XMPP Service Operators - 2024-05-07


  1. moparisthebest

    > Posting my manifesto here one more time: https://codeberg.org/divested/safeguarding-xmpp-2025 > Any feedback would be appreciated. > It is a serious proposal to push the ecosystem forward despite the jokes here about it in the past. Tavi: https://github.com/curl/curl/pull/13544 seems to support you

  2. Polarian

    Some v1.2 cyphers remain secure enough... dropping v1.2 can hurt users...

  3. Polarian

    Microsoft is slow to adopt TLS v1.3, they have now on new servers but older ones still run 1.2

  4. Polarian

    Its a good recommendation to support v1.3 if you can, but kicking out anyone who doesn'

  5. Polarian

    Its a good recommendation to support v1.3 if you can, but kicking out anyone who doesn't is wrong

  6. Polarian

    Although maybe it should be specified what TLSv1.2 cyphers remain unbroken, and which are broken, and to ensure to configure your XMPP server to reject the weaker cyphers

  7. MSavoritias (fae,ve)

    i mean prosody at least already works like that

  8. jonas’

    debian, too, has quite strict openssl defaults these days

  9. Polarian

    hrm

  10. Polarian

    > Certificate fingerprints MUST be verified if TLSA records are available Some registrars make you pay for this as "additional security"

  11. Polarian

    so they are technically available, but not finantially available

  12. Polarian

    > Some form of E2EE MUST be supported Some clients still do not have OMEMO implementations, Spark is one. Until all clients listed on xmpp.org have some E2EE implemented, it might be best to downgrade MUST --> SHOULD

  13. jonas’

    Polarian, excellent reason to move your DNS elsewhere if they extort you to deploy specific record tpyes.

  14. jonas’

    Polarian, excellent reason to move your DNS elsewhere if they extort you to deploy specific record types.

  15. Polarian

    also MUST seems overused, from what I read from the RFCs, MUST is used when not following it would cause severe damage or insecurity... not using E2EE won't instantly pwn you

  16. Polarian

    > Polarian, excellent reason to move your DNS elsewhere if they extort you to deploy specific record types. I am working on it 🙂

  17. jonas-l

    > Some v1.2 cyphers remain secure enough... dropping v1.2 can hurt users... The protocol improvements are missing in 1.2; there are not only the cryptographic primitives but the way they are used TLS 1.3 is already 4.5 years old; one could wait for Browser vendors to force the new version or do this as XMPP community within this ecosystem; the main reason for missing 1.3 that I see is missing maintenance

  18. jonas’

    don't tell anyone about the fact that I have TLS 1.1 enabled on my service even.

  19. jonas’

    don't tell anyone about the fact that I have TLS 1.1 enabled on one of my services even.

  20. ankarl

    but why

  21. jonas’

    ankarl, android 4.4

  22. Polarian

    jonas’, I am not saying do not push for TLSv1.3 adoption, but TLSv1.2 should still be supported, provided they are using the stronger cyphers, and not the weaker cyphers

  23. Tavi

    Polarian, which is exactly what it says: support tls1.3, strong tls1.2, and optionally consider disabling 1.2

  24. Polarian

    > Polarian, which is exactly what it says: support tls1.3, strong tls1.2, and optionally consider disabling 1.2 if public servers disable 1.2 then they can't be peered with

  25. Polarian

    thats a horrific idea

  26. Tavi

    of the hundred+ servers mine connects to, only 2 don't support tls1.3

  27. jonas’

    Polarian, I agree with you.

  28. Polarian

    > of the hundred+ servers mine connects to, only 2 don't support tls1.3 and what if them 2 wanted support?

  29. jonas’

    search.jabber.network knows at least a dozen servers which connect via TLS 1.2 only, among them is conference.jabber.org

  30. Polarian

    also I know you hate windows Tavi , but you got to bare in mind windows lacks behind in adoption...

  31. Tavi

    who here is running their server on windows?

  32. Polarian

    Probably nobody, but we aren't including the corporate entities or others which use the server software which you want to force them to drop TLSv1.2 support...?

  33. Tavi

    I never said to drop 1.2

  34. Polarian

    well then i am getting confused.

  35. Polarian

    Also with E2EE TLSv1.2 would be reinforced, even if it is broken only the stanzas can be seen, not the payload

  36. Polarian

    payload being the message

  37. Polarian

    Dino can't seem to pick up a snikket OMEMO key... anyone got any ideas?

  38. ankarl

    Polarian: restart both clients

  39. Polarian

    tried that

  40. Polarian

    conversations can pick up the key, dino will not

  41. jonas-l

    >> of the hundred+ servers mine connects to, only 2 don't support tls1.3 > and what if them 2 wanted support? It's like the Browser vendors dropping support - if the majority does it then they are forced to update their server software and configuration

  42. Tavi

    which is why I'm proposing it now and it is for 2025

  43. Tavi

    TLS 1.3 is required for the future use of quantum resistant key agreement

  44. Polarian

    > TLS 1.3 is required for the future use of quantum resistant key agreement haha saw this one coming

  45. Polarian

    you haven't mentioned kyber in it

  46. Polarian

    I expected "A server MUST provide kyber support"

  47. Tavi

    1.3 is also required for ECH, which mopar is already working towards for xmpp

  48. Holger

    > It's like the Browser vendors I think our environment is quite different from the web universe. The latter is driven by two-and-a-half global players on the client side. Those set the de-facto standards and can move the ecosystem with same pace. There's tons of niche use cases using HTTP that are often broken by that pace, but Google won't care less. Our ecosystem is less centralized, plus the man power driving it is in no way comparable to that universe.

  49. Holger

    > then they are forced to update their server software and configuration In practice, dropping support for old mechanisms forces some but not all setups to update. The remaining setups will just break (adding to the general 'XMPP is broken' perception) and some of their users will just give up. So I think the question whether support for $x should be dropped should be driven by the question whether breaking those remaining setups is indeed preferable due to the (security) cost of supporting $x (no quantum resistance) being considered too high.

  50. Polarian

    If quantum resistance is such a big deal then surely it should be incorporated into OMEMO

  51. Polarian

    worry about TLS at a later date

  52. Polarian

    seen as there is no TLS standard yet for quantum resistancre

  53. Polarian

    seen as there is no TLS standard yet for quantum resistance (that I know of)

  54. Tavi

    again my proposal is simply mandating that TLS 1.3 be supported by servers to ensure clients aren't held back it still allows for use of 1.2 with strong ciphers to ensure legacy compatibility

  55. Tavi

    Polarian, https://datatracker.ietf.org/doc/draft-tls-westerbaan-xyber768d00/

  56. Tavi

    Chrome, Edge and others are shipping it Firefox will be shipping it soon too

  57. Polarian

    > Polarian, https://datatracker.ietf.org/doc/draft-tls-westerbaan-xyber768d00/ draft != standard

  58. Polarian

    > Chrome, Edge and others are shipping it > Firefox will be shipping it soon too good for them

  59. Polarian

    all 3 of them have huge dev teams

  60. Polarian

    > again my proposal is simply mandating that TLS 1.3 be supported by servers to ensure clients aren't held back > it still allows for use of 1.2 with strong ciphers to ensure legacy compatibility "TLS 1.2 SHOULD be disabled if unlikely to impact users"

  61. Polarian

    I think you need to review RFC2119

  62. Polarian

    3. SHOULD This word, or the adjective "RECOMMENDED", mean that there may exist valid reasons in particular circumstances to ignore a particular item, but the full implications must be understood and carefully weighed before choosing a different course.

  63. Polarian

    What you are saying and what your draft says are two completely different things

  64. Polarian

    Your definition in this channel is more a MAY than a SHOULD

  65. moparisthebest

    The entire point of a manifesto like this is to drive the ecosystem forward, convince the 2% of servers that don't support TLS 1.3 to upgrade We don't need a manifesto to continue the status quo of "hey maybe upgrade one day if you want"

  66. Polarian

    XMPP is meant to be an extensible protocol to fit all needs

  67. Polarian

    carpet bombing it with extreme restrictions is not the way to do it

  68. Polarian

    Security is one aspect of XMPP... and yes security matters, but you can't wall off the garden simply because you desire it.

  69. moparisthebest

    Restrictions? Lol. I have no idea how one could misconstrue a list of best practices as restrictions

  70. Polarian

    Like I said, nothing wrong with SHOULD use TLSv1.3, that is a good recommendation... but telling people to drop TLSv1.2 is a bad bad idea.

  71. moparisthebest

    Telling people to support 1.3 and plan to drop 1.2 in a year*

  72. Polarian

    > Telling people to support 1.3 and plan to drop 1.2 in a year* half a year

  73. Polarian

    its May...

  74. moparisthebest

    See also https://github.com/curl/curl/pull/13544

  75. Holger

    moparisthebest, I guess the target audience of such manifestos is rather the 98%, and it's about suggestion them to drop interop with the 2%.

  76. Polarian

    You can't justify extremism by saying "oh look another project is doing it"

  77. Polarian

    XMPP is a much smaller community, you are looking at big IM and big platforms and saying "we should do that"

  78. moparisthebest

    Holger: there are probably still servers that don't support TLS at all, no one misses them

  79. Polarian

    TLSv1.3 should be the recommendation

  80. Polarian

    maybe in 3-4 years after, or if TLSv1.2 strong cyphers are broken, THEN ban them from use

  81. Holger

    moparisthebest, I'm all for doing that if it seems desirable from a security point of view. I'm just saying it should only be done if we *actually* prefer breaking communication over supporting e.g. TLSv1.2.

  82. moparisthebest

    Why 8 years instead of 6 Polarian ?

  83. Polarian

    TLSv1.2 strong cyphers are still considered secure enough for business use...

  84. Polarian

    > Why 8 years instead of 6 Polarian ? to give time...

  85. Polarian

    at least make a deprecation notice first

  86. Holger

    moparisthebest, I've just seen people pressing shiny security knobs and then being surprised that things broke stuff way too often.

  87. moparisthebest

    How old of TLS libraries are people exposing to the internet? Yikes

  88. Polarian

    to me XMPP is about suiting everyone

  89. moparisthebest

    Polarian: this is meant to be the deprecation notice

  90. Polarian

    oh nice a quick warning, "heads up servers, in 6 months you will be de-peered if you don't use TLSv1.3"

  91. Polarian

    hell, one post in a XMPP channel isn't even a good warning

  92. Polarian

    AT LEAST post it to the mailing list

  93. moparisthebest

    No one said dates can't move around, it's an early draft he's asking for feedback for

  94. moparisthebest

    It's not done or ready for that...

  95. Polarian

    https://codeberg.org/divested/safeguarding-xmpp-2025#system-security and https://codeberg.org/divested/safeguarding-xmpp-2025#system-updates are not XMPP related

  96. Polarian

    https://codeberg.org/divested/safeguarding-xmpp-2025#system-firewall relying on third party block lists for IP addresses doesn't sound like a good idea either...

  97. MSavoritias (fae,ve)

    why not? the server runs somewhere so having guidelines for secure system seems good

  98. Polarian

    > why not? the server runs somewhere so having guidelines for secure system seems good because where do you draw the line

  99. MSavoritias (fae,ve)

    on the software where else?

  100. Polarian

    if you self host a server should you start being told to buy CCTV or how to effectively shred disks

  101. Polarian

    > on the software where else? memory encryption is more of a hardware thing

  102. MSavoritias (fae,ve)

    cctv says nothing about the security of the server so sounds like a strawman

  103. Polarian

    > cctv says nothing about the security of the server so sounds like a strawman it was an example...

  104. Polarian

    my point was... people have different situations

  105. MSavoritias (fae,ve)

    > > on the software where else? > memory encryption is more of a hardware thing maybe. but the guide should aim to be accessible

  106. MSavoritias (fae,ve)

    saying to be buy special hardware is out of scope

  107. Maranda

    Don't forget stuff like Pidgin.. Adium and the rest in your equation...

  108. Polarian

    MSavoritias (fae,ve), its about hardening/securing XMPP

  109. Polarian

    not the entire systme

  110. Polarian

    yes you could argue that the system can make XMPP insecure, but then you could argue the datacentre you pick, or if you self host also damage this too

  111. Maranda

    I had someone for lightwitch.org a month ago telling me he still used Windows 7

  112. Maranda

    so dropping TLS1.2 will for sure make people very unhappy

  113. Polarian

    > I had someone for lightwitch.org a month ago telling me he still used Windows 7 Windows 7 has had support dropped for years, its likely security broken anyways

  114. Polarian

    Now I know 99% of people here are likely Linux sysadmins, but: > Daemons SHOULD be confined via a MAC such as SELinux Is controversial

  115. moparisthebest

    Same with old Androids, at some point it becomes irresponsible to enable these people to keep such broken systems online

  116. MSavoritias (fae,ve)

    > Now I know 99% of people here are likely Linux sysadmins, but: > > > Daemons SHOULD be confined via a MAC such as SELinux > Is controversial why?

  117. Polarian

    Without having the entire argument with Tavi again... some operating system(s) (not naming names) do not support MAC and never will...

  118. moparisthebest

    I don't think "basic sandboxing is a good idea" is controversial in any way...

  119. Polarian

    making it a requirement thus would make it non-conforming with the security standards set

  120. Polarian

    > I don't think "basic sandboxing is a good idea" is controversial in any way... MAC itself is controversial, sandboxing is not

  121. moparisthebest

    And examples for the OS used 99.9% of the time also seem called for

  122. Polarian

    saying "The server SHOULD utilise sandboxing" fiune

  123. Polarian

    saying "The server SHOULD utilise sandboxing" fine

  124. Polarian

    every platform has a way of sandboxing

  125. moparisthebest

    Right and it says "such as" so perfect

  126. Polarian

    no

  127. Polarian

    because it specifies MAC

  128. Polarian

    > Distinct public facing services SHOULD be isolated to their own (virtual) machine Ambiguous, What counts as distinct public facing services...?

  129. Polarian

    The reverse proxy counts?

  130. Polarian

    also depending on what counts, it could have significant performance implications, and also significant cost, virtualisation isn't cost-free security

  131. Polarian

    low memory servers wouldn't be able to conform

  132. Polarian

    > Secure Boot SHOULD be used if supported by host and operating system HIGHLY controversial

  133. Polarian

    Heads is objectively better, but doesn't have the platform support

  134. Polarian

    microsoft certificates exist, which kinda nullify the entire point of trusted boot, and secondly, trying to enroll your own to replace them can brick hardware...

  135. Polarian

    come to think about it, there is no mention of FDE?

  136. Polarian

    oh wait, "disks should be encrypted" sorry

  137. Polarian

    > On disk swap MUST NOT be used Reason for this? encrypted swap should be secure no?

  138. Fishbowler

    I haven't read the proposal yet. Where's the preferred place for feedback? Polarian's made a bunch of points in here (to which I agree or disagree with varying amounts), but with multiple pieces of feedback, some of them will get lost to the scroll. If I go through it and have more than a couple, MUC might be the wrong place for discussion.

  139. moparisthebest

    Fishbowler: codeberg seems like the least likely place for comments to be forgotten

  140. Polarian

    > Fishbowler: codeberg seems like the least likely place for comments to be forgotten also a good way to go on the record... and I do not have the confidence to do that 🙂

  141. Polarian

    ~plus I don't have a codeberg account~

  142. Polarian

    Possibility of moving this to the mailing list?

  143. Polarian

    I feel that this is more something which should be done in a dedicated thread, instead of keep bumping it in the channel... and I don't think its fair to make people create codeberg accounts to discuss it... anyone appose moving it to ML?

  144. Tavi

    Polarian: it lists 4 places to provide feedback You yourself said the mailing list was dead

  145. Tavi

    Also I want to iterate again it doesn't drop 1.2, I don't know why people keep saying it does

  146. Tavi

    And 1.3 is seven years old already

  147. Tavi

    > android 4.4 jonas’: 4.4.4 supports 1.2

  148. jonas’

    then it's maybe Conversations Legacy at fault? I know that I had to do *something*

  149. Holger

    > it doesn't drop 1.2 It says "TLS 1.2 SHOULD be disabled if unlikely to impact users", not sure how operators of open servers are supposed to judge on that "if" condition.

  150. Polarian

    > Polarian: it lists 4 places to provide feedback > You yourself said the mailing list was dead what? when?

  151. Polarian

    I never said the mailing list was dead, the mailing list is new \o/

  152. Polarian

    (ish)

  153. Polarian

    > Also I want to iterate again it doesn't drop 1.2, I don't know why people keep saying it does then replace the SHOULD with MAY...

  154. Polarian

    and even then MAY still would cause issues

  155. Tavi

    Holger: one could just check their c2s and s2s for a few weeks to see if they are utilized or not

  156. Polarian

    > Polarian: it lists 4 places to provide feedback > You yourself said the mailing list was dead issues on 3 different git platforms, or pollute the entire XMPP service operators channel... only one discussion can happen at one time here... and this discussion is likely to take weeks

  157. Polarian

    so I stand by the suggestion of moving it to the mailing list

  158. Polarian

    > > it doesn't drop 1.2 > > It says "TLS 1.2 SHOULD be disabled if unlikely to impact users", not sure how operators of open servers are supposed to judge on that "if" condition. +

  159. Polarian

    > > it doesn't drop 1.2 > > It says "TLS 1.2 SHOULD be disabled if unlikely to impact users", not sure how operators of open servers are supposed to judge on that "if" condition. +1

  160. Polarian

    although come to think about it, its a logical fallacy, its AND False... because it will always impact users, so it can never be true... :)_

  161. Polarian

    although come to think about it, its a logical fallacy, its AND False... because it will always impact users, so it can never be true... 🙂

  162. Polarian

    sorry its not AND, it would be an implication 🙂

  163. Fishbowler

    > then replace the SHOULD with MAY... > > and even then MAY still would cause issues "MUST consider"? 😁