XSF Discussion - 2017-03-06

  1. Mancho has left

  2. sonny has joined

  3. kalkin has left

  4. blipp has left

  5. daniel has joined

  6. blipp has joined

  7. blipp has left

  8. blipp has joined

  9. daniel has left

  10. Zash has left

  11. sonny has left

  12. Lance has left

  13. Lance has joined

  14. daniel has joined

  15. kaboom has left

  16. sonny has joined

  17. daniel has left

  18. daniel has joined

  19. sonny has joined

  20. kaboom has left

  21. daniel has left

  22. sonny has left

  23. daniel has joined

  24. nicolas.verite has joined

  25. daniel has left

  26. daniel has joined

  27. daniel has left

  28. Tobias has joined

  29. sonny has joined

  30. bjc has left

  31. bjc has joined

  32. sonny has left

  33. daniel has joined

  34. daniel has left

  35. daniel has joined

  36. daniel has left

  37. Lance has left

  38. daniel has joined

  39. uc has left

  40. Lance has joined

  41. daniel has left

  42. bjc has left

  43. bjc has joined

  44. nicolas.verite has left

  45. jere has left

  46. jere has joined

  47. daniel has joined

  48. daniel has left

  49. daniel has joined

  50. daniel has left

  51. kalkin has left

  52. kalkin has left

  53. daniel has joined

  54. kalkin has joined

  55. daniel has left

  56. daniel has joined

  57. waqas has left

  58. SamWhited has left

  59. daniel has left

  60. waqas has joined

  61. waqas has left

  62. jere has joined

  63. jere has joined

  64. daniel has joined

  65. daniel has left

  66. uc has joined

  67. vurpo has left

  68. vurpo has joined

  69. daniel has joined

  70. Mancho has joined

  71. daniel has left

  72. suzyo has joined

  73. Yagiza has joined

  74. sonny has joined

  75. jere has joined

  76. daniel has joined

  77. daniel has left

  78. sonny has joined

  79. SamWhited has left

  80. sonny has left

  81. blipp has left

  82. daniel has joined

  83. blipp has joined

  84. sezuan has left

  85. daniel has left

  86. moparisthebest has joined

  87. Zash has joined

  88. vurpo has left

  89. vurpo has joined

  90. daniel has joined

  91. daniel has left

  92. mimi89999 has left

  93. mimi89999 has joined

  94. vurpo has left

  95. vurpo has joined

  96. sonny has joined

  97. vurpo has left

  98. daniel has joined

  99. daniel has left

  100. Valerian has joined

  101. Valerian has left

  102. sonny has joined

  103. Valerian has joined

  104. winfried has left

  105. winfried has joined

  106. sonny has joined

  107. daniel has joined

  108. blipp has left

  109. vurpo has left

  110. vurpo has left

  111. nicolas.verite has joined

  112. Guus has left

  113. Guus has joined

  114. daniel has left

  115. sonny has joined

  116. Piotr Nosek has joined

  117. daniel has joined

  118. daniel has left

  119. Guus has left

  120. Guus has joined

  121. Guus has left

  122. Guus has joined

  123. daniel has joined

  124. sonny has joined

  125. daniel has left

  126. suzyo has left

  127. daniel has joined

  128. suzyo has joined

  129. sonny has joined

  130. sonny has joined

  131. daniel has left

  132. Tobias has joined

  133. daniel has joined

  134. daniel has left

  135. daniel has joined

  136. sonny has joined

  137. Mancho has left

  138. Valerian has left

  139. Valerian has joined

  140. Valerian has left

  141. Valerian has joined

  142. uc has left

  143. uc has joined

  144. Valerian has left

  145. xnyhps has joined

  146. daniel has left

  147. sonny has joined

  148. efrit has joined

  149. uc has left

  150. uc has joined

  151. jonasw

    Ge0rG: I think it is pretty clear how to send a message to a MUC.

  152. daniel has joined

  153. Guus has left

  154. Guus has joined

  155. daniel has left

  156. daniel has joined

  157. Ge0rG

    jonasw: but there is no way to know that it arrived :P

  158. jonasw

    indeed :-)

  159. jonasw


  160. jonasw

    we should try to smuggle a <feature var='muc_keeps_ids' /> in your PR

  161. sonny has joined

  162. kalkin has left

  163. Ge0rG

    jonasw: I tried and failed, some two years ago. I think clients that care enough just need to embed a [xep 359] tag

  164. jonasw

    ah clever

  165. Ge0rG

    jonasw: I consider it a crude hack.

  166. jonasw

    depends on the point of view regarding the id uniqueness per stream

  167. Ge0rG

    I know that XMPP is old, but it's had sufficient time and opportunity to adapt and to make reliable message routing a first class citizen

  168. jonasw

    will we get that with MIX?

  169. jonasw

    (.oO(make all <message/>s <iq/>s!)

  170. jonasw


  171. Ge0rG

    and instead we've got acks, stream management, carbons, mix, stable-message-ids, which all solve partially overlapping partial problems.

  172. jonasw

    not sure that anything of acks, SM and Carbons is really overlapping.

  173. Ge0rG

    I really don't want to get started about this today. I haven't had my coffeine yet, and there is an important meeting in one hour :>

  174. jonasw


  175. kalkin has joined

  176. Ge0rG

    jonasw: SM and acks both implement message reliability mechanisms, two faces of the same medal.

  177. jonasw

    but on a different scope

  178. Ge0rG

    jonasw: it's absolutely the same logic, just different endpoints.

  179. jonasw


  180. Ge0rG

    except one is a message attribute and the other is a nonza.

  181. jonasw

    that’s what I mean by differetn scope

  182. jonasw

    *message child element I hope

  183. Ge0rG


  184. Ge0rG

    and then we have the problem that carbons don't carbonate 0184 acks because those are "normal" messages.

  185. jonasw

    carbons is a mess

  186. Ge0rG

    I'm asking for multiple years now to replace carbons and "classic" bind with a MAM subscription mechanism.

  187. Mancho has left

  188. Ge0rG

    you authenticate, and instead of doing all the crufty "bind session, enable carbons, query MAM, send presence" just do a nice and simple bind2 with MAM subscription.

  189. Ge0rG

    depending on the order of the above, you'll get crazy side effecs.

  190. jonasw

    yeah, I got that from the bind2 xep

  191. Ge0rG

    but bind2 still doesn't give us MAM subscription

  192. nicolas.verite has left

  193. jonasw

    I was also wondering about a different thing. Assuming I have a MIX in my roster and a client freshly connects to my account. Then right after the connection is established (before the client got a chance to send any disco#info requests), someone writes a message in the MIX and my client thus gets a message from somemix+someuser@mixservice. How is it supposed to know that this is a mix and show the message correctly?

  194. jonasw

    is MAM subscription a thing?

  195. Ge0rG

    so we have two different mechanisms for offline and online sync now, with different message retention properties.

  196. Ge0rG

    jonasw: I suppose your MIX proxy will figure out from the client's caps that it's not MIX enabled

  197. daniel has left

  198. jonasw

    well, no, the client *can* do MIX

  199. jonasw

    but it hasn’t seen the account yet

  200. Ge0rG

    jonasw: otherwise, you're f***ed.

  201. daniel has joined

  202. Ge0rG

    jonasw: this is exactly why I'm complaining about MIX-in-roster

  203. jonasw

    what does this have to do with MIX-in-roster?

  204. Ge0rG

    jonasw: implicit join on connect.

  205. jonasw

    I think that’s a feature

  206. Ge0rG

    jonasw: until you get a message from a MIX.

  207. jonasw

    yes well, I need to know that it’s a MIX

  208. Ge0rG

    yes you do

  209. Ge0rG

    jonasw: you could spawn a thread to process that message, and have the thread query the domain / plus-less JID / something about what it is.

  210. jonasw

    thanks, but that’s insane

  211. Ge0rG

    jonasw: you could also just do a blocking query :P

  212. jonasw

    that’s not better

  213. nicolas.verite has joined

  214. Ge0rG

    jonasw: maybe your client can see that you are in somemix@mixservice from your annotated roster, and thus determine that somemix+someuser@mixservice must be a participant of that mix?

  215. jonasw

    that could worl

  216. jonasw


  217. jonasw

    if the roster is actually going to be annotated, that could indeed work.

  218. jonasw

    won’t work for mixes which are not in the roster thoguh

  219. suzyo has left

  220. xnyhps has left

  221. Valerian has joined

  222. suzyo has joined

  223. sonny has joined

  224. jubalh has joined

  225. uc has left

  226. Tobias has joined

  227. Tobias has joined

  228. devnull has left

  229. devnull has joined

  230. ralphm has left

  231. uc has joined

  232. daniel has left

  233. daniel has joined

  234. goffi has joined

  235. kalkin has left

  236. suzyo has left

  237. kalkin has joined

  238. mhterres has joined

  239. Martin has joined

  240. Steve Kille has left

  241. Steve Kille has left

  242. Flow has joined

  243. Steve Kille has joined

  244. Piotr Nosek has left

  245. Steve Kille has left

  246. daniel has left

  247. daniel has joined

  248. daniel has left

  249. daniel has joined

  250. jubalh has left

  251. kaboom has joined

  252. daniel has left

  253. daniel has joined

  254. blipp has left

  255. tim@boese-ban.de has joined

  256. daniel has left

  257. daniel has joined

  258. Ge0rG has joined

  259. Mancho has left

  260. suzyo has joined

  261. vurpo has left

  262. sonny has joined

  263. kalkin has left

  264. kalkin has joined

  265. vurpo has left

  266. vurpo has joined

  267. sonny has joined

  268. Lance has left

  269. uc has left

  270. uc has joined

  271. Ge0rG has left

  272. xnyhps has left

  273. daniel has left

  274. daniel has joined

  275. sonny has joined

  276. kaboom has left

  277. Valerian has left

  278. Valerian has joined

  279. daniel has left

  280. daniel has joined

  281. sonny has joined

  282. Alex has joined

  283. Yagiza has left

  284. kalkin has left

  285. jere has joined

  286. jere has left

  287. jere has joined

  288. Valerian has left

  289. jere has left

  290. jere has joined

  291. Alex has left

  292. kalkin has joined

  293. daniel has left

  294. Ge0rG

    In the context of auto-generated UUID-JIDs for private MUCs/MIXes, there is an interesting question of how to prevent impersonation attacks.

  295. waqas has joined

  296. jonasw

    Ge0rG: reject MIXes/MUCs with anonymous settings for that purpose?

  297. jonasw

    and then look up the JIDs to make sure they match

  298. jonasw

    uhm, I may not be so sure about your usecase anymore

  299. jere has joined

  300. jere has joined

  301. blipp has left

  302. blipp has joined

  303. Martin has left

  304. Martin has joined

  305. Ge0rG

    jonasw: if the MIX/MUC is on a different server than yours or your inviting contact's, the MIX/MUC can misbehave and feed you "trusted" JIDs

  306. jonasw

    if you assume that the service is evil, end-to-end is probably the only way out

  307. Yagiza has joined

  308. Ge0rG

    jonasw: I assume that my own server is not evil, but an evil third-party server might exist.

  309. jonasw

    still applies

  310. Valerian has joined

  311. Ge0rG

    jonasw: I think there is room for a security model somewhere between "trust everybody" and "trust nobody, run e2ee everywhere"

  312. Ge0rG

    jonasw: something like "trust my server to properly handle MUCs and contacts, and not to lie to me about users' JIDs"

  313. Ge0rG

    jonasw: otherwise we are deep into sign-MUC-invitations-and-participant-lists-with-OMEMO land

  314. jonasw

    yes, but that’s not a way to prevent impersonation attacks; that’s a way to say "they don’t matter because those who can execute them won’t do that"

  315. Ge0rG

    jonasw: good point. Then we really need to sign every presence and message.

  316. jonasw


  317. jonasw

    or use peer-to-peer MUCs :-)

  318. jonasw

    (although that still needs E2E)

  319. nicolas.verite has left

  320. Ge0rG

    jonasw: the only secure way to make trusted identities is to route-to-publickeys, like Tor and similar.

  321. jonasw

    yeah, I do not see that happen with XMPP

  322. Tobias

    you can perfectly use XMPP with onion domains

  323. sonny has left

  324. Ge0rG

    Tobias: that's completely orthogonal.

  325. Ge0rG

    Tobias: unless you want each user to run their own .onion xmpp server.

  326. Tobias


  327. jonasw

    why not! that also gives us client-chosen identifiers in JIDs! :>

  328. Ge0rG

    jonasw: was it jonasw@6HbHXvQ00HcXJMWYlC5lpeU5.onion or jonasw@hC19YDLyWPC6jAFVQDlH78Lf.onion again?

  329. jonasw

    distributed name services!

  330. jonasw

    also, you would know, because your client lets you choose by public key (including meta information), not by .onion address

  331. Ge0rG

    Zooko called, and he wants his triangle back.

  332. Ge0rG

    jonasw: so I'd choose by "6HbHXvQ00HcXJMWYlC5lpeU5" vs "hC19YDLyWPC6jAFVQDlH78Lf"?

  333. jonasw

    no, the key with title "Jonas Wielicki" you signed when we met at CLT 2017 ;-)

  334. Ge0rG

    meta information can be faked.

  335. Ge0rG

    jonasw: but we never met at CLT 2017.

  336. jonasw

    now that’s tricky

  337. jonasw


  338. Tobias

    if we get the lookup/bootstrapping problem solved it doesn't matter how cryptic the JID looks :)

  339. Ge0rG

    exchanging xmpp addresses is hard enough already without routing-by-publickey

  340. Ge0rG

    Tobias: are we putting a pubkey-routed overlay network on top of xmpp now?

  341. Tobias

    I'm certainly not

  342. Tobias

    put you probably could do serverless XMPP via DHT discovered endpoints :)

  343. Tobias

    everything is supposed to be serverless nowadays anyways ;)

  344. Ge0rG

    Tobias: right. or serverless xmpp on .onion domains, to reuse existing tech

  345. jonasw

    i wanted to implement serverless for fun anyways

  346. Tobias

    still have the bootstrapping/contact lookup problem though

  347. Ge0rG

    Tobias: QR codes printed with your blood onto calfskin.

  348. Ge0rG

    the blood provides a strong binding to your identity, via DNA

  349. Ge0rG

    maybe there is even some way to cryptographically hash your DNA info to make a truly-personal keypair.

  350. Tobias

    Ge0rG, people get cloned, then what?

  351. Ge0rG

    Tobias: only a large government service is able to clone people. This attack vector can be safely ignored for normal people.

  352. Tobias

    they cloned dolly in the 90s, didn't they..must be dead cheap by now

  353. Ge0rG

    Tobias: I hope you didn't intend to make that a tasteless pun. :D

  354. Tobias

    at first not, but now that i reread that message :)

  355. Alex has joined

  356. Piotr Nosek has joined

  357. jonasw


  358. Guus has left

  359. suzyo has left

  360. Guus has joined

  361. jere has joined

  362. jere has joined

  363. daniel has left

  364. nicolas.verite has joined

  365. nicolas.verite has left

  366. nicolas.verite has joined

  367. daniel has left

  368. daniel has left

  369. winfried has joined

  370. Ge0rG has joined

  371. Martin has left

  372. sonny has joined

  373. Martin has joined

  374. sonny has joined

  375. Guus has left

  376. Guus has joined

  377. Alex has left

  378. Ge0rG has left

  379. Guus has left

  380. vurpo has left

  381. vurpo has joined

  382. Guus has joined

  383. sonny has joined

  384. Zash has joined

  385. daniel has left

  386. daniel has left

  387. sonny has left

  388. sonny has left

  389. sonny has left

  390. vurpo has left

  391. vurpo has joined

  392. sonny has joined

  393. Alex has joined

  394. tim@boese-ban.de has joined

  395. Piotr Nosek has left

  396. Guus has left

  397. Guus has joined

  398. daniel has left

  399. daniel has left

  400. Tobias

    nyco, https://mongoose-os.com/ is not related to mongoose XMPP server, is it?

  401. jubalh has joined

  402. kalkin has left

  403. jubalh has left

  404. bjc has left

  405. bjc has joined

  406. waqas has left

  407. Guus has left

  408. Guus has joined

  409. kalkin has joined

  410. Guus has left

  411. Guus has joined

  412. daniel has left

  413. Martin has left

  414. Martin has joined

  415. Martin has left

  416. Martin has joined

  417. jubalh has joined

  418. nyco

    Nope ;-)

  419. Martin has left

  420. Martin has joined

  421. jonasw has left

  422. daniel has left

  423. kalkin has left

  424. bjc has left

  425. sonny has joined

  426. Valerian has left

  427. Valerian has joined

  428. nyco has left

  429. nicolas.verite has left

  430. bjc has joined

  431. nyco has joined

  432. bjc has left

  433. Steve Kille has left

  434. Steve Kille has joined

  435. kalkin has joined

  436. waqas has joined

  437. Tobias has joined

  438. jubalh has left

  439. nyco has left

  440. nyco has joined

  441. nicolas.verite has joined

  442. Bunneh has left

  443. Bunneh has joined

  444. Mancho has left

  445. nicolas.verite has left

  446. Tobias has joined

  447. Mancho has left

  448. nicolas.verite has joined

  449. daniel has left

  450. SamWhited has left

  451. jere has left

  452. daniel has left

  453. sonny has joined

  454. Ge0rG has left

  455. Guus has left

  456. daniel has left

  457. Ge0rG has left

  458. suzyo has joined

  459. sezuan has left

  460. Valerian has left

  461. goffi has left

  462. Tobias has joined

  463. vurpo has left

  464. vurpo has joined

  465. vurpo has left

  466. vurpo has joined

  467. Valerian has joined

  468. uc has left

  469. uc has joined

  470. jonasw has left

  471. nicolas.verite has left

  472. ralphm has left

  473. ralphm has left

  474. bjc has joined

  475. waqas has left

  476. jubalh has left

  477. jubalh has joined

  478. Guus has left

  479. suzyo has left

  480. Lance has joined

  481. bjc has left

  482. bjc has joined

  483. Lance has left

  484. Valerian has left

  485. Valerian has joined

  486. Valerian has left

  487. nicolas.verite has joined

  488. jubalh has left

  489. Guus has left

  490. waqas has joined

  491. Guus has left

  492. Tobias has left

  493. waqas has left

  494. waqas has joined

  495. sonny has joined

  496. Guus has left

  497. Guus has left

  498. Ge0rG has joined

  499. Guus has left

  500. Ge0rG has left

  501. Guus has left

  502. nicolas.verite has left

  503. Guus has left

  504. sezuan has left

  505. Ge0rG has left

  506. Valerian has joined

  507. Guus has left

  508. nicolas.verite has joined

  509. Lance has joined

  510. nyco has joined

  511. nyco has joined

  512. jere has joined

  513. Yagiza has left

  514. goffi has left

  515. bjc has left

  516. Steve Kille has left

  517. Steve Kille has left

  518. bjc has joined

  519. kaboom has left

  520. Steve Kille has joined

  521. Guus has left

  522. mhterres has left

  523. Guus has left

  524. bjc has left

  525. bjc has joined

  526. nyco has joined

  527. Steve Kille has left

  528. vurpo has left

  529. vurpo has joined

  530. nyco has joined

  531. daniel has left

  532. tim@boese-ban.de has left

  533. Flow has joined

  534. tim@boese-ban.de has joined

  535. sonny has joined

  536. moparisthebest has left

  537. Valerian has left

  538. Martin has left

  539. SamWhited has left

  540. daniel has left

  541. winfried has left

  542. daniel has left

  543. daniel has left

  544. ralphm has left

  545. waqas has left

  546. sonny has joined

  547. daniel has left

  548. daniel has left

  549. sonny has left

  550. daniel has left

  551. daniel has left

  552. daniel has left

  553. sonny has left

  554. goffi has joined

  555. Lance has left

  556. Lance has joined

  557. suzyo has joined

  558. Valerian has joined

  559. nicolas.verite has left

  560. nicolas.verite has joined

  561. jubalh has joined

  562. jubalh has left

  563. mimi89999 has left

  564. mimi89999 has joined

  565. mimi89999 has joined

  566. nyco has joined

  567. nyco has joined

  568. sezuan has left

  569. sonny has joined

  570. efrit has joined

  571. jere has joined

  572. jubalh has joined

  573. jubalh has left

  574. Lance has left

  575. waqas has joined

  576. jubalh has joined

  577. Guus has left

  578. winfried has left

  579. kaboom has left

  580. kaboom has left

  581. kaboom has left

  582. Ge0rG has left

  583. kaboom has left

  584. Neustradamus has left

  585. kaboom has left

  586. jubalh has left

  587. Guus has left

  588. kaboom has left

  589. jere has joined

  590. nicolas.verite has left

  591. nicolas.verite has joined

  592. kaboom has left

  593. kaboom has left

  594. Valerian has left

  595. kaboom has left

  596. Mancho has left

  597. kaboom has left

  598. SamWhited has left

  599. Lance has joined

  600. Guus has left

  601. nicolas.verite has left

  602. jonasw has left

  603. efrit has left

  604. efrit has joined

  605. kaboom has left

  606. mimi89999 has left

  607. mimi89999 has left

  608. nicolas.verite has joined

  609. mimi89999 has joined

  610. kaboom has left

  611. mimi89999 has left

  612. mimi89999 has left

  613. nicolas.verite has left

  614. kaboom has left

  615. Ge0rG has joined

  616. bjc has left

  617. suzyo has left

  618. kalkin has left

  619. daniel has left

  620. moparisthebest has joined

  621. vurpo has left

  622. Mancho has left

  623. jubalh has joined

  624. moparisthebest has joined

  625. moparisthebest has joined

  626. vurpo has left

  627. goffi has left

  628. Ge0rG has joined

  629. Guus has left

  630. Guus has left

  631. Guus has left

  632. jere has left

  633. jere has joined

  634. vurpo has left

  635. vurpo has left

  636. vurpo has joined

  637. vurpo has left

  638. nicolas.verite has joined

  639. kaboom has left

  640. mimi89999 has left

  641. vurpo has left

  642. Ge0rG has joined

  643. bjc has joined

  644. SamWhited has left

  645. Mancho has left

  646. Mancho has left

  647. waqas has left

  648. vurpo has left

  649. Alex has left

  650. sezuan has left

  651. Guus has left

  652. nicolas.verite has left

  653. waqas has joined

  654. nicolas.verite has joined

  655. McKael has left

  656. daniel has left

  657. Ge0rG has left