XSF Discussion - 2017-11-25

So, starting off a topic that might be even worse than banning someone: Why is the discussion about omemo completely silent? I remember a few weeks (months?) ago someone wrote a mail asking about a technical change in the protocol to move from a signal-only technique to some wide-spread alternative and I was really hyped to contribute to this discussion but then nobody replied and the thread just died. So what's the thing about omemo? Why is there no heated discussion? I see two pull requests in the xsf repo just gathering dust.

Oh I should add I have'nt read the chats in about two weeks, I may have missed something recently.

What Holger said. Besides Zinids choice of words, I did not notice him insulting someone.

Syndace, I guess there current OMEMO implementations are happy with they way they are

*the current

At least I have no incentive to work on an OMEMO-NEXT which just changes a crypto primitive for another one, when I think the current primitive is perfectly fine for all use cases.

I thought that Ralph made a good call here

Huh, that answer is not satisfying. The current stadard just tells people to use lib signal without having any actual alternative or even knowing the insides of the protocol. I thought the goal was to move away from libsignal asap, as it is GPL3'd and not maintained by us. If we ever decide to change something about omemo that does not comply to the way lib signal currently works we have a lot of trouble.

Steve Kille, I think the ban was at least borderline. Asking someone to be polite, sure. But otherwhise people could just "/ignore Zinid"

I don't understand. There's a difference between a protocol and a library in terms of licensing.

Flow: FWIW, I already lifted the ban

Syndace, That is why we had Andy's PR which was an attempt to move away from "protobufs as libsignal does them" towards "those are the fields and this is how we put them into XML"

If he keeps it up, though, I'll waste not so many words as yesterday.

ralphm, yeah, there is a difference between a protocol and a library in terms of license, but the fact that all libsignal impls are GPL'ed was brought up again and again

it was especially XEdDSA which is part of libsignal

Sure. So either someone does a clean room implementation with a different license, or something new happens. This is nothing new?

IIRC

ralphm, yeah, but why make something new if XEdDSA is an open specification

We've marked specifications as 'historical' instead of 'standard' before for reasons like that.

Flow: I agree. But then the only obstacle is, well, doing something?

ralphm, I'm sorry, only had my first cup of coffee, I can't follow

Flow, not something new but something that is included in 90% of all crypto-libraried you can find in the wil

wild*

instead of something that does the same and has just one single implementation out there

Syndace, there are multiple

Flow: my point is that a library license is not necessarily interesting for defining a protocol. It might be for adoption, though. If someone cares enough, that problem goes away. If people just keep complaining instead, it doesn't.

ralphm, I think you are saying what I've been saying the whole time

I happy to be in violent agreement.

I'm

Flow, are you sure it's not all just ports of the singal implementation? I'm having a hard time finding another one on google.

But unfortunately, the unwritten (?) "there can only be once experimental XEP for $foo" philosophy has stopped the effort to standardize OMEMO based on the open signal specifications

Syndace, it's still multiple implementations, no?

Syndace: do you have stakes in this? Do you maintain a client or something? If so implement something, spec something and propose this

In my experience change does come from discussing things to dead but from implementing and specing it out

*doesn't

"change does come from discussing things", hehe if that where true we had a long of change in XMPP-land ;)

yeah, but daniel is essentialy right, to many specs, and that includes MIX, make to much spec progress without an accompaning impl

*cough* OK

OX

Dann it i can't type. I need coffee

Flow: I don't recall such a policy. We've had multiple competing experimentals at a time before.

daniel, hmm, well but I think the basics of OX are far less complex than e.g. MIX or OMEMO

daniel, agreed, altough one of the pr's already includes the change I'm proposing. So what do you all think: If I publish a library which does omemo encryption without xeddsa first and THEN try to start the discussion again, will it change things and be more likely to actually move away from libsignal?

and there are at least two prototypcial impls I'm aware of

in fact most of the current building blocks have had multiple different proposals. Disco (Browse, Agents), PubSub, Jingle (SI).

but yes, more OX impls for the greater good!

Usually the driving force should be _running code_

ralphm, then we can continue working on what Andy proposed?

I don't think anyone can (or would want to) block working on competing standards.

For interop, though, eventually, one should prevail.

Cool, then we could also start work on a MIX competitor

> daniel, hmm, well but I think the basics of OX are far less complex than e.g. MIX or OMEMO Sure. I just meant to say it's not implemented

You wouldn't be the first. The Erlang Solutions people have worked on MUC Light. I personally think that MIX is the way to go to eventually.

MIX is of course comprehensive and there are a lot of moving parts before getting there.

Making more focused protocols is always easier.

ralphm, yep, the MUC light situation come to my mind too. And I agree that ideally everyone would be working on the same thing. But for such a crucial building block as persisent groupchat, I wouldn't want to bet all my money on a single horse

The thing I like about MIX most are a) relating occupants on bare JIDs, b) persistent occupancy, even if not online, c) extensible orthogonal streams

Flow, i'm personally came to believe that forward secrecy is totally unnecessary and kills UX and I would prefer something like OX actually. but I don't want to be the single driving force for something like this again. plus I lot of the change i'm trying to push with OMEMO (like proper access control on pubsub) will benefit OX as well.

My pet peeve about, for example, Slack, is integrations messing up conversation in the same channel. With MIX an integration would be on a separate node, and a client can make choices on how to represent such streams in a different way.

daniel, good to hear that you would probably be interessted in OX for Conversations. I plan to do a OX sprint around march next year (our research project has an evaluation in january, so most people are panicing and there is a lots of stuff to do until then)

daniel, lovetux also wanted to improve they way keys are announced and stored

in OX?

yep

with a meta note?

so waiting after that has been spec'ed may be a good idea

yep

(given we talk about the same meta node approach)

the real issue by the way is that we have to retrieve all pep notifications again and again on every login (instead of them landing in MAM for example) - meta or not that a lot of traffic

daniel, you can configure PubSub nodes to not do that

a login on my personal device with tens of people having avatars and omemo is really really expensive these days

(see my discussion in here with lovetux a few days ago)

Flow, will they be sent instead (and sent to mam) even if i'm offline?

because just not receiving updates at all doesn't solve the situation

PEP is just a profile of PubSub with very specific use cases. If you want other behaviour for nodes-on-user-accounts, that's totally fine.

And of course they can integrate just fine with MAM

ralphm, a) i know b) tell that to the prosody developers :)

MattJ: ^

:D

daniel, you want to search xep60 for pubsub#send_last_published_ite

m

daniel, I think so

(not sure about MAM, probably depends on the MAM service impl)

in any case; making pep a proper pubsub child (in the implementations) and being able to configure something like access control and send_last_published_item and also storing them in MAM is some good preperation that OX, OMEMO and OMEMO-NEXT can all benefit from

thus far we haven't even managed to make publish_options work on all servers

at least we are getting there with ejabberd now

daniel, right but thats a spec vs impl thing

the only thing we can do from the spec side is to ensure that the required baseline profile is as minimalistic as possible

(looking at you MIX)

and that baseline should be ideally able to fullfil >85% of the use cases

Flow, yes sure. but I like to implement things in Conversations that will actually work so I need server side implementations

besides having access control would allow us to move bookmarks into pep and get other clients notified if one client changes things. imagine how great that would be if we could sync bookmarks across multiple devices in the year 2018

daniel, absolutely comprehensible

> I think the ban was at least borderline you cannot ban anyone in XMPP :)

and ignoring is not implemented, so, deal with it ;)

zinid, peozio supports /ignore (although I've never used it, and don't plan to do so)

Flow: nice

is there a new presence subscription spam wave?

I did get a bunch over last week

fippo: ongoing right now

fippo: yes, denied already 20 subscriptions today

word + three digits as username... now sure if there is a pattern in the resource but i would not expect any

fun :-/

yes, same pattern here

I appear to be on a different list then

Ge0rG, master of all things XMPP 2.0, should headline/normal messages be archived?

MattJ: yes/no in my current opinion, but this is subject to other factors I haven't thought through yet

Oh really

I'd have thought yes/no if both would be different

headline is defined as transient, no offline storage, etc.

*no/yes

MattJ: right, no/yes

...

Ok, we both made the same typo, that's ok then :)

MattJ: but it would make sense to decouple persistence from type

wouldn't the full jid / bare jid approach work as well?

daniel: yes, it's my preferred approach

Mine too

Ge0rG, I heard you on council now ;-)

But until we can find a sensible transition path to full/bare, I'm sadly living in reality

I've also updated my slide deck with the rfc routing rules, as those are complex enough already

MattJ, if that's about 0313 i wouldn't touch the rules regarding headline

for now at least

could we change 0313 to the full/bare thing sensibly after it moving to draft?

it is based on message types currently, I think that could be considered as a breaking change

MattJ: can we change the MAM response message type to headline please?

But the MAM responses are sent to the full JID :)

Yes

jonasw, don't worry, I'm not planning on coding any rules into XEP-0313 (which is currently intentionally very light on rules)

other than I think we all agree that groupchat shouldn't be archived

But there are servers in the reality you just mentioned that will reroute full JID normal messages

which are those?

because I thought that was in the spec

MattJ: ejabberd, because it broke message delivery for Gajim users

6120 says: "If the JID contained in the 'to' attribute is of the form <localpart@domainpart/resourcepart> and the user exists but there is no connected resource that exactly matches the full JID, the stanza SHOULD be processed as if the JID were of the form <localpart@domainpart>"

I'm sure we are going to experience funny effects with MAM MUC queries on ejabberd

Ge0rG [21:49]: > So I've updated the "XMPP broken" presentation slides, including a screenshot. https://op-co.de/tmp/whats-wrong-with-xmpp-2017.pdf MattJ: ^

Ok, this section is more detailed: https://xmpp.org/rfcs/rfc6121.html#rules-localpart-fulljid

There is a table of the relevant cases

What's the case for MAM results having type="headline"?

MattJ: the ejabberd inconsistency and also that headline messages are ephemeral

I'm not updating the spec for an implementation bug

and I agree that in hindsight, headline has cleaner semantics for these messages, but is it worth another namespace bump?

MattJ, are you going to accept my PR so jonasw can merge it before we are getting caught up in trying to fix $everything?

daniel, yes, sure

s/jonasw/$editor/

MattJ, Ge0rG maybe put the headline thing on a todo in case we will do another ns bump anyway for some other reason

FWIW I started this conversation with an innocent question that is not at all related to updating XEP-0313

what about todo lists in XML comments in the xep files themselves?

I'm working on code at the moment

jonasw, that happens to be what I do locally :)

:)

regarding the headline thing; I would like to have a situation where pep publish notifitcation messages can go to mam but the resend on login messages don't

i'm not sure if they are addressed to bare-jid / full-jid respectively

MattJ, daniel: I'm not sure we really need a namespace bump for the type change. Most client implementations don't care about it anyway

Most? What about the ones that do? :)

MattJ: those haven't implemented MAM anyway yet? 😁

Okay, I have no idea which clients explicitly filter on message type.

And you really don't want MAM responses to end up in offline storage, do you?

No, but as I understand it, that will only happen on ejabberd due to a bug

and even then, it's not the end of the world

If the client uses queryid, it won't get confused, and will just ignore them

MattJ: a server implementation can store incoming normal messages to offline as well

That's not what your table says

6121: "For a message stanza of type "normal", "groupchat", or "headline", the server MUST either (a) silently ignore the stanza or (b) return an error stanza to the sender, which SHOULD be <service-unavailable/>. "

> regarding the headline thing; I would like to have a situation where pep publish notifitcation messages can go to mam but the resend on login messages don't maybe that's more of an argument to make pubsub publish messages type=normal maybe headline should never be stored anywhere. else we will loose the difference between normal and headline

MattJ: what does prosody do?

MattJ: oh, you are right

I think we need a new message type 'system'...

Ge0rG, let's not talk about Prosody :)

(looks like it treats chat/normal the same here)

Though I must admit it probably won't happen in this universe

and in my head, they were equivalent, and only headline was not stored

MattJ: I'm already glad I took the time to make this table

But it's a trivial fix

Me too

MattJ: it will break users' expectations

No, because no users use type=normal :)

and if they do, they have expectations of it breaking

MattJ: you can ask Holger, he fixed it as well, and had to revert almost immediately

MattJ: users have no idea about message type

MattJ: all they care about is that suddenly prosody broke message delivery

What clients other that Gajim and Psi allow you to send type=normal?

*than

MattJ: I have no idea

SàT allows it and use normal messages

So three clients so far. How many of those will send type=normal to the full JID?

(haven't read the whole log, just the last few lines, so I'm not sure what this is about)

goffi, the spec says that type=normal to a full JID should not be stored as an offline message

if the resource is offline

it's technically possible to send to full jid from SàT using command line, but I don't think there is a reason why a user would do that.

MattJ: gajim was accidentally sending normal to full JID.

but I though only headline message were not stored offline?

thought*

goffi, "I don't think there is a reason why a user would do that" - https://xkcd.com/1172/

goffi, I thought that too (and Prosody does that)

But seems we were all wrong

Ge0rG, ok, surely that must be in the case that the recipient is online?

Ge0rG, don't tell me it sends to a full JID when they are offline

-> I'm curious what Holger fixed, and how it was noticed so quickly

MattJ: forgot this one :D

for the record there is an experimental plugin in SàT which allows to send and read messages through an email client (MUA), and this is case message of type "normal" can be filtered to be only readable from email client.

MattJ: it doesn't matter whether the user is offline at the time of sending because RACE CONDITIONS!!!1!

Ge0rG, yes, but this race condition wouldn't happen that often

MattJ: please ask Holger for the details, and maybe also lovetox

MattJ: I know Holger linked to the revert commit in here, some weeks ago, but I'm on my mobile now, and haven't implemented search yet

ok

why is it so important what MAM services store, isn't it more important what they return on a query?

They can't return stuff they don't store

and there is a cost to storing *everything*

I can see that groupchat messages should not be returned on normal client catch-up, but does that automatically mean xep313 must forbid services storing them?

Given that nowadays we're into replicating everything to every client, the optimal path is that everything we want on every client is what is stored

and what we don't want on every client is not stored

MattJ, of course there is a cost, but I want total freedom for MAM services regarding what to store

Then what you're asking is for the MAM service to be able to store stuff that is "hidden" from a default query

I think that would be fine

Flow: that's exactly what I wrote to the ML yesterday

MattJ, not strictly, but yes

I believe the construction site should be the MAM query mechanism, not the archiving rules

Although I also don't like the current MAM version to require services to store groupchat messages

I'm not sure if the wording in the XEP speaks about what's stored or what's returned, but there's some room for a xep that stores more and provides an extension to query for that

Unless we can make MUC work on an account, kind of like MIX light, there is no way for account local MUC archives

Flow, the current version doesn't require that

Oh wait, it does

MattJ, A server SHOULD also include messages of type 'groupchat' that have a <body>

Yeah, sorry, that's what we discussed on the list

I'm still surprised at that text :)

MattJ, no worries, $stuff's complicated

Daniel made a PR to fix it anyway

so it'll be gone soon

MattJ, IIRC Daniel PR no requires MAM services to not store groupchat messages

which is also not good IMHO

Heh

*now

But you should now best, because you just approved it ;)

*know

I think what you want is sensible, but shouldn't be part of the default query

A server SHOULD NOT include messages of type 'groupchat' in a user archive

so in a sense the spec should separate the idea of storing something, from returning it in a query

MattJ, exactly

I'm totally fine with that, just figuring out how to cleanly word that will be tricky

MattJ: yes please

PRs welcome

I'm currently working on restructuring Prosody's message delivery code to make XMPP 2.0 stuff easier (this is the ongoing side project that includes the rewrite of mod_smacks)

I'm fed up of missing messages from my wife because my phone battery was flat, and they got "successfully delivered" to poezio, which is online 24/7

What's XMPP 2.0?

Pretend I said something else

MattJ: and this is why I'm using a separate account for my family communication for many years already

marc, "Message Routing 2.0" is probably a more accurate term

marc, there are a few issues with how XMPP message routing behaves with multiple clients online on the same account at different or the same times

jonasw, but what a mouthful. We need a marketing term :)

MattJ, sure, but we don’t need to market to marc, I think :)

jonasw, ah okay, is this a XEP?

marc, not yet

marc, there’s some info on the wiki: https://wiki.xmpp.org/web/XMPP_2.0

(which may be slightly outdated)

and also a bunch of discussion on the mailinglist

And my slide deck

marc, most comprehensive source of information is: https://op-co.de/tmp/whats-wrong-with-xmpp-2017.pdf

MattJ: thanks

jonasw, MattJ thanks!

marc, "XMPP 2.0" isn't anything formal, and doesn't exist. We're just doing some review of where we are, and where we are going, and what feasible changes we can make to the protocol to make everyone's lives easier

Back when XMPP/Jabber began, most of the popular IM networks would disconnect you from one location if you logged on from a new location

XMPP supported multiple connections long before everyone had smartphones, laptops, etc.

and back then, it aimed to do clever things like figure out which device you wanted to receive messages on

Now this is not required and even detrimental

MattJ, I understand and I'll read the slides etc. to be up-to-date, thanks :)

MattJ, I always wonder if that priority based routing was clever even 10 years ago

Or what that rationale for that back then was

marc: ping me if you have questions about the slides. I gave them to a nerd friend recently and had to realize they are not meant for people without really deep understanding of XMPP

Ge0rG, will do :)

Flow: the idea back then didn't take into account ubiquitous mobile devices

It was assumed that whole you might have multiple simultaneous connections, you'd always want messages to arrive in one of them, your 'current' one.

(while)

And thus "most avaliable non negative presence" was born.

The assumption now is that you basically want chat-like messages to arrive on all devices, with history, and proper distributed read markers

"and it was good" no wait

So yeah priority is mostly useless now

I don't think the priority-based routing was actually a good idea, but I'm sure it seemed one at the time, a decade before that use case came about.

I'm still not sure about aggregate availability / show presence.

In which way? I think that individual devices having a different status message is unhelpful for most use cases these days.

I could imagine using priority for that exclusively

To the point that I'm sorely tempted we (non-formally) deprecate status messages, and just shove something in PEP.

Sure, Slack has per account status and 'snooze'

Making it explicit that way seems the way to go

Aggregating status locally is easy enough, I think.

But messages are harder.

I don't think it's a hardship for a receiving client to see two auto-away, one available, so mark the contact as available.

(Although it's not how we'd design it if we were starting again)

> contracts shouldn't be able to choose what happens to my archive Kev: I'm not really sure how this would look like. Even if we change to a full jid / bare jid approach it's ultimately up to the sender to make that decision

I'm also in favor of aggregate presence status, but we don't need to throw everything over for that

daniel: I'd like to make a fuller response Monday, I just noticed the PR and wanted to leave a holding message to stop it getting merged until I'm working again after the weekend.

I think we should be precise and not talk about 'presence'

ralphm: feel free to provide a better glossary

Rather about availability-presence, user status and such

But, basically, telling an archive server that someone sending me a message gets to override the rules of my server policy has to be obeyed isn't helpful in most cases. I'm happy with (more loosely than you're doing) excluding groupchat from default access, but the <store/> thing needs more care.

More Monday :)

Availability still has use cases, even beyond chat

Ge0rG: I would still like to work with you on XEPpifying these thoughts (although I'll do it on my own if you're still not keen).

Slack status is much like user mood and user activity conflated

Kev: I'm not opposed, I just still think it's too early

ralphm: And I think more matches what the typical use case needs.

I.e. you pick an emoji and a status message to go with it

Totally

But Slack still does presence.

(availability)

There is a good case for dnd at least

I think in XMPP we could easily codify something here that makes slackishness work, along with other use cases, without needing to throw baby out with the bathwater.

But do note that Slack also has binary availability (green or dark icon) as well as snooze indicator. The latter is per account, and I assume the former is simply a logical or.

I think <status/> is going to be a victim in this.

Indeed, as well as show

I think we keep show.

But but but but I want custom text status, or at least Emoji

But I think we codify some rules of how to do a trinary logical or on it.

Ge0rG: please read again

Ge0rG: Yes, but I don't think <status/> is fit for that per-account use. I think we PEP that.

We'd move this to a PEP nice

Node

Like User Mood and User Activity XEPs

And probably replacing both, if we're honest.

Sure

Well, or combining both.

Kev: persistent or ephemeral pep?

If we changed User Mood into an emoji :D

Without predefined items

Ge0rG: persistent.

Even though they are extensible

Kev: I think I still have some junk in my pep (different account) from a client that I tried some years ago

I've added to my list of things I need to cover in the xmpp2.0-not-called-xmpp2.0 Informational XEP.

My intention is to write a XEP summarising Ge0rG's slidedeck, together with our current best guess on how we'll approach solving it.

Mostly so that we have this tracked in some way that the XSF's process understands.

Right, I'm going back to hiding my XMPP and Mail clients again :)

o7

I guess we can fill those summit days easily

Does anyone use haproxy for xep368 or anything using alpn?

moparisthebest: https://blog.onefellow.com/post/76702632637/haproxy-and-ejabberd

without alpn though

Yea mainly wondering if it can multiplex on alpn without terminating TLS or not

Guy in conversations muc is trying to figure it out

not sure what the problem is, there is tons of info in google

for example: https://www.haproxy.com/documentation/aloha/7-0/haproxy/tls/

That's about terminating TLS though, he got it working doing that https://pastebin.ca/3939980

It's just not necessary