-
SamWhited
I wonder if we could use this for gathering IPR releases from people automagically (and only the first time for all future submissions): https://cla-assistant.io/
-
moparisthebest
Hmm I don't think I ever did that
-
SamWhited
Oops…
-
Ge0rG
moparisthebest: > so based on a clients support or mix or not, could a server allow them into a mix channel if supported or throw them into some type of muc compatibility layer for the mix jid if not? This is exactly what I'm asking for for half a now! :)
-
jonasw
hyvää päivää, guten morgen, god morgonen, good morning, bonjour!
-
Ge0rG
jonasw: you forgot the UGT zone reference 😜
-
jonasw
I was busy with remembering swedish and french ;-)
-
jonasw
*(UGT)
-
jonasw
moparisthebest: would you prefer language comments to your XEP(s) as comments on github, PRs or via email?
-
nyco
@all how much have we (the XMPP communities) discussed around zero-knowledge messaging in the past?
-
moparisthebest
jonasw: any are fine but PRs are probably the least work for me so I'd prefer those :-)
-
moparisthebest
nyco: what is that? Haven't heard that term applied to messaging before...
-
nyco
moparisthebest, well that is indeed the same, but applied to messaging, some pretend to do that, not sure of the details
-
moparisthebest
It doesn't quite make sense to me when applied to messaging, remote file storage yes, messaging no...
-
nyco
basically no metada that allows to build some social graph?
-
moparisthebest
Ah so it just means protecting metadata from the servers?
-
nyco
moparisthebest, maybe more, as I said, not sure about the details
-
moparisthebest
That seems impossible with xmpp
-
nyco
so, for XMPP, for example it could be with MAM nor Offline
-
nyco
and anonymous connections
-
moparisthebest
That's just data
-
nyco
plus some kind of encryption
-
nyco
and no logs
-
moparisthebest
And yea so listening via tor
-
nyco
tor is just blurring tracks, not removing them
-
moparisthebest
No logs isn't something enforceable though, it's just trusting people...
-
nyco
so not zero-knowledge, but minimal-knowledge, indeed
-
moparisthebest
The only metadata free type of messaging I know about just kind of publishes huge blocks of encrypted data at regular intervals to something public
-
moparisthebest
So it's not instant messaging, more like email
-
nyco
interesting
-
moparisthebest
And a lot of wasted data and such but point is an onlooker doesn't know who the data is for, how much, or if it's actually anything at all
-
moparisthebest
Now what was that called.....
-
nyco
so, how about some sort of guidelines document, where we describe how to do: minimalist logs, no offline, minimalist mam, e2e encryption, perishable messages
-
moparisthebest
Is offline/mam a problem with e2e?
-
nyco
not sure about this question: I guess it is needed to buffer some messages in case the guys are not online, for later reading?
-
nyco
"buffer", like in "temporarily store"
-
moparisthebest
https://en.m.wikipedia.org/wiki/Ricochet_(software) that's one solution
-
moparisthebest
Xmpp could be used the same way
-
moparisthebest
Where each user has their own server listening on a .onion domain
-
moparisthebest
I didn't read this yet but a paper about metadata conscious instant messaging http://jmlr.org/proceedings/papers/v48/fanti16.pdf
-
moparisthebest
Another https://www.cs.cornell.edu/~tyagi/papers/stadium.pdf
-
moparisthebest
https://www.microsoft.com/en-us/research/video/charles-river-crypto-day-building-anonymous-messaging-systems-that-hide-the-metadata/
-
nyco
oh nice
-
nyco
doing "fast search engine based research" in parallel: some instant messaging apps pretend to do zero-knowledge, but this is just "hey we can't read your stuff, you are protected from us"