

  1. tom

    x187x: will it federate with XMPP or will it be yet another centralized system?

  2. tom

    And also what moparisthebest said

  3. x187x

    > x187x: is there any advantage at all vs just using XMPP? Less meta data retention on server side. encryption as standard so the users can't really mess up -so to speak. And we are working to ensure can federate the FOSS-sig-servers of people who want to run there own server seamlessly into Global privacy networks servers. it won't be compatible with xmpp clients. Thus my reasoning to setup my own xmpp server to still have this as an option.

  4. thndrbvr

    x187x hey, that sounds pretty cool to me. Once federation works, I assume you'll be hiding server names in user handles for group chats? Have you looked into decentralization for group chats?

  5. thndrbvr

    Here's something interesting to think about: https://synecdochic.dreamwidth.org/234496.html - Why Monetizing Social Media Through Advertising Is Doomed To Failure written by the personal account of one of the owners of DW who formally worked with LiveJournal.

  6. Licaon_Kter

    thndrbvr: 2008? That aged well...yes

  7. thndrbvr

    btw if anyone here is a dev.. remember how LiveJournal had (has?) XMPP? It seems like DW had to drop it when they forked. So, people are welcome to contribute whatever is needed! lol

  8. tom

    Livejournal users have jods?

  9. tom


  10. tom

    What's the address of lj's xmpp server, i want to check that place out

  11. thndrbvr

    It's been a decade since I've used LJ. Ditched it shortly before I found DW. Read DW's Guiding Principles. They're dreamy. lol

  12. thndrbvr

    I think the LJ JID is just username@livejournal.com but I don't really remember.

  13. thndrbvr

    Anyway, LJ totally sucks now. It's turned into some abomination and plagued with adverts. I think they're also closed source now?

  14. tom

    it appears so https://cdn.nuegia.net/4a007482-d22f-4def-89ae-aa66e8ee74b8/screenshot_001.png

  15. thndrbvr

    https://www.livejournal.com/chat/ --> https://github.com/djabberd/

  16. tom

    That's impressive at first glance

  17. tom

    Is the server still up but c2s only eg federation gimped?

  18. tom

    Woah, earthlink had an XMPP service?

  19. tom

    I used to have earthlink's dialup never knew

  20. thndrbvr

    I have no idea. They mention that they still play with others. Who knows how out of date any of that is. I was talking to a retired contributor to DW in #dreamwidth on freenode and he was saying they (dw) removed XMPP for three possible reasons. One of which is subscription / authorization related, one might be technical and there may have been non-free code to link the site to XMPP.

  21. jl4

    > Something with the US military. They generally go to other countries and do "good" things for the communities there. That's about all I know. found them in Senegal... but they seem to seek/ strategic US objectives (mining,etc...) undernearth the fancy 'NGO like umbrella'. umh...

  22. Sam

    It's a bit off topic, but the Peace Corp doesn't have anything to do with the military. It's just citizens volunteering.

  23. jl4

    "In less than six months, the Peace Corps' stated purpose shifted from an agency that could serve important U.S. foreign policy interests to an institution focused ..." https://minds.wisconsin.edu/bitstream/handle/1793/35487/Koerten.doc?sequence=1&isAllowed=y

  24. jl4

    well, i don't care , really...

  25. rob

    I'm guessing there's no need for srv records with standard ports and a records

  26. xorman

    rob: right, but recommended

  27. xorman

    legacy XMPP servers didn't use DNS records for port discovery at all, then they started using MX, then they moved to SRV

  28. moparisthebest

    rob: nothing will do direct TLS without SRV records

  29. rob

    Oh ok, I'll set them then

  30. rob

    Thanks everyone, should I bother setting legacy tls ports?

  31. [czar]


  32. Sam

    What do you mean "setting legacy TLS ports"? You mean in an xmpps record? Unless you have some other port you prefer for that I'd say "yes", it's best to set both so that clietns supporting implicit TLS can use the xmpps record

  33. [czar]

    > legacy XMPP servers didn't use DNS records for port discovery at all, then they started using MX, then they moved to SRV XMPP is one the few things in the world that uses SRV records

  34. [czar]

    Together with Minecraft and I can't remember nothing more

  35. Sam

    SIP uses them, and in theory email (but everything still uses MX in practice), but yah, mostly they didn't catch on.

  36. moparisthebest

    rob: prosody config calls them legacy SSL but actually that's modern TLS and you should set them

  37. moparisthebest

    Http3 comes with it's own replacement for srv records XMPP can start using though

  38. moparisthebest

    As everyone knows, http gets wide adoption of whatever it wants immediately lol

  39. rob

    Oh ok, I thought legacy meant legacy

  40. Sam

    You would think :)

  41. menel

    Wit was once legacy.. And now its modern again

  42. moparisthebest

    It was legacy SSL until some jerk came along and made a XEP that brought it back :)

  43. tom

    moparisthebest: HTTP3 comes with built in tracking for google

  44. tom


  45. tom

    I mean we already had our web standards body sold out

  46. tom

    Withw whatwg it's just whatever the latest version of google chrome is doing

  47. tom

    Why not built in tracking to the protocol itself

  48. tom

    All the more google google's machine to slurp up

  49. rob

    After the records and xmpps port I'm just left to tackle proxy 65 and stun/turn

  50. rob

    Then I think it's good for now

  51. rob

    Should I be forcing starttls? I notice on xmpp.net under general, starttls is marked being allowed but it's yellow so I wonder if it's supposed to be forced. Or maybe that's related to not having xmpps setup

  52. Martin

    I'd force it.

  53. rob

    Thanks 🤓 I have my afternoon Todo list now

  54. moparisthebest

    tom: that article is useless, it says it is tracking, no details

  55. moparisthebest

    And yes force TLS, no excuse for plaintext on the internet

  56. rob

    Cool, I'm doing more reading on the docs for my server and then I'll get configuring

  57. Licaon_Kter

    moparisthebest: the author is knowledgeable, afaik, pleroma dev etc Iirc, it's about quics bandwith tracking or whatnot

  58. moparisthebest

    I'd like to read more about it

  59. Licaon_Kter

    I think I read about this years ago, but now there's https://www.theregister.com/2021/01/30/quic_fingerprinting_flaw/