SyndaceSo, starting off a topic that might be even worse than banning someone: Why is the discussion about omemo completely silent? I remember a few weeks (months?) ago someone wrote a mail asking about a technical change in the protocol to move from a signal-only technique to some wide-spread alternative and I was really hyped to contribute to this discussion but then nobody replied and the thread just died.
So what's the thing about omemo? Why is there no heated discussion? I see two pull requests in the xsf repo just gathering dust.
SyndaceOh I should add I have'nt read the chats in about two weeks, I may have missed something recently.
FlowWhat Holger said. Besides Zinids choice of words, I did not notice him insulting someone.
FlowSyndace, I guess there current OMEMO implementations are happy with they way they are
FlowAt least I have no incentive to work on an OMEMO-NEXT which just changes a crypto primitive for another one, when I think the current primitive is perfectly fine for all use cases.
Steve KilleI thought that Ralph made a good call here
SyndaceHuh, that answer is not satisfying. The current stadard just tells people to use lib signal without having any actual alternative or even knowing the insides of the protocol. I thought the goal was to move away from libsignal asap, as it is GPL3'd and not maintained by us. If we ever decide to change something about omemo that does not comply to the way lib signal currently works we have a lot of trouble.
FlowSteve Kille, I think the ban was at least borderline. Asking someone to be polite, sure. But otherwhise people could just "/ignore Zinid"
ralphmI don't understand. There's a difference between a protocol and a library in terms of licensing.
ralphmFlow: FWIW, I already lifted the ban
FlowSyndace, That is why we had Andy's PR which was an attempt to move away from "protobufs as libsignal does them" towards "those are the fields and this is how we put them into XML"
ralphmIf he keeps it up, though, I'll waste not so many words as yesterday.
Flowralphm, yeah, there is a difference between a protocol and a library in terms of license, but the fact that all libsignal impls are GPL'ed was brought up again and again
Flowit was especially XEdDSA which is part of libsignal
ralphmSure. So either someone does a clean room implementation with a different license, or something new happens. This is nothing new?
Flowralphm, yeah, but why make something new if XEdDSA is an open specification
ralphmWe've marked specifications as 'historical' instead of 'standard' before for reasons like that.
ralphmFlow: I agree. But then the only obstacle is, well, doing something?
Flowralphm, I'm sorry, only had my first cup of coffee, I can't follow
SyndaceFlow, not something new but something that is included in 90% of all crypto-libraried you can find in the wil
Syndaceinstead of something that does the same and has just one single implementation out there
FlowSyndace, there are multiple
ralphmFlow: my point is that a library license is not necessarily interesting for defining a protocol. It might be for adoption, though. If someone cares enough, that problem goes away. If people just keep complaining instead, it doesn't.
Flowralphm, I think you are saying what I've been saying the whole time
ralphmI happy to be in violent agreement.
SyndaceFlow, are you sure it's not all just ports of the singal implementation? I'm having a hard time finding another one on google.
FlowBut unfortunately, the unwritten (?) "there can only be once experimental XEP for $foo" philosophy has stopped the effort to standardize OMEMO based on the open signal specifications
FlowSyndace, it's still multiple implementations, no?
danielSyndace: do you have stakes in this? Do you maintain a client or something? If so implement something, spec something and propose this
danielIn my experience change does come from discussing things to dead but from implementing and specing it out
Flow"change does come from discussing things", hehe if that where true we had a long of change in XMPP-land ;)
Flowyeah, but daniel is essentialy right, to many specs, and that includes MIX, make to much spec progress without an accompaning impl
danielDann it i can't type. I need coffee
ralphmFlow: I don't recall such a policy. We've had multiple competing experimentals at a time before.
Flowdaniel, hmm, well but I think the basics of OX are far less complex than e.g. MIX or OMEMO
Syndacedaniel, agreed, altough one of the pr's already includes the change I'm proposing.
So what do you all think:
If I publish a library which does omemo encryption without xeddsa first and THEN try to start the discussion again, will it change things and be more likely to actually move away from libsignal?
Flowand there are at least two prototypcial impls I'm aware of
ralphmin fact most of the current building blocks have had multiple different proposals. Disco (Browse, Agents), PubSub, Jingle (SI).
Flowbut yes, more OX impls for the greater good!
ralphmUsually the driving force should be _running code_
Flowralphm, then we can continue working on what Andy proposed?
ralphmI don't think anyone can (or would want to) block working on competing standards.
ralphmFor interop, though, eventually, one should prevail.
FlowCool, then we could also start work on a MIX competitor
daniel> daniel, hmm, well but I think the basics of OX are far less complex than e.g. MIX or OMEMO
Sure. I just meant to say it's not implemented
Flowhands daniel a virtual cop of coffee while he gets a physical one for himself
ralphmYou wouldn't be the first. The Erlang Solutions people have worked on MUC Light. I personally think that MIX is the way to go to eventually.
ralphmMIX is of course comprehensive and there are a lot of moving parts before getting there.
ralphmMaking more focused protocols is always easier.
Flowralphm, yep, the MUC light situation come to my mind too. And I agree that ideally everyone would be working on the same thing. But for such a crucial building block as persisent groupchat, I wouldn't want to bet all my money on a single horse
ralphmThe thing I like about MIX most are a) relating occupants on bare JIDs, b) persistent occupancy, even if not online, c) extensible orthogonal streams
danielFlow, i'm personally came to believe that forward secrecy is totally unnecessary and kills UX and I would prefer something like OX actually. but I don't want to be the single driving force for something like this again. plus I lot of the change i'm trying to push with OMEMO (like proper access control on pubsub) will benefit OX as well.
ralphmMy pet peeve about, for example, Slack, is integrations messing up conversation in the same channel. With MIX an integration would be on a separate node, and a client can make choices on how to represent such streams in a different way.
Flowdaniel, good to hear that you would probably be interessted in OX for Conversations. I plan to do a OX sprint around march next year (our research project has an evaluation in january, so most people are panicing and there is a lots of stuff to do until then)
Flowdaniel, lovetux also wanted to improve they way keys are announced and stored
danielwith a meta note?
Flowso waiting after that has been spec'ed may be a good idea
Flow(given we talk about the same meta node approach)
danielthe real issue by the way is that we have to retrieve all pep notifications again and again on every login (instead of them landing in MAM for example) - meta or not that a lot of traffic
Flowdaniel, you can configure PubSub nodes to not do that
daniela login on my personal device with tens of people having avatars and omemo is really really expensive these days
Flow(see my discussion in here with lovetux a few days ago)
danielFlow, will they be sent instead (and sent to mam) even if i'm offline?
danielbecause just not receiving updates at all doesn't solve the situation
ralphmPEP is just a profile of PubSub with very specific use cases. If you want other behaviour for nodes-on-user-accounts, that's totally fine.
ralphmAnd of course they can integrate just fine with MAM
danielralphm, a) i know b) tell that to the prosody developers :)
Flowdaniel, you want to search xep60 for pubsub#send_last_published_ite
Flowdaniel, I think so
Flow(not sure about MAM, probably depends on the MAM service impl)
danielin any case; making pep a proper pubsub child (in the implementations) and being able to configure something like access control and send_last_published_item and also storing them in MAM is some good preperation that OX, OMEMO and OMEMO-NEXT can all benefit from
danielthus far we haven't even managed to make publish_options work on all servers
danielat least we are getting there with ejabberd now
Flowdaniel, right but thats a spec vs impl thing
Flowthe only thing we can do from the spec side is to ensure that the required baseline profile is as minimalistic as possible
Flow(looking at you MIX)
Flowand that baseline should be ideally able to fullfil >85% of the use cases
danielFlow, yes sure. but I like to implement things in Conversations that will actually work so I need server side implementations
danielbesides having access control would allow us to move bookmarks into pep and get other clients notified if one client changes things. imagine how great that would be if we could sync bookmarks across multiple devices in the year 2018
Flowdaniel, absolutely comprehensible
Flowjust noticed that at next Summit/FOSDEM, drumpf will be president for >1 y
zinid> I think the ban was at least borderline
you cannot ban anyone in XMPP :)
zinidand ignoring is not implemented, so, deal with it ;)
Flowzinid, peozio supports /ignore (although I've never used it, and don't plan to do so)
fippois there a new presence subscription spam wave?
fippoword + three digits as username... now sure if there is a pattern in the resource but i would not expect any
Alexyes, same pattern here
Steve Killehas left
GuusI appear to be on a different list then
MattJGe0rG, master of all things XMPP 2.0, should headline/normal messages be archived?
Ge0rGMattJ: yes/no in my current opinion, but this is subject to other factors I haven't thought through yet
MattJI'd have thought yes/no if both would be different
MattJheadline is defined as transient, no offline storage, etc.
Ge0rGMattJ: right, no/yes
MattJOk, we both made the same typo, that's ok then :)
Ge0rGMattJ: but it would make sense to decouple persistence from type
danielwouldn't the full jid / bare jid approach work as well?
Ge0rGdaniel: yes, it's my preferred approach
jonaswGe0rG, I heard you on council now ;-)
MattJBut until we can find a sensible transition path to full/bare, I'm sadly living in reality
Ge0rGI've also updated my slide deck with the rfc routing rules, as those are complex enough already
danielMattJ, if that's about 0313 i wouldn't touch the rules regarding headline
danielfor now at least
jonaswcould we change 0313 to the full/bare thing sensibly after it moving to draft?
jonaswit is based on message types currently, I think that could be considered as a breaking change
Ge0rGMattJ: can we change the MAM response message type to headline please?
MattJBut the MAM responses are sent to the full JID :)
MattJjonasw, don't worry, I'm not planning on coding any rules into XEP-0313 (which is currently intentionally very light on rules)
MattJother than I think we all agree that groupchat shouldn't be archived
Ge0rGBut there are servers in the reality you just mentioned that will reroute full JID normal messages
MattJwhich are those?
MattJbecause I thought that was in the spec
Ge0rGMattJ: ejabberd, because it broke message delivery for Gajim users
MattJ6120 says: "If the JID contained in the 'to' attribute is of the form <localpart@domainpart/resourcepart> and the user exists but there is no connected resource that exactly matches the full JID, the stanza SHOULD be processed as if the JID were of the form <localpart@domainpart>"
Ge0rGI'm sure we are going to experience funny effects with MAM MUC queries on ejabberd
> So I've updated the "XMPP broken" presentation slides, including a screenshot. https://op-co.de/tmp/whats-wrong-with-xmpp-2017.pdf
MattJOk, this section is more detailed: https://xmpp.org/rfcs/rfc6121.html#rules-localpart-fulljid
Ge0rGThere is a table of the relevant cases
MattJWhat's the case for MAM results having type="headline"?
Ge0rGMattJ: the ejabberd inconsistency and also that headline messages are ephemeral
MattJI'm not updating the spec for an implementation bug
MattJand I agree that in hindsight, headline has cleaner semantics for these messages, but is it worth another namespace bump?
danielMattJ, are you going to accept my PR so jonasw can merge it before we are getting caught up in trying to fix $everything?
MattJdaniel, yes, sure
danielMattJ, Ge0rG maybe put the headline thing on a todo in case we will do another ns bump anyway for some other reason
MattJFWIW I started this conversation with an innocent question that is not at all related to updating XEP-0313
jonaswwhat about todo lists in XML comments in the xep files themselves?
MattJI'm working on code at the moment
MattJjonasw, that happens to be what I do locally :)
danielregarding the headline thing; I would like to have a situation where pep publish notifitcation messages can go to mam but the resend on login messages don't
danieli'm not sure if they are addressed to bare-jid / full-jid respectively
Ge0rGMattJ, daniel: I'm not sure we really need a namespace bump for the type change. Most client implementations don't care about it anyway
MattJMost? What about the ones that do? :)
Ge0rGMattJ: those haven't implemented MAM anyway yet? 😁
Ge0rGOkay, I have no idea which clients explicitly filter on message type.
Ge0rGAnd you really don't want MAM responses to end up in offline storage, do you?
MattJNo, but as I understand it, that will only happen on ejabberd due to a bug
MattJand even then, it's not the end of the world
MattJIf the client uses queryid, it won't get confused, and will just ignore them
Ge0rGMattJ: a server implementation can store incoming normal messages to offline as well
MattJThat's not what your table says
MattJ6121: "For a message stanza of type "normal", "groupchat", or "headline", the server MUST either (a) silently ignore the stanza or (b) return an error stanza to the sender, which SHOULD be <service-unavailable/>. "
daniel> regarding the headline thing; I would like to have a situation where pep publish notifitcation messages can go to mam but the resend on login messages don't
maybe that's more of an argument to make pubsub publish messages type=normal
maybe headline should never be stored anywhere. else we will loose the difference between normal and headline
Ge0rGMattJ: what does prosody do?
Ge0rGMattJ: oh, you are right
Ge0rGI think we need a new message type 'system'...
MattJGe0rG, let's not talk about Prosody :)
MattJ(looks like it treats chat/normal the same here)
Ge0rGThough I must admit it probably won't happen in this universe
MattJand in my head, they were equivalent, and only headline was not stored
Ge0rGMattJ: I'm already glad I took the time to make this table
MattJBut it's a trivial fix
Ge0rGMattJ: it will break users' expectations
MattJNo, because no users use type=normal :)
MattJand if they do, they have expectations of it breaking
Ge0rGMattJ: you can ask Holger, he fixed it as well, and had to revert almost immediately
Ge0rGMattJ: users have no idea about message type
Ge0rGMattJ: all they care about is that suddenly prosody broke message delivery
MattJWhat clients other that Gajim and Psi allow you to send type=normal?
Ge0rGMattJ: I have no idea
goffiSàT allows it and use normal messages
MattJSo three clients so far. How many of those will send type=normal to the full JID?
goffi(haven't read the whole log, just the last few lines, so I'm not sure what this is about)
MattJgoffi, the spec says that type=normal to a full JID should not be stored as an offline message
MattJif the resource is offline
goffiit's technically possible to send to full jid from SàT using command line, but I don't think there is a reason why a user would do that.
Ge0rGMattJ: gajim was accidentally sending normal to full JID.
goffibut I though only headline message were not stored offline?
MattJgoffi, "I don't think there is a reason why a user would do that" - https://xkcd.com/1172/
MattJgoffi, I thought that too (and Prosody does that)
MattJBut seems we were all wrong
MattJGe0rG, ok, surely that must be in the case that the recipient is online?
MattJGe0rG, don't tell me it sends to a full JID when they are offline
MattJ-> I'm curious what Holger fixed, and how it was noticed so quickly
goffiMattJ: forgot this one :D
goffifor the record there is an experimental plugin in SàT which allows to send and read messages through an email client (MUA), and this is case message of type "normal" can be filtered to be only readable from email client.
Ge0rGMattJ: it doesn't matter whether the user is offline at the time of sending because RACE CONDITIONS!!!1!
MattJGe0rG, yes, but this race condition wouldn't happen that often
Ge0rGMattJ: please ask Holger for the details, and maybe also lovetox
Ge0rGMattJ: I know Holger linked to the revert commit in here, some weeks ago, but I'm on my mobile now, and haven't implemented search yet
Flowwhy is it so important what MAM services store, isn't it more important what they return on a query?
MattJThey can't return stuff they don't store
MattJand there is a cost to storing *everything*
FlowI can see that groupchat messages should not be returned on normal client catch-up, but does that automatically mean xep313 must forbid services storing them?
MattJGiven that nowadays we're into replicating everything to every client, the optimal path is that everything we want on every client is what is stored
MattJand what we don't want on every client is not stored
FlowMattJ, of course there is a cost, but I want total freedom for MAM services regarding what to store
MattJThen what you're asking is for the MAM service to be able to store stuff that is "hidden" from a default query
MattJI think that would be fine
Ge0rGFlow: that's exactly what I wrote to the ML yesterday
FlowMattJ, not strictly, but yes
FlowI believe the construction site should be the MAM query mechanism, not the archiving rules
FlowAlthough I also don't like the current MAM version to require services to store groupchat messages
Ge0rGI'm not sure if the wording in the XEP speaks about what's stored or what's returned, but there's some room for a xep that stores more and provides an extension to query for that
Ge0rGUnless we can make MUC work on an account, kind of like MIX light, there is no way for account local MUC archives
MattJFlow, the current version doesn't require that
MattJOh wait, it does
FlowMattJ, A server SHOULD also include messages of type 'groupchat' that have a <body>
MattJYeah, sorry, that's what we discussed on the list
MattJI'm still surprised at that text :)
FlowMattJ, no worries, $stuff's complicated
MattJDaniel made a PR to fix it anyway
MattJso it'll be gone soon
FlowMattJ, IIRC Daniel PR no requires MAM services to not store groupchat messages
Flowwhich is also not good IMHO
FlowBut you should now best, because you just approved it ;)
MattJI think what you want is sensible, but shouldn't be part of the default query
FlowA server SHOULD NOT include messages of type 'groupchat' in a user archive
MattJso in a sense the spec should separate the idea of storing something, from returning it in a query
MattJI'm totally fine with that, just figuring out how to cleanly word that will be tricky
Ge0rGMattJ: yes please
MattJI'm currently working on restructuring Prosody's message delivery code to make XMPP 2.0 stuff easier (this is the ongoing side project that includes the rewrite of mod_smacks)
MattJI'm fed up of missing messages from my wife because my phone battery was flat, and they got "successfully delivered" to poezio, which is online 24/7
marcWhat's XMPP 2.0?
MattJPretend I said something else
Ge0rGMattJ: and this is why I'm using a separate account for my family communication for many years already
jonaswmarc, "Message Routing 2.0" is probably a more accurate term
jonaswmarc, there are a few issues with how XMPP message routing behaves with multiple clients online on the same account at different or the same times
MattJjonasw, but what a mouthful. We need a marketing term :)
jonaswMattJ, sure, but we don’t need to market to marc, I think :)
marcjonasw, ah okay, is this a XEP?
jonaswmarc, not yet
jonaswmarc, there’s some info on the wiki: https://wiki.xmpp.org/web/XMPP_2.0
jonasw(which may be slightly outdated)
jonaswand also a bunch of discussion on the mailinglist
Ge0rGAnd my slide deck
MattJmarc, most comprehensive source of information is: https://op-co.de/tmp/whats-wrong-with-xmpp-2017.pdf
marcjonasw, MattJ thanks!
MattJmarc, "XMPP 2.0" isn't anything formal, and doesn't exist. We're just doing some review of where we are, and where we are going, and what feasible changes we can make to the protocol to make everyone's lives easier
MattJBack when XMPP/Jabber began, most of the popular IM networks would disconnect you from one location if you logged on from a new location
MattJXMPP supported multiple connections long before everyone had smartphones, laptops, etc.
MattJand back then, it aimed to do clever things like figure out which device you wanted to receive messages on
zinidNow this is not required and even detrimental
marcMattJ, I understand and I'll read the slides etc. to be up-to-date, thanks :)
FlowMattJ, I always wonder if that priority based routing was clever even 10 years ago
FlowOr what that rationale for that back then was
Ge0rGmarc: ping me if you have questions about the slides. I gave them to a nerd friend recently and had to realize they are not meant for people without really deep understanding of XMPP
marcGe0rG, will do :)
ralphmFlow: the idea back then didn't take into account ubiquitous mobile devices
ralphmIt was assumed that whole you might have multiple simultaneous connections, you'd always want messages to arrive in one of them, your 'current' one.
Ge0rGAnd thus "most avaliable non negative presence" was born.
ralphmThe assumption now is that you basically want chat-like messages to arrive on all devices, with history, and proper distributed read markers
jonasw"and it was good" no wait
ralphmSo yeah priority is mostly useless now
KevI don't think the priority-based routing was actually a good idea, but I'm sure it seemed one at the time, a decade before that use case came about.
ralphmI'm still not sure about aggregate availability / show presence.
KevIn which way? I think that individual devices having a different status message is unhelpful for most use cases these days.
ralphmI could imagine using priority for that exclusively
KevTo the point that I'm sorely tempted we (non-formally) deprecate status messages, and just shove something in PEP.
ralphmSure, Slack has per account status and 'snooze'
ralphmMaking it explicit that way seems the way to go
KevAggregating status locally is easy enough, I think.
KevBut messages are harder.
KevI don't think it's a hardship for a receiving client to see two auto-away, one available, so mark the contact as available.
Kev(Although it's not how we'd design it if we were starting again)
daniel> contracts shouldn't be able to choose what happens to my archive
Kev: I'm not really sure how this would look like. Even if we change to a full jid / bare jid approach it's ultimately up to the sender to make that decision
Ge0rGI'm also in favor of aggregate presence status, but we don't need to throw everything over for that
Kevdaniel: I'd like to make a fuller response Monday, I just noticed the PR and wanted to leave a holding message to stop it getting merged until I'm working again after the weekend.
ralphmI think we should be precise and not talk about 'presence'
Ge0rGralphm: feel free to provide a better glossary
ralphmRather about availability-presence, user status and such
KevBut, basically, telling an archive server that someone sending me a message gets to override the rules of my server policy has to be obeyed isn't helpful in most cases. I'm happy with (more loosely than you're doing) excluding groupchat from default access, but the <store/> thing needs more care.
KevMore Monday :)
ralphmAvailability still has use cases, even beyond chat
KevGe0rG: I would still like to work with you on XEPpifying these thoughts (although I'll do it on my own if you're still not keen).
ralphmSlack status is much like user mood and user activity conflated
Ge0rGKev: I'm not opposed, I just still think it's too early
Kevralphm: And I think more matches what the typical use case needs.
ralphmI.e. you pick an emoji and a status message to go with it
KevBut Slack still does presence.
Ge0rGThere is a good case for dnd at least
KevI think in XMPP we could easily codify something here that makes slackishness work, along with other use cases, without needing to throw baby out with the bathwater.
ralphmBut do note that Slack also has binary availability (green or dark icon) as well as snooze indicator. The latter is per account, and I assume the former is simply a logical or.
KevI think <status/> is going to be a victim in this.
ralphmIndeed, as well as show
KevI think we keep show.
Ge0rGBut but but but I want custom text status, or at least Emoji
KevBut I think we codify some rules of how to do a trinary logical or on it.
ralphmGe0rG: please read again
KevGe0rG: Yes, but I don't think <status/> is fit for that per-account use. I think we PEP that.
ralphmWe'd move this to a PEP nice
ralphmLike User Mood and User Activity XEPs
KevAnd probably replacing both, if we're honest.
KevWell, or combining both.
Ge0rGKev: persistent or ephemeral pep?
KevIf we changed User Mood into an emoji :D
ralphmWithout predefined items
ralphmEven though they are extensible
Ge0rGKev: I think I still have some junk in my pep (different account) from a client that I tried some years ago
KevI've added to my list of things I need to cover in the xmpp2.0-not-called-xmpp2.0 Informational XEP.
KevMy intention is to write a XEP summarising Ge0rG's slidedeck, together with our current best guess on how we'll approach solving it.
KevMostly so that we have this tracked in some way that the XSF's process understands.
KevRight, I'm going back to hiding my XMPP and Mail clients again :)
ralphmI guess we can fill those summit days easily
Steve Killehas left
Steve Killehas left
Steve Killehas left
Steve Killehas left
Steve Killehas left
Steve Killehas left
moparisthebestDoes anyone use haproxy for xep368 or anything using alpn?