Ha this is the same argument as the one against e2e earlier https://www.quakenet.org/articles/99-trust-is-not-transitive-or-why-irc-over-ssl-is-pointless
Neustradamushas joined
efrithas left
zinidhas left
zinidhas joined
efrithas joined
lskdjfhas joined
danielhas left
danielhas joined
la|r|mahas joined
danielhas left
danielhas joined
efrithas left
efrithas joined
Neustradamushas left
Neustradamushas joined
Neustradamushas left
Neustradamushas joined
la|r|mahas joined
lskdjfhas joined
Guushas left
la|r|mahas left
la|r|mahas joined
Guushas left
Guushas left
tim@boese-ban.dehas joined
Valerianhas left
la|r|mahas joined
danielhas left
nycohas left
Wiktorhas left
Wiktorhas joined
danielhas joined
lskdjfhas joined
Valerianhas joined
jerehas joined
efrithas left
Valerianhas left
uchas joined
zinid
moparisthebest: seems like the dude only concerned about mitm?
SamWhitedhas left
goffihas joined
andrey.ghas joined
ralphmhas left
Guushas left
Guushas left
stefandxmhas left
winfriedhas joined
uchas joined
jubalhhas joined
Yagizahas joined
uchas joined
zinidhas left
Guushas left
ralphmhas left
bearhas left
Flowhas joined
bearhas joined
jubalhhas joined
intosihas left
intosihas joined
Flowhas left
Guushas left
ralphmhas left
uchas joined
mimi89999has joined
ralphmhas left
bearhas left
bearhas joined
ralphmhas left
sonnyhas left
sonnyhas joined
zinidhas left
sonnyhas left
sonnyhas joined
ralphmhas joined
sonnyhas joined
sonnyhas joined
sonnyhas joined
sonnyhas joined
sonnyhas joined
sonnyhas joined
andrey.ghas left
sonnyhas joined
sonnyhas joined
sonnyhas left
sonnyhas joined
sonnyhas joined
sonnyhas joined
blablahas joined
sonnyhas joined
sonnyhas joined
vanitasvitae
Hi! Awesome to see that JET is now experimental :D I noticed some formatting issues in the pdf though. The table under §5 is crippled. Since this is likely to occure elsewhere as well, I thought I'd bring that to your attention :)
Ge0rG
vanitasvitae: the best approach is probably to open an issue on the xeps repo. Or even to provide a patch ;)
blablahas left
vanitasvitae
Guus told me, that SamWhited and jonasw are doing some work on this, so let me ping you :)
vanitasvitae
I'm not familiar with the pdf build process, so I think I'll just open an issue (if there is none yet)
sonnyhas joined
sonnyhas left
sonnyhas joined
Guus
I don't think they're still actively working on it - but things did change recently.
sonnyhas left
sonnyhas joined
sonnyhas joined
sonnyhas joined
sonnyhas joined
sonnyhas joined
vanitasvitae
I opened https://github.com/xsf/xeps/issues/521
sonnyhas left
sonnyhas joined
sonnyhas left
sonnyhas joined
sonnyhas left
sonnyhas joined
sonnyhas left
sonnyhas joined
sonnyhas left
sonnyhas joined
sonnyhas left
sonnyhas joined
jonasw
nobody is familiar with the pdf build process :D
jonasw
yeah, I doubt we can do anything about that
jonasw
(looking at the issue)
jonasw
it’s simply too wide for the PDF output
ralphmhas left
vanitasvitae
yeah, I guess you're right
jonasw
ideally editors would proofread the PDF output and ensure that it is nice, but ...
jonasw
I’m actually more inclined to terminate PDF output altogether than doing that ;-)
vanitasvitae
In that case there is not much to do I guess :D
vanitasvitae
But pdfs are so nice... :D
jonasw
I prefer the HTML version, esp. since Sams recent CSS fixes
jonasw
one of the few things I prefer to have in my browser over a separate application
Guus
vanitasvitae: can you replace the namespace by a (shorter) reference to a namespace, somehow?
jonasw
that would probably do the trick, yes
vanitasvitae
maybe get rid of the "-"s as a first step?
vanitasvitae
and shorten "nopadding" to "nopad"?
Guus
hey, the logo on the PDF (first page), looks weird
Guus
it's the old / broken logo, but also has black colors for the outside bits, instead of the blue?
vanitasvitae
thats an issue with firefox I think
sonnyhas joined
jonasw
weird
jonasw
no
sonnyhas joined
Guus
might be, but I'm using Chrome :)
sonnyhas joined
jonasw
it’s also in the original PDF of the logo
jonasw
super weird
vanitasvitae
the logo is rendered differently in pdf viewers and browsers I think
vanitasvitae
at least I noticed that some time ago
jonasw
can’t easily fix that though, because the PDF includes the "XMPP" text for which I don’t have the font I think
jonasw
no, it is definitely also in the source files, vanitasvitae
Guus
what format is the source?
jonasw
this is extremely ugly https://sotecware.net/images/dont-puush-me/FHNZUlDByHqPUgjwj1Cq2EhPat6zvV5sfbTtJ__tlLI.png
jonasw
PDF
Guus
bah
jonasw
I can try to mess with it to embed the new logo in that, should be doable
vanitasvitae
PDF missing the main purpose of its existence :D
Guus
I've got SVGs for the logo, but not the text
jonasw
how did you make xmpp.png then?
jonasw
by hand?
Guus
yeah, I erased the logo, copied in a newly generated one from SVG using the correct size
jonasw
okay
Guus
interestingly, the page headers also have a (very small) logo, where the colors are correct.
jonasw
yupp
jonasw
those are two different files
jonasw
patching them now
Guus
thanks :)
Guus
I'm somewhat surprised that the source components are PDFs themselves. Then again, I know nothing.
jonasw
that’s usual for LaTeX
jonasw
you can only have PDF as vector format without extra packages when building with {pdf,xe,lua}latex
but I guess that’s what you get from opening PDFn with inkscape
Guus
those appear to be printing masters
Guus
it's probably what the original authors of the PDF generation had available at the time
jonasw
making a test build with patched PDFs
jonasw
(now I in fact wonder if all built PDFs contain the whole printing master...)
jonasw
(or if something is smart enough to crop that out)
jonasw
(which I doubt, because it’s pdflatex we’re speaking about)
jonasw
well, xelatex
Guus
how big is it? If it's just a fraction of the total size, I wouldn't bother improving it further
jonasw
a few kiB
jonasw
I was just wondering conceptually
jonasw
because that’s essentially the XMPP Corporate Design ;-)
jonasw
thereifixedit: https://sotecware.net/files/noindex/xep-0391.pdf cc @ Guus
ralphmhas left
nycohas left
Guus
fun fact: the font used for the 'XMPP' text in our logo is also used in 2001: A Space Odyssey, for the interface of HAL. :)
Guus
ah, much better, thanks!
jonasw
let’s push that
Flowhas joined
jonasw
now I get the feeling that I did already quite a lot today! :-)
Guus
and it's only 10 am :)
jonasw
exactly!
Guus
wanna pop over to jdev and see if you have feedback on my question there? :)
Guus
oh, you already were there :)
Flowhas left
jonasw
there you go ;-)
Guus
tx :)
jubalhhas joined
Ge0rG
It's 10 AM and I feel like weekend already
jonasw
Ge0rG, good news: weekend for me already. wait. that’s only good news for me. sorry.
Guus
you just told us you were available.
Guus
that might've been a mistake :P
Flowhas joined
jonasw
Guus, do you have power over the dockerhup by now? If so, does that include the xeps builds? That’d be good to know.
Kev
He does, yes.
jonasw
great. Just in case there are issues again, but I suspect now that we don’t source stuff from sourceforge anymore, it should be fine
Guus
(what Kev said)
Flowhas joined
andrey.ghas joined
lumihas joined
Alexhas joined
waqashas left
jubalhhas joined
Flowhas left
Flowhas joined
ralphmhas left
vanitasvitaehas left
Ge0rGhas left
Wiktorhas joined
Yagizahas left
uchas joined
ralphmhas left
zinidhas left
Tobiashas joined
zinidhas left
Yagizahas joined
Holgerhas left
vanitasvitaehas left
vanitasvitaehas left
vanitasvitaehas joined
jerehas joined
Guushas left
Guushas left
iiro.laihohas joined
andrey.ghas left
jubalhhas joined
andrey.ghas joined
intosihas left
jubalhhas left
jubalhhas joined
Guushas left
Guushas joined
lumihas joined
uchas joined
valohas joined
xnyhpshas left
zinidhas left
lskdjfhas joined
intosihas joined
xnyhpshas left
Tobiashas joined
lumihas joined
la|r|mahas joined
jubalhhas left
Kevhas left
Kevhas left
Kevhas left
Kevhas joined
Kevhas left
Guushas left
la|r|mahas joined
uchas joined
Zashhas left
ralphmhas left
mimi89999has joined
uchas joined
stefandxmhas joined
valohas joined
Zashhas left
mimi89999has joined
Yagizahas joined
Zashhas left
lumihas left
ralphmhas joined
mimi89999has joined
winfriedhas joined
stefandxmhas left
Guushas left
sonnyhas joined
uchas joined
Zashhas left
Zashhas left
sonnyhas joined
mimi89999has joined
jjrhhas left
jjrhhas left
winfriedhas joined
jubalhhas joined
Zashhas left
Yagizahas joined
ralphmhas left
uchas joined
jjrhhas left
Guushas left
jjrhhas left
jjrhhas left
jubalhhas left
Flow
dwd: What was the motivation for renaming the 'mechanism' to 'task' in SASL2?
winfriedhas joined
Kev
IIRC because it can do things other than present SASL mechs. I could be wrong.
Flow
k, thanks
dwd
It also can't do the things mechanisms do. Like change the authorization identifier. Plus they need one to start.
Flow
can <task> could also contain a SASL mech?
dwd
Doubtful.
Flow
Wasn' t one idea that multiple mechs could be chained with SASL2?
Guus
did you use two different clients just now, dwd?
Guus
your nickname had different colors in Spark
dwd
Guus, Conversations for both those (Gajim for this one). Probably Conversations was detached; it looks like it injected a delay stamp.
dwd
Flow, So yes, the idea originally was that all these things are SASL mechs. But in practise, when developing, they're not. The first thing is a SASL mech, any subsequent ones are similar to mechanisms but distinct in that they're provided with an authzid, and cannot change it.
Flow
authzid was the thing which would allow you to impersonate another entity, right?
Kev
Not impersonate, but yes.
dwd
Flow, No, the authzid is the (most important) output of the SASL process. In XMPP, it's your jid.
Flow
ahh, ok, then it's the authcid I was thinking about
Kev
It's the thing that tells you what you are.
dwd
Flow, Probably not.
Flow
then what's the authcid again?
Guus
you authentiCate with authcid, you are then authoriZed for using authzid
Flow
An authorization identity is an OPTIONAL identity included by the
initiating entity to specify an identity to act as
dwd
Flow, The authentication identifier is the identifier used to identify you to the SASL mechanism. Typically you don't specify an authzid, and again typically in XMPP the authcid is just the local-part of the jid and the authzid is then figured out from that.
Flow
That does sound like authzid is what I said it is
dwd
Flow, It is optional to supply, because it can be derived (normally).
jjrhhas left
dwd
Flow, You do, always, end up with an authzid. Worth looking at TLS+EXTERNAL as an example - your authcid there is the certificate (or arguably the Subject of it). The authzid might be derived from it (usually from a SAN) or you might supply it.
dwd
Flow, There's no "impersonation" going on, though that, too, in as option (known as "Proxy Authentication", because you're authenticating to be a proxy for another user)
Flow
So what exactly is the problem that following SASL mechs can't change the authzid? Usually you either never provide the authzid or you provide it, in which case all chained mechs should/must provide the same
dwd
Flow, There's absolutely no power on earth that'll make me try to implement that. It's a nightmare.
waqashas joined
blablahas joined
Flow
And what is the point in being able to optionally supply the authzid? Re-using the same credentials for different accounts?
Flow
Anyway, I don't see a problem that subsequent mechs can not change the authzid
Guus
I'm no expert, but, I thought it was primarily used when the username you authenticate with isn't an exact match with the account name that you're authenticate for.
dwd
Flow, Sometimes to avoid confusion (like with TLS+EXTERNAL), sometimes for Proxy Auth. Also, if you've a username from, say, Active Directory that's not valid for XMPP, this be a way around that problem too.
Flow
I think we mixing two aspects of authzid: The one is where a sasl mech can optionally provide it, the other one is that you only know your full JID after being authenticated
dwd
Flow, Input and output, is all.
Flow
For chaining mechs, only the former can be possibly relevant, and I don't see why we can't simply say that all chained mechs must provide the same authzid, if they provide any at all
dwd
Flow, Why do you want to?
Flow
Guus: Yep, besides that your username can be completly different from the localpart of the JID you get
Flow
dwd: Why do I want to chain SASL mechs? Well the idea sounded appealing to me back then. And I don't see why we gave up on it
dwd
Flow, Because I tried implementing it and it was horrible.
danielhas left
dwd
Flow, Whereas I *have* implemented the current spec, along with TOTP etc, and it all works well.
Flow
dwd: Maybe, but what is different by having tasks now? SASL mechs are basically just a sequences of challenges and responses, surely tasks are very similar to that?
jjrhhas left
jjrhhas left
dwd
Flow, Yes, the protocol interface is the same, but the internal server-side interface is pretty different.
Flow
dwd: shouldn't ex4 in xep388 show a bare jid, or, when do I get a full JID at this stage?
Flow
ahh, we do bind2 there also
Flow
uh and bind2 still has no support for a client provided part ☹
Kev
Is anyone ready to implement bind2? If so I'll try to find time to add that.
Flow
and sasl2 can be used without bind2? A lot of possibilities ☺
Flow
(but it's getting complicated)
Kev
dwd: Did you do bind2 with sasl2, or not?
dwd
Kev, I've been toying with a bind2 embedded in sasl2 in my implementation just to see, but I've not tried it yet.
Flow
Kev: ex2 in xep388 hints at bind2
suzyohas joined
dwd
Flow, Also ISR. But I've not quite finished 198 resumption yet, so...
dwd
Flow, I think I said (read: I meant it to say) it was a hypoethetical extension, in ex2.
suzyohas left
danielhas joined
suzyohas joined
stefandxmhas joined
suzyohas left
suzyohas joined
suzyohas left
suzyohas joined
suzyohas left
suzyohas joined
suzyohas left
andrey.ghas left
sonnyhas joined
sonnyhas joined
zinidhas left
tuxhas joined
jjrhhas left
danielhas left
jerehas joined
uchas joined
jjrhhas left
ralphmhas left
Flowhas joined
moparisthebest
ha AOL is finally killing AIM
moparisthebest
I... didn't know it was still alive
jjrhhas left
Guushas left
danielhas joined
jubalhhas joined
lumihas joined
uchas joined
danielhas left
uchas left
uchas joined
danielhas joined
blablahas joined
uchas joined
uchas joined
stefandxmhas left
jerehas left
jerehas joined
intosihas left
Valerianhas joined
Yagizahas left
Alex
ya, just read the news here:
https://aimemories.tumblr.com/
Alexhas left
SamWhited
That's AIM, MSN Messenger, and Yahoo Messenger all gone… the 90's are finally over :'(
Alexhas joined
danielhas left
danielhas joined
moparisthebest
well we still have XML >:)
Guushas left
Alexhas left
SamWhited
Only the worst part of the 90's are still around…
SamWhitedgoes to rewatch `The Fresh Prince of Bel-Air' to make himself feel better
dwd
moparisthebest, Where? We're now using a "React-like wire protocol", remember?
moparisthebest
dwd, I haven't heard of that but it sounds terrifying
zinidhas left
mimi89999has joined
Zashhas left
danielhas left
lovetoxhas joined
nycohas left
Lancehas joined
ralphmhas left
jubalhhas joined
Lancehas left
Zashhas left
uchas joined
lumihas left
jubalhhas left
Tobiashas left
jubalhhas joined
dwd
No, no. It's great. It'll get us all the cool kids now. Better than json.
jubalhhas left
la|r|mahas joined
jubalhhas joined
lskdjfhas joined
Guus
I heard you use this argument a few days ago
Guus
so presumably, there now is a newer fashion.
blablahas joined
ralphmhas left
Zashhas left
efrithas joined
Valerianhas left
jubalhhas left
uchas joined
mimi89999has joined
stefandxmhas joined
Zashhas left
Zashhas joined
lskdjfhas joined
la|r|mahas joined
stefandxmhas left
Guushas left
Guushas left
Guushas joined
moparisthebest
...
Valerianhas joined
moparisthebest
longtime guy in IRC channel mentions jabber, I say that's awesome when did you start using it
moparisthebest
he says just now to try to talk to some drug dealers from darkweb sites
moparisthebest
so, that's nice haha
zinid
definitely success
mimi89999has joined
la|r|mahas joined
lskdjfhas joined
andrey.ghas joined
tim@boese-ban.dehas left
andrey.ghas joined
ralphmhas joined
andrey.ghas joined
stefandxmhas joined
andrey.ghas joined
Alexhas left
jonaswhas left
andrey.ghas joined
la|r|mahas joined
stefandxmhas left
dwd
moparisthebest, Well, at least we have a dedicated niche market.
moparisthebest
yea use is exploding in a certain market segment I guess
moparisthebest
anyone want to sign up and ask about usability issues, UI problems etc
andrey.ghas joined
Guus
yeah, lets fix those nasty spam control issues that they're experiencing for them
lskdjfhas joined
moparisthebest
I can probably get the .onion site domain haha
moparisthebest
see here is a segment that probably values forward secrecy over long term archives right?
zinidhas left
dwd
moparisthebest, Depends if they have a sideline in blackmail, I guess.
moparisthebest
guess the 'seller' is using jodo.im I'm guessing it has IBR enabled judging by the flash 9.0 required on the http page