XSF Discussion - 2017-10-15

  1. lskdjf has joined

  2. lskdjf has left

  3. Ge0rG has left

  4. lovetox has left

  5. lskdjf has left

  6. pep.

    jonasw, I think it's *"Trainer\*Innen"* :P

  7. lovetox has joined

  8. pep.

    (Hopefully your client doesn't already convert what I just wrote)

  9. alacer has joined

  10. pep.

    This "I want to change XHTML-IM" fashion is going really quick and I don't like that

  11. Syndace has joined

  12. pep.

    I'm really curious as to what is going to come out of that new markdown-y spec. But I don't expect much

  13. Valerian has left

  14. Valerian has joined

  15. Ge0rG has left

  16. Zash

    pep.: People will run a random markdown js lib over stuff, and there'll be a high chance that they pick one that defaults to passing html trough and then we're back at square 1

  17. pep.


  18. pep.


  19. pep.

    And we would have lost a few weeks for nothing

  20. pep.

    Weeks of talking, months of incompatibilities, yeras of ranting

  21. pep.

    Weeks of talking, months of incompatibilities, years of ranting

  22. pep.

    Weeks of talking, months of ranting, years of incompatibilities

  23. pep.

    Or are we ever really done ranting

  24. lskdjf has joined

  25. Valerian has left

  26. Ge0rG has left

  27. Tobias has joined

  28. Zash

    pep.: When we die

  29. Syndace has joined

  30. lskdjf has joined

  31. lskdjf has joined

  32. Ge0rG has left

  33. lovetox has left

  34. Guus has left

  35. la|r|ma has left

  36. la|r|ma has joined

  37. daniel has left

  38. Guus has joined

  39. Ge0rG has left

  40. Guus has left

  41. Guus has joined

  42. Guus has left

  43. Guus has joined

  44. Ge0rG has left

  45. Guus has left

  46. lumi has left

  47. alacer has joined

  48. Guus has joined

  49. Guus has left

  50. Guus has joined

  51. stefandxm has left

  52. alacer has joined

  53. Ge0rG has left

  54. nyco has left

  55. nyco has joined

  56. Valerian has joined

  57. Ge0rG has left

  58. moparisthebest

    Just for Zash I'll write a bot with a dead mans switch to rant in here after I die

  59. alacer has joined

  60. Ge0rG has left

  61. ralphm has left

  62. daniel has left

  63. daniel has joined

  64. Guus has left

  65. Guus has joined

  66. daniel has left

  67. alacer has joined

  68. jere has left

  69. daniel has joined

  70. Ge0rG has left

  71. Ge0rG has left

  72. jere has joined

  73. tux has joined

  74. jjrh has left

  75. jjrh has left

  76. Syndace has left

  77. Syndace has joined

  78. stefandxm has joined

  79. Ge0rG has left

  80. jjrh has left

  81. jjrh has left

  82. stefandxm has left

  83. Ge0rG has left

  84. jabberatdemo has joined

  85. SamWhited has left

  86. jabberatdemo has left

  87. Ge0rG has left

  88. Ge0rG has left

  89. daniel has left

  90. uc has joined

  91. daniel has left

  92. Ge0rG has left

  93. daniel has joined

  94. Ge0rG has joined

  95. uc has joined

  96. alacer has joined

  97. stefandxm has joined

  98. Ge0rG has left

  99. Ge0rG has left

  100. Valerian has left

  101. Valerian has joined

  102. daniel has left

  103. Guus has left

  104. ThurahT has left

  105. stefandxm has left

  106. ThurahT has joined

  107. Valerian has left

  108. Ge0rG has left

  109. daniel has joined

  110. Valerian has joined

  111. daniel has left

  112. Ge0rG has left

  113. Guus has joined

  114. sonny has left

  115. Guus has left

  116. Guus has joined

  117. Ge0rG has left

  118. Ge0rG has left

  119. Ge0rG has left

  120. daniel has left

  121. Valerian has left

  122. waqas has left

  123. zinid has left

  124. zinid has joined

  125. Guus has left

  126. Guus has joined

  127. jubalh has joined

  128. jubalh has left

  129. Ge0rG has left

  130. uc has joined

  131. alacer has left

  132. alacer has joined

  133. Ge0rG has left

  134. Ge0rG has left

  135. stefandxm has joined

  136. valo has joined

  137. jubalh has joined

  138. Ge0rG has left

  139. stefandxm has left

  140. Ge0rG has left

  141. jubalh has left

  142. la|r|ma has left

  143. la|r|ma has joined

  144. Ge0rG has left

  145. arc has joined

  146. daniel has left

  147. arc has left

  148. arc has joined

  149. Tobias has joined

  150. arc has left

  151. arc has joined

  152. Ge0rG has left

  153. Tobias has joined

  154. alacer has joined

  155. Ge0rG has left

  156. Syndace has joined

  157. Syndace has joined

  158. tux has joined

  159. SouL has left

  160. Ge0rG has left

  161. zinid has left

  162. emxp has joined

  163. emxp has left

  164. emxp has joined

  165. stefandxm has joined

  166. lovetox has joined

  167. lovetox has left

  168. Ge0rG has left

  169. stefandxm has left

  170. arc has left

  171. ralphm has left

  172. arc has joined

  173. Ge0rG has left

  174. emxp has left

  175. emxp has joined

  176. uc has joined

  177. ralphm has joined

  178. arc has left

  179. arc has joined

  180. jubalh has joined

  181. tim@boese-ban.de has left

  182. Ge0rG has left

  183. arc has left

  184. tim@boese-ban.de has joined

  185. remko has joined

  186. Ge0rG has left

  187. jubalh has left

  188. alacer has joined

  189. uc has joined

  190. arc has joined

  191. Syndace has joined

  192. Ge0rG has left

  193. Tobias has joined

  194. Tobias has joined

  195. remko has joined

  196. arc has left

  197. remko has joined

  198. arc has joined

  199. lskdjf has joined

  200. Tobias has joined

  201. Ge0rG has left

  202. Tobias has joined

  203. efrit has joined

  204. arc has left

  205. arc has joined

  206. stefandxm has joined

  207. arc has left

  208. arc has joined

  209. remko has joined

  210. Ge0rG has left

  211. arc has left

  212. arc has joined

  213. alacer has joined

  214. arc has left

  215. arc has joined

  216. Ge0rG has left

  217. Flow has joined

  218. arc has left

  219. arc has joined

  220. dwd has left

  221. Tobias has joined

  222. arc has left

  223. arc has joined

  224. dwd has left

  225. remko has joined

  226. Ge0rG has left

  227. Guus has left

  228. alacer has joined

  229. arc has left

  230. arc has joined

  231. Flow

    Zash: I'm not sure if that most "markup to HTML" converter libs would pass html trough, but I could be wrong. On the other hand: The whole stackexchange network, and things like discourse, are facing the same situation, and I've never heard that either of them was vulnerable to malicious HTML injection

  232. Zash

    Flow: Pick the first markdown library you can find and try?

  233. Flow

    Zash: Is that challenging me to do a evaluation of the situation or so that I see the very first lib I pick failing? ;)

  234. Zash

    Since the original implementation does html passthough, I suspect it to be highly likely that it be the default.

  235. Flow

    Ok, but then what do all the sites displaying HTML generated from CommonMark do?

  236. Zash

    Even pandoc, the glorious saviour of all markup, defaults to html right through

  237. arc has left

  238. Flow

    Is it probably more a matter of unsafe defaults?

  239. arc has joined

  240. efrit has left

  241. Zash

    Defaults matter.

  242. alacer has joined

  243. Flow


  244. Flow


  245. remko has joined

  246. Flow

    by default we will do the unsafe thing because convenience

  247. pep.


  248. arc has left

  249. arc has joined

  250. Zash

    If we could just invent some sufficiently complicated to get wrong XML format...

  251. alacer has joined

  252. Ge0rG has left

  253. arc has left

  254. arc has joined

  255. jubalh has joined

  256. Flow

    dwd: does xep388 <failure/> have a way to tell the client to try it with a different SASL mech again? Or do we even have that in the standard SASL profile? asking because of ISR

  257. dwd

    Flow, ISR has - hopefully - nothing to do with that. Either you're authenticated or not, and if you're authenticated ISR will either succeed or not.

  258. goffi has joined

  259. nyco has left

  260. nyco has joined

  261. Flow

    dwd: whut? the idea has always been that ISR is used to authenticate the resumption

  262. arc has left

  263. arc has joined

  264. dwd

    Flow, But also, no. I'm not sure what would trigger that. The user exists but authentication failed? That case is normally treated equally to the user not existing for security reasons.

  265. Ge0rG has left

  266. Flow

    dwd: caused by the service, for some reason, "forgetting" the isr token, e.g. because of a restart

  267. Flow

    i.e. a fallback to "full" SASL auth, instead of lightweight ISR auth

  268. dwd

    Flow, So you're advocating a user enumeration attack? :-)

  269. dwd

    ISR is not, and must not be, authentication. We went through this I don't know how many times.

  270. Zash

    Does the token contain the username?

  271. Flow

    dwd: It's authenticating the stream resumption, I don't know how many times we went through this

  272. Flow

    Zash, no

  273. arc has left

  274. dwd

    Flow, ISR is just '198 resumption but as a '388 extension, right? The authentication happens within a normal SASL mechanism. You've proposed HT-* for this purpose, but one could use anything.

  275. arc has joined

  276. dwd

    Flow, So ISR+SCRAM is valid (just more round-trips). But also ISR+EXTERNAL, which is entirely reasonable.

  277. Flow

    sure, but ISR alone is also an option

  278. dwd

    No, it isn't. I'm very sure we had this argument before. If you make ISR an authentication mechanism in its own right it should not be conducted within the XSF.

  279. Flow

    also, I don't see how one could do ISR + another SASL mech, after xep388 moved away from multi SASL mechs to 'tasks'

  280. dwd

    Well, because ISR isn't a SASL mech to begin with.

  281. Flow

    but SASL-HT is

  282. Flow

    and ISR is based on it

  283. dwd

    Sure. But HT-* is *just* a SASL mechanism that you *could* use with ISR, surely?

  284. Flow

    so it's SASL-HT+SCRAM what you are suggesting

  285. Flow

    dwd: no

  286. dwd

    Well, then, the design is wrong.

  287. Flow

    I don't think so, but please elaborate

  288. Syndace has left

  289. dwd

    Flow, If you can't use resume a session when authenticating using, say, EXTERNAL, the design is clearly wrong.

  290. arc has left

  291. dwd

    Since EXTERNAL is relying on (for example) a TLS certificate or session resumption, and HT-* is weaker, then by *allowing* HT-* you're weakening security.

  292. Flow

    well that was possible until you switched xep388 from chained SASL mechs to tasks

  293. dwd

    No, that's rubbish.

  294. Flow

    I'd say tha just HT-* is sufficently secure for some deployments, but if you want to use HT-* with a strong mech, then it should be possible to do this

  295. Ge0rG has left

  296. arc has joined

  297. dwd

    That does not make sense. HT-* *is* a SASL mechanism.

  298. dwd

    So why would you need to use it *with* anything else?

  299. Flow

    The initial idea of our SASL2 was to make it possible to chain multiple SASL mechs

  300. dwd

    No it wasn't. I know this because the initial idea was mine.

  301. Flow

    maybe your idea was different, but the first versions of SASL2 did make it possible to chain SASL mechs

  302. dwd

    The idea was to have an extensible SASL profile that could have secondary authentication includedm like 2FA. I thought (wrongly) these oculd be modelled as SASL mechanisms.

  303. Flow

    and I still think they should be

  304. Flow

    but that's mostly unrelaeted to this discussion I think

  305. dwd

    Well, I tried it, and they can't.

  306. Flow

    well maybe a sample of one is not enough

  307. arc has left

  308. jubalh has joined

  309. arc has joined

  310. Flow

    but back to the topic: ISR is now based on SASL HT-*, and if xep388 doesn't allow chained SASL mechs (maybe additional to tasks), then it's ISR with HT-*, or standard SM resumption without SASL HT-*

  311. dwd

    Well, that's rather my point - no it isn't. There's no reason why ISR needs to be tied to HT-*.

  312. Flow

    the only other mechanism suitable is probably EXTERNAL

  313. Flow

    I don't see the point in ISR + SCRAM

  314. Flow

    becasue then you could do simply standard SM resumption and SCRAM

  315. dwd

    Sure. But ISR+SCRAM will be substantially fewer round-trips.

  316. dwd

    Just one more, actually, than ISR+HT-*.

  317. Flow

    and I doubt if ISR+HT-* is substantially weaker then ISR+EXTERNAL

  318. Flow

    or any other mech

  319. dwd

    Flow, You're deluded if you think that's the case.

  320. Flow

    If the lifetime of the hashed token is limited?

  321. dwd

    HT-* is, at its core, just a hash of a plaintext token held on the server in the clear. That immediately means an attacker can obtain that token and use it, potentially.

  322. arc has left

  323. arc has joined

  324. dwd

    That's not a bad thing, because we can mitigate that with limited lifetime etc. But to think it offers the same level of security as a client certificate is really not right at all.

  325. Flow

    I think everything is off as soon as an attacker is able to obtain things from the service

  326. Zash

    dwd: an attacker with access to server internals?

  327. Flow

    of course, you could argue that an attacker possibly has only access to some server internals and so

  328. dwd

    Zash, an attacker with access to the database, probably. Typical breach. And yes, you could handwave over keeping the tokens out of persistent storage etc.

  329. Flow

    I hope that no one stores the HT-* in a database, should be small enough to hold it in memory

  330. jonasw


  331. Flow

    and probably something I should write into the I-D

  332. jonasw

    somebody will do that

  333. Flow

    jonasw, clustering doesn't automatically mean that you have to store the token in a db

  334. Ge0rG has left

  335. Flow

    but of course, somebody will do something unreasonable

  336. jonasw

    sure, but it may be the convenient choice

  337. Flow

    damn you, convenience

  338. dwd

    Flow, But anyway, the point is that if ISR works with *any* SASL mechanism in principle, then if HT-* is a problem we just use something else.

  339. Flow

    dwd, sorry didn't get the last part

  340. Flow

    If i'm not mistaken nothing in the current ISR ProtoXEP currently limits the mech to HT-*

  341. dwd

    Well, we need to fix that then.

  342. tux has joined

  343. Flow

    but of course, it's written with HT-* in mind

  344. Flow

    dwd, fix what?

  345. Flow

    I'm currently more worried how much more complex the SASL2-ISR combination is, compared to my initial ISR ProtoXEP…

  346. jonasw

    how many round-trips does ISR save if you use any other SASL mechanism?

  347. Flow

    Altough I believe in Holger to implement any complex beast in ejabberd :)

  348. jonasw

    i.e. what’s the difference to just resuming in that case?

  349. Flow

    jonasw, IIRC 1 round-trip

  350. Flow

    but I haven't counted recently

  351. Kev has left

  352. stefandxm has left

  353. arc has left

  354. arc has joined

  355. Syndace has left

  356. remko has joined

  357. arc has left

  358. arc has joined

  359. Ge0rG has left

  360. uc has joined

  361. arc has left

  362. arc has joined

  363. mimi89999 has joined

  364. alacer has joined

  365. Guus has joined

  366. jubalh has left

  367. Guus has left

  368. arc has left

  369. Guus has joined

  370. arc has joined

  371. Ge0rG has left

  372. Guus has left

  373. Guus has joined

  374. Guus has left

  375. Guus has joined

  376. Flow

    dwd, I think we talked past each other, for most of the time. Which made us didn't talk about what should happen if HT-* failes because of an experied token (my initial question). In that sense, it is probably different than most SASL mechs, in the sense that you could fallback to another SASL mech

  377. arc has left

  378. Tobias has joined

  379. arc has joined

  380. alacer has joined

  381. tux has joined

  382. lumi has joined

  383. stefandxm has joined

  384. remko has joined

  385. alacer has joined

  386. Ge0rG has left

  387. Flow

    prably the simplest approach would be "client knows that he just did a HT-* auth that failed, so let's retry (possible on a new connection) e.g. SCRAM"

  388. jere has left

  389. jere has joined

  390. Syndace has left

  391. Kev

    FWIW, I think dwd's right about just about everything above.

  392. Ge0rG has left

  393. Flow

    sure, was mostly a misunderstanding what ISR+SASL-MECH means. He was talking about using ISR with SASL-MECH, and I was talking about using ISR with SASL HT-* and SASL-MECH chained

  394. remko has joined

  395. alacer has joined

  396. Ge0rG has left

  397. arc has left

  398. arc has joined

  399. arc has left

  400. alacer has left

  401. arc has joined

  402. Syndace has joined

  403. Syndace has joined

  404. arc has left

  405. alacer has joined

  406. arc has joined

  407. Syndace has joined

  408. waqas has joined

  409. Syndace has joined

  410. ralphm has left

  411. tux has joined

  412. efrit has joined

  413. lovetox has joined

  414. Ge0rG has left

  415. uc has joined

  416. remko has joined

  417. arc has left

  418. arc has joined

  419. remko has joined

  420. la|r|ma has joined

  421. alacer has left

  422. Guus has left

  423. tux has joined

  424. Kev has left

  425. Kev has left

  426. la|r|ma has left

  427. la|r|ma has joined

  428. intosi has joined

  429. mimi89999 has left

  430. lskdjf has left

  431. lskdjf has left

  432. goffi has left

  433. goffi has joined

  434. dwd has left

  435. dwd has left

  436. alacer has joined

  437. ralphm has joined

  438. Guus has left

  439. Guus has joined

  440. Guus has left

  441. Guus has joined

  442. Guus has left

  443. Guus has joined

  444. Guus has left

  445. Guus has joined

  446. Guus has left

  447. Guus has joined

  448. Guus has left

  449. ralphm has left

  450. remko has joined

  451. Valerian has joined

  452. Guus has joined

  453. Guus has left

  454. remko has joined

  455. alacer has joined

  456. SamWhited has left

  457. alacer has joined

  458. daniel has left

  459. Guus has joined

  460. Tobias has joined

  461. Guus has left

  462. jere has left

  463. jere has joined

  464. Guus has joined

  465. arc has left

  466. arc has joined

  467. Guus has left

  468. Guus has joined

  469. Tobias has joined

  470. arc has left

  471. arc has joined

  472. uc has left

  473. valo has joined

  474. remko has joined

  475. Tobias has joined

  476. daniel has left

  477. daniel has joined

  478. Tobias has joined

  479. daniel has left

  480. daniel has joined

  481. Valerian has left

  482. daniel has left

  483. daniel has joined

  484. lskdjf has left

  485. lskdjf has left

  486. alacer has joined

  487. efrit has left

  488. lskdjf has left

  489. stefandxm has left

  490. remko has joined

  491. efrit has joined

  492. lskdjf has left

  493. daniel has left

  494. lskdjf has left

  495. jubalh has joined

  496. efrit has left

  497. Valerian has joined

  498. efrit has joined

  499. mimi89999 has joined

  500. alacer has joined

  501. alacer has left

  502. alacer has joined

  503. efrit has left

  504. arc has left

  505. arc has joined

  506. intosi has joined

  507. arc has left

  508. arc has joined

  509. alacer has left

  510. Kev has left

  511. remko has joined

  512. stefandxm has joined

  513. lskdjf has joined

  514. efrit has joined

  515. intosi has left

  516. lskdjf has left

  517. ralphm has joined

  518. intosi has joined

  519. lskdjf has left

  520. Guus has left

  521. jubalh has left

  522. lskdjf has left

  523. arc has left

  524. arc has joined

  525. SamWhited has left

  526. remko has joined

  527. arc has left

  528. arc has joined

  529. lskdjf has joined

  530. arc has left

  531. arc has joined

  532. daniel has joined

  533. lskdjf has left

  534. arc has left

  535. Guus has joined

  536. lskdjf has left

  537. sezuan has joined

  538. arc has joined

  539. daniel has left

  540. Guus has left

  541. Guus has joined

  542. Guus has left

  543. Guus has joined

  544. daniel has joined

  545. Syndace has joined

  546. Guus has left

  547. lskdjf has joined

  548. jubalh has joined

  549. remko has joined

  550. daniel has left

  551. lskdjf has left

  552. Guus has joined

  553. sezuan has left

  554. lskdjf has left

  555. Guus has left

  556. Guus has joined

  557. sezuan has joined

  558. lovetox has left

  559. lovetox has joined

  560. Valerian has left

  561. Valerian has joined

  562. jubalh has left

  563. daniel has joined

  564. Guus has left

  565. Guus has joined

  566. lskdjf has joined

  567. Guus has left

  568. waqas has left

  569. Guus has joined

  570. Guus has left

  571. jubalh has joined

  572. alacer has joined

  573. Guus has joined

  574. Guus has left

  575. valo has joined

  576. remko has joined

  577. intosi has joined

  578. dwd has left

  579. jubalh has left

  580. Guus has joined

  581. alacer has joined

  582. arc has left

  583. dwd has left

  584. arc has joined

  585. Guus has left

  586. daniel has left

  587. arc has left

  588. daniel has joined

  589. arc has joined

  590. Tobias has joined

  591. Guus has joined

  592. arc has left

  593. arc has joined

  594. arc has left

  595. arc has joined

  596. Guus has left

  597. remko has joined

  598. jubalh has joined

  599. dwd has left

  600. dwd has left

  601. dwd has left

  602. dwd has left

  603. mimi89999 has left

  604. dwd has left

  605. dwd has left

  606. intosi has joined

  607. dwd has left

  608. dwd has left

  609. efrit has left

  610. remko has joined

  611. efrit has joined

  612. jubalh has left

  613. sonny has joined

  614. Flow has left

  615. arc has left

  616. arc has joined

  617. pep.

    hmm, I was wondering about Consistent Color Generation. I remember we were talking about XHTML-IM styles/colors the other day, I suppose it's the same issue here? edhelas

  618. pep.

    (i.e., doesn't fit in the color theme)

  619. intosi has left

  620. Guus has joined

  621. intosi has joined

  622. mark.erd has joined

  623. remko has joined

  624. mark.erd has left

  625. mark.erd has joined

  626. goffi has left

  627. arc has left

  628. arc has joined

  629. Guus has left

  630. mark.erd has left

  631. mark.erd has joined

  632. arc has left

  633. arc has joined

  634. intosi has left

  635. mark.erd has left

  636. arc has left

  637. lumi has left

  638. Guus has joined

  639. jjrh has left

  640. arc has joined

  641. Guus has left

  642. Guus has joined

  643. arc has left

  644. arc has joined

  645. remko has joined

  646. Guus has left

  647. Guus has joined

  648. arc has left

  649. arc has joined

  650. ralphm has left

  651. intosi has joined

  652. tux has joined

  653. Syndace has left

  654. Tobias has joined

  655. emxp has joined

  656. jjrh has left

  657. edhelas

    is there a place where I can find a proper way to detect if a JID is valid or not ?

  658. Guus has left

  659. Guus has joined

  660. mathieui

    the RFC? :p

  661. pep.


  662. dwd has left

  663. pep.

    I don't know of tools doing that

  664. edhelas

    sure, but is there some nice PRECIS/regex thing that I can reuse ?

  665. pep.

    I don't think it's a one regex job :x

  666. pep.

    But I've never ever read it. Maybe implementations have examples

  667. pep.

    But I've neven ever read it. Maybe implementations have examples

  668. edhelas

    https://github.com/movim/movim/issues/492 got that, don't know how to fix it

  669. pep.

    But I've never even read it. Maybe implementations have examples

  670. Valerian has left

  671. pep.

    I think I linked a lib doing PRECIS in php the other day

  672. pep.

    https://github.com/tom--/precis I don't know how compliant that is though

  673. dwd has left

  674. dwd has left

  675. tim@boese-ban.de has joined

  676. dwd has left

  677. dwd has left

  678. sezuan has left

  679. dwd has left

  680. Kev has left

  681. dwd has left

  682. Valerian has joined

  683. uc has joined

  684. dwd has left

  685. edhelas has left

  686. edhelas has joined

  687. dwd has left

  688. dwd has left

  689. intosi has left

  690. dwd has left

  691. debacle has joined

  692. efrit has left

  693. intosi has joined

  694. intosi has left

  695. efrit has joined

  696. jubalh has joined

  697. mimi89999 has joined

  698. intosi has joined

  699. Guus has left

  700. intosi has left

  701. Guus has joined

  702. Guus has left

  703. Guus has joined

  704. jere has left

  705. zinid has left

  706. arc has left

  707. arc has joined

  708. daniel has left

  709. daniel has joined

  710. Guus has left

  711. Guus has joined

  712. jubalh has left

  713. Guus has left

  714. jubalh has joined

  715. lovetox has left

  716. Guus has joined

  717. intosi has joined

  718. remko has joined

  719. sonny has left

  720. sonny has joined

  721. intosi has left

  722. Guus has left

  723. Guus has joined

  724. Valerian has left

  725. Valerian has joined

  726. Steve Kille has left

  727. Guus has left

  728. Steve Kille has left

  729. Guus has joined

  730. dwd has left

  731. remko has joined

  732. Guus has left

  733. Guus has joined

  734. Valerian has left

  735. dwd has left

  736. tux has left

  737. tux has joined

  738. Valerian has joined

  739. arc has left

  740. arc has joined

  741. arc has left

  742. arc has joined

  743. dwd has left

  744. dwd has left

  745. arc has left

  746. daniel has left

  747. daniel has joined

  748. arc has joined

  749. dwd has left

  750. dwd has left

  751. dwd has left

  752. lskdjf

    edhelas, why would a client need to validate jids (perfectly)? the client would only need to forward everything to the server and let the validation be done there. There is the point that it might be convinient to show a user that what they are doing definitly won't work, but that check mainly should not have false negatives - false positives aren't so bad because the server will detect them. so in practice .+@.+ should work fine...

  753. dwd has left

  754. dwd has left

  755. dwd has left

  756. dwd has left

  757. dwd has left

  758. remko has joined

  759. dwd has left

  760. arc has left

  761. arc has joined

  762. dwd has left

  763. Syndace has joined

  764. dwd has left

  765. dwd has left

  766. dwd has left

  767. Guus has left

  768. Guus has joined

  769. SamWhited

    edhelas: I've got a validator you can use somewhere if you still need one. I'll seems it your way when I'm next at my desk.

  770. dwd has left

  771. dwd has left

  772. efrit has left

  773. Guus has left

  774. dwd has left

  775. jere has joined

  776. Guus has joined

  777. daniel has left

  778. la|r|ma has joined

  779. Guus has left

  780. Guus has joined

  781. vanitasvitae has joined

  782. efrit has joined

  783. debacle has left

  784. efrit has left

  785. remko has joined

  786. dwd has left