That CFE that was issued for XEP-0368 got me thinking about multiplexing services, using the ALPN TLS extension.
mimi89999has joined
Guus
I'm new to this, so if I'm asking silly questions, feel free to point that out
Zash
That's all silly
Guus
(please wait until I've actually started questions)
Guus
can we multiplex Direct TLS and STARTTLS somehow?
Zash
In theory
Guus
as the latter doesn't start out as a TLS connection, I'm assuming ALPN isn't usable there?
Zash
More like redundant, like SNI
zinid
sni is redundant?
Guus
I don't get that last statement
Zash
I'm somewhat anti all those things. As I see it, all it does is move stuff into the TLS library.
Ge0rGhas left
Guus
second question: if we'd add BOSH to the multiplexing-mix, would that need a new ALPN protocol ID, or use one of the HTTP-ones? The latter would prevent multiplexing with another (non-XMPP) webservice, right?
Zash
XMPP, HTTP, TLS are all fairly easily identifiable from the first few bytes, so they can be multiplexed
Guus
third question for Zash: if not use SNI / ALPN, what's the alternative for multiplexing protocols (and hosts) on one port?
Guus
with existing tooling?
Zash
Prosody does it just fine, except TLS and STARTTLS can't be on the same port.
Guus: There's sslh, for example: http://www.rutschle.net/tech/sslh.shtml
Zash
Holger: Yeah, now we get TLSMUX on port 443 instead. All this has happened before etc.
Yagizahas joined
Ge0rG
History is repeating itself.
danielhas left
danielhas joined
zinid
you cannot offload TLS efficiently with starttls
Zash
Because?
zinid
because how?
SouL
Has anyone used http://tsung.erlang-projects.org/1/01/about/?
zinid
Zash: will you write your own balancer understanding starttls?
Zash
Is it really that hard?
zinid
Zash: writing haproxy or nginx?
Zash
zinid: I did that once, FWIW.
zinid
I think yes, it's hard
zinid
nobody interested in your handmade toys
zinid
SouL: I used tsung a lot of course
Zash
Hrrr
danielhas left
danielhas joined
Zash
Doesn't nginx have starttls for its email things?
Zash
And didn't that Fastmail guy add XMPP support to nginx?
zinid
so you will use SMTP STARTTLS for XMPP STARTTLS?
zinid
if "add support" means writing shitty patch, then yes, he did
Zash
I don't think I want to hear this argument agaidn
zinid
what do you want to here?
zinid
nginx out of the box doesn't support xmpp starttls
zinid
also, some guys prefer haproxy
Ge0rGhas left
zinid
they will not change it only because of xmpp starttls
Alexhas left
danielhas left
danielhas joined
danielhas left
danielhas joined
Zashhas left
jcbrandhas left
la|r|mahas joined
Guus
second question: if we'd add BOSH to the multiplexing-mix, would that need a new ALPN protocol ID, or use one of the HTTP-ones? The latter would prevent multiplexing with another (non-XMPP) webservice, right?
Ge0rGhas left
stefandxmhas left
ralphmhas joined
Ge0rG
I'd say bosh is http
jonasw
Guus, I thnik you’d multiplex based on the requested resource then
jonasw
layer 7 routing etc.
Guus
that makes sense
Zash
Did ALPN allow the client to set multiple types?
Ge0rGhas left
blablahas left
ralphmhas joined
blablahas joined
jcbrandhas joined
Guus
I like how you talk in the past tense :)
Guus
(and: I don't know)
Ge0rGhas left
Zashhas left
Wiktorhas joined
Zash
Looks like it does.
> "ProtocolNameList" contains the list of protocols advertised by the
> client, in descending order of preference.
Zash
So, registering bosh wouldn't be too crazy.
jerehas joined
danielhas left
danielhas joined
stefandxmhas joined
ralphmhas joined
Ge0rGhas left
ralphmhas left
ralphmhas joined
Ge0rGhas left
vanitasvitaehas left
vanitasvitaehas joined
ralphmhas left
Guushas left
Ge0rGhas left
tim@boese-ban.dehas joined
zinidhas left
danielhas left
danielhas joined
Ge0rGhas left
jerehas left
lskdjfhas joined
jerehas joined
Ge0rGhas left
waqashas joined
ralphmhas joined
jubalhhas left
Valerianhas joined
Valerianhas left
nycohas left
Valerianhas joined
nycohas joined
Flowhas joined
Flowhas left
Ge0rGhas left
lovetoxhas joined
Ge0rGhas left
yar1khas left
Tobiashas left
tuxhas joined
la|r|mahas joined
stefandxm
is there any "larger" collective of error-messages than the one in xmpp core?
stefandxm
i am thinking now we get a lot of extended error codes that could probably be more generic if they were not in core.
stefandxm
so then maybe it already exists :)
jerehas joined
Ge0rGhas left
Valerianhas left
nycohas left
Valerianhas joined
ralphmhas joined
Valerianhas left
Ge0rGhas left
nycohas joined
peterhas joined
nycohas left
Ge0rGhas left
stefandxmhas left
nycohas joined
Valerianhas joined
jerehas joined
la|r|mahas joined
la|r|mahas joined
jerehas left
jerehas joined
Ge0rGhas left
peterhas left
Guushas left
jerehas left
jerehas joined
waqashas left
waqashas joined
Alexhas joined
jcbrandhas left
Ge0rGhas left
jcbrandhas joined
Valerianhas left
SamWhited
Ge0rG: I was thinking more about tying message attaching to XEP-0359 IDs. I'm not sure that it gets us all that much anymore, because you have to support attaching by origin ID and by IDs set by the server, which feels just as weird as attaching based on the id attribute which may or may not exist.
Ge0rG
Yeah, non-mandatory non-unique IDs are what brought us into the trouble
Guushas left
Ge0rGhas left
winfriedhas joined
jubalhhas left
SamWhited
I'm not actually a fan of having two different entities that can set IDs either.
Alexhas left
nycohas left
Guushas left
Guushas left
jubalhhas joined
Ge0rG
Two entities, three kinds of IDs. What could go wrong?
Ge0rG
Oh, all of them are optional.
jonasw
hm, right, you couldn’t attach something on a message without ID :/
jonasw
you can’t use the MAM ID anyways, thinking of it, because other clients don’t know it
Ge0rGhas left
jerehas left
jerehas joined
Ge0rG
maybe it would be useful to enforce origin-id == message-id.
jubalhhas left
jonasw
interesting idea
jonasw
bring that up on standards@
Ge0rG
There seems to be no discussion of that XEP on standards at all.
Ge0rGhas left
Ge0rG
oh, nevermind. my filter-fu is bad
SamWhited
Why even have origin-id at that point? Clients could just set message-id
Ge0rG
because message-ids are not guaranteed to be unique, random or even present
SamWhited
I don't follow. If you're going to say in the spec "set both of these to the same thing and make it unique and random" why not just say "set the message-id and make sure it's unique and random"
SamWhited
?
Ge0rG
SamWhited: because as a receiving entity, you don't know the rules that the sender used to generate the ID
SamWhited
Sure you do, they say they support stanza-id in their disco
MattJ
Right, that's why it exists
SamWhited
Actually, no, I lied
MattJ
and yes, it's optional, but I think it's fine for a XEP to fail gracefully on that
SamWhited
You're getting stuff from a MAM archive, and the client that sent it originally is online… you don't have the disco info for context.
SamWhited
is offline, even.
MattJ
You don't need disco, just the element existing or not
Ge0rG
MattJ: only if there is an origin-id in the message.
SamWhited
MattJ: I was suggesting the element didn't need to exist (if you're going to set it in both places, just use the id attr), but I was confused, that doesn't provide enough context.
MattJ
Oh right, yeah, you can't rely on that
SamWhited
So yah, I agree, if you're going to support stanza-id forcing the origin-id and the id attr to be the same sounds sensible to me.
MattJ
Also some servers think it's ok to modify that whenever they want anyway :)
Ge0rG
Yeah.
Ge0rG
But then the value of message-id doesn't matter anyway.
Ge0rG
And other servers (transports) tend to remove XML payload from MUC messages.
SamWhited
It matters for things that don't support stanza-id
Ge0rG
So we are fu... doomed anyway.
SamWhited
This doesn't "fix" anything, it just makes things slightly more consistent at the cost of a tiny bit of weird useless duplication
Guushas left
Guushas left
Ge0rGhas left
Guushas left
jubalhhas joined
tuxhas joined
jcbrandhas left
jcbrandhas joined
jcbrandhas left
Ge0rGhas left
lskdjfhas left
la|r|mahas joined
nycohas joined
la|r|mahas joined
lskdjfhas joined
stefandxmhas joined
lumihas joined
Guushas left
peterhas joined
la|r|mahas joined
ralphmhas left
Ge0rGhas left
Guushas left
goffihas left
winfriedhas joined
winfriedhas joined
efrithas joined
Ge0rGhas left
stefandxmhas left
Guushas left
efrithas left
efrithas joined
ralphmhas left
ralphmhas joined
winfriedhas left
tim@boese-ban.dehas joined
stefandxmhas left
efrithas left
tim@boese-ban.dehas joined
waqashas left
efrithas joined
la|r|mahas joined
la|r|mahas joined
winfriedhas joined
lskdjfhas joined
efrithas left
lskdjfhas joined
efrithas joined
Ge0rGhas left
fippo
has anyone running a public server ever tried to run yahoos open_nsfw image classifier on the avatar data?
fippo
(you can probably guess what this classifier does)
Flowhas joined
peterhas left
Guushas left
nycohas left
lskdjfhas joined
winfriedhas joined
la|r|mahas joined
tim@boese-ban.dehas joined
tim@boese-ban.dehas joined
Ge0rGhas left
lskdjfhas joined
danielhas left
danielhas joined
lskdjfhas joined
Guushas left
Guushas left
Ge0rGhas left
Guushas left
Guushas left
la|r|mahas joined
winfriedhas joined
lumihas left
ralphmhas joined
Ge0rGhas left
danielhas left
danielhas joined
Guushas left
emxphas left
jubalhhas joined
emxphas joined
Ge0rGhas left
Guushas left
lskdjfhas joined
Ge0rGhas left
jabberatdemohas joined
efrithas left
ralphmhas left
waqashas joined
ralphmhas left
jabberatdemohas left
ralphmhas joined
Ge0rGhas left
jjrhhas left
dwdhas left
jjrhhas left
jjrhhas left
Tobiashas joined
Tobiashas joined
la|r|mahas joined
lskdjfhas joined
Ge0rGhas left
lumihas joined
Guushas left
Ge0rGhas left
la|r|mahas joined
ralphmhas joined
lskdjfhas joined
jjrhhas left
jjrhhas left
Guushas left
Ge0rGhas left
danielhas left
danielhas joined
jjrhhas left
jjrhhas left
nycohas joined
fp-testerhas left
Ge0rGhas left
ralphmhas joined
nycohas left
nycohas joined
jjrhhas left
sonnyhas joined
sonnyhas joined
sonnyhas left
sonnyhas joined
Ge0rGhas left
sonnyhas left
sonnyhas joined
mimi89999has joined
Ge0rGhas left
jjrhhas left
Ge0rGhas left
ralphmhas left
nycohas left
nycohas joined
ralphmhas joined
Ge0rGhas left
ralphmhas left
valohas joined
lskdjfhas joined
lskdjfhas joined
danielhas left
danielhas joined
ralphmhas joined
Ge0rGhas left
Ge0rGhas left
waqashas left
Ge0rGhas left
jubalhhas joined
waqashas joined
Ge0rGhas left
danielhas left
danielhas joined
Ge0rGhas left
valohas joined
Ge0rG
Hey that's funny. I've read the "Opportunistic TLS" proposal, then thought the term isn't correct, then thought that would be bike shedding. And now that exact discussion has happened anyway.