jonaswwill there be anything interesting going on XSF-wise on the Chemitzer Linux Tage?
Guushas left
jonaswhas left
Zashhas left
Valerianhas joined
Guushas left
Tobiashas joined
xnyhpshas left
efrithas joined
xnyhpshas left
goffihas joined
waqashas left
brahas left
Valerianhas left
xnyhpshas left
xnyhpshas left
Guushas left
efrithas joined
nicolas.veritehas joined
suzyohas joined
uchas left
uchas joined
Guushas left
Guushas joined
vurpohas left
vurpohas joined
moparisthebesthas left
moparisthebesthas joined
Ge0rGOh, it's that time again. I don't think there are any plans, but I'm going there
Tobiashas joined
jonaswI’ll be there too, I think. Not sure which day(s) yet, gotta check the schedule of the event and my own :)
vurpohas left
vurpohas joined
suzyohas left
tobiashas joined
jubalhhas joined
blipphas left
blipphas joined
dwdhas joined
Guushas left
Guushas joined
SouLhas joined
SouLhas joined
Steve Killehas left
Steve Killehas left
Steve Killehas joined
uchas left
uchas joined
jubalhhas left
mhterreshas joined
intosihas joined
Valerianhas joined
suzyohas joined
Kevhas joined
mhterreshas left
mhterreshas joined
jcbrandhas joined
winfriedhas left
suzyohas left
Yagizahas joined
Flowhas joined
Valerianhas left
Valerianhas joined
Martinhas joined
vurpohas left
vurpohas joined
blipphas left
Alexhas joined
danielhas left
danielhas joined
jubalhhas joined
uchas joined
uchas joined
uchas left
uchas joined
uchas left
uchas joined
Alexhas left
uchas joined
uchas joined
winfriedhas left
Yagizahas joined
Guushas left
Guushas joined
jubalhhas joined
Zashhas joined
FlowAny BOSH experts in here who can/want comment on https://github.com/igniterealtime/jbosh/pull/4 ?
Zashjonasw: What where when?
Flowzash: CLT in Karl-Marx-Stadt, err, chemnitz: https://chemnitzer.linux-tage.de/2017/de
FlowGe0rG, daniel and I where there last year
mathieui§W 5
Manchohas left
MattJFlow, the logic failure is that the client doesn't need to wait for an acknowledgement before it can send more requests (putting aside the normal BOSH rules about multiple open requests)
dwdFlow, What PR#4 is saying doesn't immediately seem wrong - that one could use HTTP responses as acks - but the code doesn't appear to do this, and also what MattJ says.
jerehas joined
Yagizahas left
FlowThanks MattJ, dwd. I think OPs main problem is using BOSH with only one (processing) thread. That will always cause a delay in one of the directions (if I'm not mistaken).
jerehas left
jerehas joined
Guushas left
Guushas joined
SouLhas joined
vurpohas left
vurpohas joined
ZashBlocking HTTP requests?
Valerianhas left
uchas left
tobiashas left
uchas left
uchas joined
Valerianhas joined
Zashhas left
Manchohas left
Zashhas joined
sonnyhas left
vurpohas left
vurpohas joined
uchas left
uchas joined
uchas left
uchas joined
suzyohas joined
uchas left
uchas joined
Alexhas joined
uchas left
uchas joined
vurpohas left
uchas left
uchas joined
uchas left
uchas joined
danielGuus: re that openfire connection issue. Is there a chance that the the upgrade somehow caused sasl mechanisms to vanish
ZashFlow: Send HTTP request, wait for response before continuing with processing, have a bad time.
Flowwell that's what I think is happening in case only one thread is used with jbosh
ZashOh it's a client side library?
ZashThe coffee, it does nothing :|
ZashHey, Guus or dwd, does Openfire still do DIGEST-MD5?
ZashGiven the recent rush to hate on SHA-1, I'm impressed that nobody cares that DIGEST-MD5 is still around.
sonnyhas left
danielZash: well the 24 hours news cycle and the general alarmism applies to it security news as well
HolgerMy university's server offers only PLAIN so I'm on the safe side.
Link Mauve<3
FlowPSA: Google announces today the accepted GSOC orgs
vurpohas left
vurpohas joined
nyconycohas joined
FlowIn 2 h 45 minutes
dwdZash, DIGEST-MD5's security state hasn't really changed; the biggest weakness remains that you can churn through a lot of MD5's each second, and DIGEST-MD5 only uses three per cycle.
waqashas joined
dwdZash, The fact it uses MD5 is *almost* irrelevant.
jonaswisn’t it with DIGEST-MD5 that, like with PLAIN, it is enough to listen in on the connection to be able to authenticate as that user later?
jonasw(I haven’t looked into it; it has been deprecated so I didn’t bother implementing it)
Zashglares at daniel
Tobiasnot to forget the interop issues with digest-md5
vurpohas left
vurpohas joined
Zashdwd: I'm sure we'll receive bug reports about SCRAM-SHA-1 being terrible because SHA-1 is broken soon.
dwdTobias, Oh, there are lots of problems. But using MD5 isn't really one of them.
dwdjonasw, No, it's not subject to replay.
Tobiasdwd, reply with "Patches welcome!" :)
ZashWhat about active MITM?
dwdZash, No channel binding, so yeah, an active MITM can work.
dwdZash, But couldn't replay, still.
uchas left
uchas joined
Zashdwd: I remember there being issues with SCRAM if you could get a client to try to auth with you.
dwdZash, Only in as much as you can potentially brute-force the SHA-1 and extract the plaintext equiv in a reasonable timeframe these days.
vurpohas left
vurpohas joined
nicolas.veritehas left
kalkinhas joined
suzyohas left
jonaswhas left
Valerianhas left
Valerianhas joined
kaboomhas joined
suzyohas joined
Alexhas left
uchas left
Guushas left
uchas joined
Guushas joined
uchas left
uchas joined
winfriedhas joined
uchas left
tobiashas left
kaboomhas left
kaboomhas joined
SouLhas left
SouLhas left
sonnyhas joined
suzyohas left
uchas joined
kaboomhas left
suzyohas joined
nicolas.veritehas joined
vurpohas left
vurpohas joined
nicolas.veritehas left
Alexhas joined
Yagizahas joined
vurpohas left
vurpohas joined
xnyhpshas left
vurpohas left
vurpohas joined
SouLhas joined
xnyhpshas left
SouLhas left
SouLhas joined
kaboomhas joined
vurpohas left
vurpohas joined
winfriedhas left
sezuanhas left
sonnyhas joined
Zashhas left
Zashhas joined
nycohas left
sonnyhas left
Valerianhas left
Flownarf, google doesn't mention 17:00 UTC any more
vurpohas left
vurpohas joined
danielhas left
sonnyhas joined
danielhas joined
jerehas joined
danielFlow: the time line still says 1600Z
Flowdaniel: here → https://summerofcode.withgoogle.com/how-it-works/ ?
xnyhpshas left
jonaswHow it works: 1. we freeze your browser because you’re not using chromium (jk)
arci'll cross-link xsf on our ideas page for related organizations
dwdI got the email, came here, and Kev had already posted.
arcKev: you should link xmpp related orgs on the ideas page. it helps steer students in the right direction while they're looking ;-)
tim@boese-ban.dehas joined
kaboomare there any restrictions which project/persons can become a gsoc mentor for xsf?
Lancehas joined
Valerianhas left
Valerianhas joined
Steve Killehas left
mhterreshas left
Zashhas joined
nicolas.veritehas joined
Kevarc: If there's stuff you think I should do, can yo umail please?
KevI'm in the office until Wed night, so my mind is highly lossy at the moment.
intosihas left
KevAnd now to dinner...
Kevhas left
Tobiashas joined
Zashhas joined
kaboomhas left
Valerianhas left
Valerianhas joined
Valerianhas left
Valerianhas joined
Valerianhas left
Valerianhas joined
Valerianhas left
Guushas left
Guushas joined
SamWhitedhas left
goffihas left
jubalhhas joined
jcbrandhas left
jonaswhas left
jerehas joined
jubalhhas left
pep.has left
winfriedhas joined
vurpohas left
Ge0rGWow, the white house forbids staff to use Signal. http://www.politico.com/story/2017/02/sean-spicer-targets-own-staff-in-leak-crackdown-235413
efrithas joined
xnyhpshas left
Martinhas left
danielhas left
danielhas joined
SamWhitedhas left
Valerianhas joined
danielhas left
Zashhas joined
Valerianhas left
danielhas joined
jerehas joined
Lancehas left
Lancehas joined
blipphas left
jerehas joined
jerehas joined
tobiashas left
jubalhhas joined
Zashhas joined
pep.has left
pep.has left
blipphas joined
Kevhas joined
danielhas left
danielhas joined
jubalhhas left
jubalhhas left
jubalhhas joined
jubalhhas left
vurpohas left
jubalhhas joined
jubalhhas left
danielhas left
danielhas joined
danielhas left
danielhas joined
pep.has left
Alexhas left
Alexhas joined
Guushas left
jonaswhas left
Guushas joined
danielhas left
danielhas joined
danielhas left
danielhas joined
winfriedhas left
Guushas left
danielhas left
danielhas joined
Guushas joined
pep.has left
moparisthebestGe0rG, as usual the media gets it wrong, the headline anyway, isn't it they were forbidden from leaking private info, meh
moparisthebestthat's how I read it anyhow, either way no mention of xmpp/conversations/omemo in there and I don't know whether to be happy or sad about it lol
Guushas left
Guushas joined
Valerianhas joined
danielhas left
danielhas joined
pep.has left
pep.has left
kalkinhas left
Valerianhas left
Valerianhas joined
Kevhas left
Zashhas joined
danielhas left
danielhas joined
Valerianhas left
moparisthebesthas joined
vurpohas left
Kevhas joined
Kevhas left
pep.has joined
andrey.utkin|devhas joined
andrey.utkin|devhas left
mimi89999I heart "fake news" more often in the last several months/year than during my entire life until the election crisis.
moparisthebesthas joined
SamWhitedhas left
sezuanhas left
mathieuibecause "fake news" were just called "lies" before then