XMPP Service Operators - 2022-08-17

  1. sachin

    Licaon_Kter: conversations is down

  2. root

    sachin: been down for most of the day, seems it was a hardware issue, waiting for replacement parts I am guessing.

  3. sachin

    Ohh okay.

  4. sachin

    I had to make my account with another provider. Never thought you need contingency plan

  5. Sapotaceae

    it has probably been discussed but has the following ever been tried? instead of having people run their own servers with their own configs, have a pool of servers that all run the same software/configs, and when users signup they're randomized across the pool and if a server admin wants to leave the pool they just hand off data to another pool member? kind of like how ntp.org and opennic work?

  6. Sapotaceae

    just to minimize the amount of people on a select few servers

  7. moparisthebest

    I think the real solution is just to convince everyone to run their own server

  8. moparisthebest

    But that is a pretty good idea, could be a stop-gap

  9. croax

    Sapotaceae: ntp.org does not convey such sensitive data. Would it be acceptable for people to trust a pool of admins? I don't believe so. But on the opposite an admin could run multiple servers with failover if the software allows for it (shall be modular and designed for it)

  10. Sapotaceae

    do people already know trust the admins of the existing public instances?

  11. Sapotaceae

    s/know/not/

  12. croax

    Sapotaceae: they should :-) Depend on threat model. But you're right, there's room for a lot of use cases.

  13. croax

    Sapotaceae: they should :-) Depends on threat model. But you're right, there's room for a lot of use cases.

  14. Sapotaceae

    that just leads into: what is being done to reduce the need to trust the server?

  15. croax

    Sapotaceae: that's a good question but maybe there's nothing more to do on the protocol side... Rather always use e2ee (for private exchanges) + Tor if you don't trust the admin.

  16. croax

    Sapotaceae: Maybe one improvement to submit to implementations: a user should generate unique on-demand JIDs matched to his primary identity so that: - he would not risk to share his identity publicly - he could revoke it - the admins could not draw evolved contact graphs

  17. croax

    That could be an evolution of the "invite" links

  18. Sapotaceae

    Silence had an implementation of that: where it would make an account on a random server and share the jid out of band over e2e sms, and then future messages would be e2e over xmpp

  19. Licaon_Kter

    Sapotaceae: ever had?

  20. Sapotaceae

    never merged

  21. Licaon_Kter

    Ah, the PR

  22. Sapotaceae

    https://github.com/SilenceIM/Silence/pull/390

  23. Sapotaceae

    kind of great and managed the issue if xmpp was down

  24. Sapotaceae

    kind of goes full circle

  25. sachin

    Conversations is back again