XMPP Service Operators - 2022-06-02

Is this message coming through. Just started using XMPP which was preinstalled on my Yunohost server. Its been a long time since I've used this.

Did my message come through?

James Clarke: yes hello

> James Clarke: yes hello Great!!!

Last time I used XMPP I was in secondary school and did not understand the technicals.

Now I know more. Its a IETF standard like email which is cool. Unlike email it can easily have end-to-end encryption.

By the way if you haven't noticed its my own server I am using. ✏

Very, if you use e2e ✏

Yea. What else is XMPP good for?

Do you think people will be able to reach me easily?

If they too have an account on a server yes

I have email too. But I like to use protocols which are adapted for chat but also popular. And libre software.

I run a server as well, so give out accounts for people I want to get on it

Which is why I have Signal,Telegram, Matrix,Tox,Email

There are some projects that run social networking over xmpp, movim.im for instamce

> I run a server as well, so give out accounts for people I want to get on it I am using yunohost. And yes I do for my friends. If they get an account. Its SSO so they get access to Email as well, and other services like gitlab,etc.

James Clarke: we try to use this channel for operator related issues. Keeps the noise down

Sure. Sorry. Glad it works though. Thanks for helping me verify that.

Menel: > smooth_operator wrote: > the 35% of servers that don't require TLS over s2s still means encryption isn't as ubiquous. i don't see why an op wouldn't want it Exclusively Tor? I think TOR is usually non-https, right? Because it has it's own encryption.

Why menel? Also: that statement was wrong: 35% don't use direct TLS. But all of them use starttls. So ~100% is encrypted.

James Clarke: you may be interested in DeltaChat. It's a program that uses e-mail for IM. It's UI is more that of a typical IM client and creates a folder chats to go.

I don't know much about tor, but I think the first layer of tor is still https for web stuff. Or rather. Its unrelated what you send through the tor tunnel.. And most of the time you send https I suppose

Oh. Sorry, menel. Maybe I clicked the wrong bubble in BlabberIM.

Speaking of socnets using XMPP: GNUsocial, and I believe Diaspora*, and Friendica use it for various things. GS allows posting, reading feeds, among other things. I believe v3 will support Groups as MUCs. Unsure of the details ATM. I think just auto creation of MUCs and the usual usage of commands to post to the Group feed.

thndrbvr: > I think TOR is usually non-https, right? Because it has it's own encryption. onion services are usually http as it's hard to get a cert for .onion domain. otherwise, Tor just tunnels TCP

For an onion service, what normally would be the "exit node" thats where the onion service is hostet right? So the deepest onion layer goes right to the onion service? Then encryption on top of that would be redundant I suppose

> Also: that statement was wrong: > 35% don't use direct TLS. > But all of them use starttls. > So ~100% is encrypted. Menel: i was comparing the columns that stated tls was required vs supported. my interpretation of required was: direct tls only, or starttls is enforced

but it's already been stated those stats aren't correct so those conclusions are up in the air

and for an onion service, it's e2ee across tor to the server. not true for a clearnet service accessed by tor - an exit node terminates the circuit and then establishes connections to the destination server

http over tor to an onion = good https over tor to an onion = good with _some_ added assurance https over tor to not-onion = okay [exit node can monitor tls session, sni, traffic flows] http over tor to not-onion = bad [exit node can monitor everything]

smooth_operator: about tor. yes, I thought so.