XSF Discussion - 2018-01-12

  1. Ge0rG has left

  2. Dave Cridland has left

  3. Dave Cridland has joined

  4. uc has joined

  5. Dave Cridland has left

  6. Dave Cridland has joined

  7. Dave Cridland has left

  8. Dave Cridland has joined

  9. Dave Cridland has left

  10. Dave Cridland has joined

  11. Dave Cridland has left

  12. Dave Cridland has joined

  13. zinid has left

  14. zinid has joined

  15. Ge0rG has left

  16. Dave Cridland has left

  17. Dave Cridland has joined

  18. Dave Cridland has left

  19. Dave Cridland has joined

  20. jjrh has left

  21. Ge0rG has left

  22. Syndace has left

  23. Syndace has joined

  24. jjrh has left

  25. moparisthebest has left

  26. Zash has left

  27. Zash has left

  28. moparisthebest has joined

  29. Ge0rG has left

  30. Dave Cridland has left

  31. Dave Cridland has joined

  32. Dave Cridland has left

  33. Dave Cridland has joined

  34. Dave Cridland has left

  35. Dave Cridland has joined

  36. Dave Cridland has left

  37. Dave Cridland has joined

  38. Ge0rG has left

  39. Zash has left

  40. moparisthebest has left

  41. moparisthebest has joined

  42. Dave Cridland has left

  43. Dave Cridland has joined

  44. Dave Cridland has left

  45. Dave Cridland has joined

  46. lumi has joined

  47. Ge0rG has left

  48. Dave Cridland has left

  49. Dave Cridland has joined

  50. Dave Cridland has left

  51. Dave Cridland has joined

  52. moparisthebest has left

  53. moparisthebest has joined

  54. pep.

    > going by this page: http://search.wensley.org.uk/chat/ > do rooms about clients count? :) > if not, IT-MSE probbaly counts, whatever that is > GNU/Linux is second (30) This is sad :(

  55. pep.

    OTOH, I would probably bridge my room to IRC if is I had a room here for some random project

  56. Ge0rG has left

  57. zinid has left

  58. zinid has joined

  59. Kev has left

  60. Dave Cridland has left

  61. Dave Cridland has joined

  62. Dave Cridland has left

  63. Dave Cridland has joined

  64. Ge0rG has left

  65. ralphm has joined

  66. SamWhited has left

  67. Guus has left

  68. moparisthebest has joined

  69. Ge0rG has left

  70. xnyhps has left

  71. Guus has left

  72. Dave Cridland has left

  73. Dave Cridland has joined

  74. Dave Cridland has left

  75. Dave Cridland has joined

  76. Ge0rG has left

  77. lskdjf has joined

  78. vanitasvitae has left

  79. la|r|ma has joined

  80. Ge0rG has left

  81. Dave Cridland has left

  82. Dave Cridland has joined

  83. Dave Cridland has left

  84. Dave Cridland has joined

  85. Ge0rG has left

  86. Ge0rG has left

  87. Ge0rG has left

  88. Dave Cridland has left

  89. Dave Cridland has joined

  90. Dave Cridland has left

  91. Dave Cridland has joined

  92. vanitasvitae has joined

  93. Ge0rG has left

  94. Ge0rG has left

  95. Dave Cridland has left

  96. Dave Cridland has joined

  97. Dave Cridland has left

  98. Dave Cridland has joined

  99. Ge0rG has left

  100. Dave Cridland has left

  101. Dave Cridland has joined

  102. Dave Cridland has left

  103. Dave Cridland has joined

  104. Dave Cridland has left

  105. Dave Cridland has joined

  106. Ge0rG has left

  107. efrit has joined

  108. efrit has left

  109. efrit has joined

  110. Ge0rG has left

  111. Dave Cridland has left

  112. Dave Cridland has joined

  113. Dave Cridland has left

  114. Dave Cridland has joined

  115. Ge0rG has left

  116. tux has left

  117. tux has joined

  118. Ge0rG has left

  119. suzyo has joined

  120. Dave Cridland has left

  121. Dave Cridland has joined

  122. Ge0rG has left

  123. efrit has left

  124. Ge0rG has left

  125. Dave Cridland has left

  126. Dave Cridland has joined

  127. Dave Cridland has left

  128. Dave Cridland has joined

  129. Dave Cridland has left

  130. Dave Cridland has joined

  131. Dave Cridland has left

  132. Dave Cridland has joined

  133. Dave Cridland has left

  134. Dave Cridland has joined

  135. Ge0rG has left

  136. Ge0rG has left

  137. Ge0rG has left

  138. Dave Cridland has left

  139. Dave Cridland has joined

  140. Dave Cridland has left

  141. Dave Cridland has joined

  142. Ge0rG has left

  143. Syndace has left

  144. Syndace has joined

  145. Ge0rG has left

  146. Dave Cridland has left

  147. Dave Cridland has joined

  148. Ge0rG has left

  149. Tobias has joined

  150. Ge0rG has left

  151. Tobias has joined

  152. Dave Cridland has left

  153. Dave Cridland has joined

  154. zinid has left

  155. moparisthebest has joined

  156. Dave Cridland has left

  157. Dave Cridland has joined

  158. Dave Cridland has left

  159. Dave Cridland has joined

  160. ralphm has joined

  161. Dave Cridland has left

  162. Dave Cridland has joined

  163. Ge0rG has left

  164. ralphm has joined

  165. Dave Cridland has left

  166. Dave Cridland has joined

  167. ralphm has left

  168. ralphm has joined

  169. zinid

    moparisthebest, now I can refer to your article! :D https://github.com/processone/ejabberd/blob/master/ejabberd.yml.example#L191

  170. Guus has left

  171. Ge0rG has left

  172. Zash has joined

  173. suzyo has joined

  174. Guus has left

  175. Dave Cridland has left

  176. Dave Cridland has joined

  177. Dave Cridland has left

  178. Dave Cridland has joined

  179. Dave Cridland has left

  180. Dave Cridland has joined

  181. Ge0rG has left

  182. ralphm has joined

  183. Ge0rG has left

  184. Dave Cridland has left

  185. Dave Cridland has joined

  186. Dave Cridland has left

  187. Dave Cridland has joined

  188. daniel has left

  189. Steve Kille has left

  190. Steve Kille has left

  191. Dave Cridland has left

  192. Dave Cridland has joined

  193. Steve Kille has joined

  194. Tobias has joined

  195. Ge0rG has left

  196. marc has joined

  197. Tobias has joined

  198. Ge0rG has left

  199. Steve Kille has left

  200. Dave Cridland has left

  201. Dave Cridland has joined

  202. Dave Cridland has left

  203. Dave Cridland has joined

  204. goffi has joined

  205. marc has left

  206. Kev has joined

  207. Ge0rG has left

  208. Martin has joined

  209. Ge0rG has left

  210. edhelas


  211. blabla has joined

  212. Syndace has left

  213. Syndace has joined

  214. Ge0rG has left

  215. zinid


  216. zinid

    I also wonder why Signal is considered more secure than Whatsapp?

  217. zinid

    same proprietary silo

  218. mathieui

    hm no?

  219. mathieui

    signal isn’t controled by facebook

  220. zinid


  221. mathieui

    and iirc the server can do less things in signal

  222. zinid

    like requesting private key?

  223. Ge0rG

    Signal is controlled by moxie, who used to be an anarchist crypto nerd before he got bought.

  224. zinid

    so this is a question of trust? which is very personal

  225. zinid

    for example, why would I trust moxie?

  226. vanitasvitae has joined

  227. edhelas


  228. edhelas

    but we all know the position of moxie on federation/decentralisation

  229. Ge0rG has left

  230. Alex has joined

  231. moparisthebest has joined

  232. daniel

    Ge0rG: are anarchist crypto nerds those assassination market people?

  233. daniel

    All pretty legit and trustworthy

  234. moparisthebest has joined

  235. daniel has left

  236. Dave Cridland has left

  237. Dave Cridland has joined

  238. ralphm has left

  239. Ge0rG has left

  240. Ge0rG

    daniel: I'm pretty sure there are different sub-groups.

  241. zinid

    edhelas, "all"? I knew about moxie from this conference (or conversations@, don't remember), I know jack shit about moxie actually 🙂

  242. mimi89999 has joined

  243. lskdjf has joined

  244. lumi has joined

  245. marc has joined

  246. Ge0rG has left

  247. Tobias has left

  248. tux has joined

  249. Tobias has joined

  250. Dave Cridland has left

  251. Dave Cridland has joined

  252. Dave Cridland has left

  253. Dave Cridland has joined

  254. waqas has left

  255. ralphm has left

  256. Ge0rG has left

  257. waqas has joined

  258. waqas has left

  259. waqas has joined

  260. zinid has left

  261. tux has left

  262. zinid has left

  263. Ge0rG has left

  264. edhelas

    Holger zinid should we clarify 0060 for this one ? https://github.com/processone/ejabberd/issues/2129

  265. la|r|ma has left

  266. zinid

    edhelas, I'm no pubsub expert, sorry, I barely can understand the problem

  267. Holger

    Yes this should be clarified if you ask me.

  268. ralphm has joined

  269. Dave Cridland has left

  270. Dave Cridland has joined

  271. MattJ

    I don't see what there is to clarify

  272. Dave Cridland has left

  273. Dave Cridland has joined

  274. MattJ

    Someone might think that deleting their account allows their pubsub nodes to be modified by others?

  275. Ge0rG has left

  276. Holger

    MattJ: Both you and me have write access to a node. Does that mean you can override items published by me?

  277. Holger

    MattJ: That's not clear (to me) from reading 0060. See that issue.

  278. MattJ

    Ok, I see

  279. MattJ

    It didn't see clear to me that that's what the issue was about

  280. Zash

    Item ownership?

  281. MattJ

    Opens a can of worms

  282. daniel has left

  283. zinid

    there is a similar problem with MUCs (if I understand it correctly): account deletion doesn't trigger deletion of ownership in remote MUCs

  284. zinid

    so you can re-register the account and become an owner 😉

  285. Holger

    Yeah. Or just become member of a members-only group.

  286. Ge0rG

    Now I can't delete accounts any more? I need to convert them all into tombstones?

  287. MattJ

    Ge0rG, welcome to federation

  288. zinid

    a client probably needs to clean up everything carefully, but that's PITA

  289. Ge0rG

    zinid: you can't have a client clean up everything if you ban a user.

  290. MattJ

    That's not always feasible

  291. ralphm has joined

  292. Ge0rG

    Also not all clients of a user know their remote MUC ownerships

  293. Kev

    More or less you can never delete accounts safely in XMPP, you must always tombstone.

  294. Kev

    At least for federated systems you don't control.

  295. zinid

    yeah, so just don't delete your account 🙂

  296. Holger

    Anyway those are separate problems. The user who created that ejabberd issue is indeed fighting with deleted accounts (and I see the problem), but he stumbled over that PubSub question which is just as unclear if the accounts in question still exist.

  297. zinid

    however, server admins can do that 🙂

  298. Holger

    I clearly see the use case for giving multiple JIDs write access to a node without allowing them to delete/override each others items. So if 0060 doesn't make this possible that's bad.

  299. Holger

    I think this should be the default behavior, just needs some clarification.

  300. intosi

    Holger: you mean publish-only?

  301. Holger

    If there's also a use case for allowing to delete/override each others items then 0060 needs additional magic.

  302. intosi

    Although that precludes reading items.

  303. Holger

    intosi: You're always able to edit/delete items you published yourself.

  304. Holger

    (Which can also be a problem.)

  305. Holger

    This is just about messing with stuff published by others.

  306. Ge0rG

    That sounds like an Enterprise Feature.

  307. ralphm has joined

  308. Ge0rG has left

  309. Holger

    I think people like goffi and edhelas are having a hard time trying to use 0060 for very basic features ...

  310. edhelas

    just a bit :-)

  311. Ge0rG has left

  312. Guus has left

  313. ralphm has joined

  314. Alex has left

  315. ralphm has joined

  316. moparisthebest has joined

  317. ralphm has left

  318. Ge0rG has left

  319. Guus has left

  320. moparisthebest has joined

  321. valo has left

  322. valo has joined

  323. ralphm has joined

  324. nyco has left

  325. Zash has left

  326. Zash has joined

  327. Ge0rG has left

  328. Dave Cridland has left

  329. Dave Cridland has joined

  330. Ge0rG has left

  331. MattJ

    It's because XEP-0060 is too generic

  332. Dave Cridland has left

  333. Dave Cridland has joined

  334. MattJ

    Which means for most practical applications, it doesn't suffice, or has to be made more complex

  335. waqas

    It lacks proper turning completeness though…

  336. Dave Cridland has left

  337. la|r|ma has joined

  338. la|r|ma has joined

  339. Dave Cridland has joined

  340. Dave Cridland has left

  341. Dave Cridland has joined

  342. Guus has left

  343. nyco has left

  344. Zash

    Small change to the notification transformation settings so you can make it send iq stanzas, and then do pubsub that way

  345. matlag has left

  346. Ge0rG has left

  347. Guus has left

  348. moparisthebest has joined

  349. Tobias has joined

  350. Alex has joined

  351. Tobias has joined

  352. Ge0rG has left

  353. ralphm has left

  354. hannes has joined

  355. @Alacer has left

  356. waqas has left

  357. @Alacer has joined

  358. waqas has joined

  359. Dave Cridland has left

  360. Dave Cridland has joined

  361. matlag has joined

  362. Dave Cridland has left

  363. Dave Cridland has joined

  364. Ge0rG has left

  365. Dave Cridland has left

  366. Dave Cridland has joined

  367. hannes has joined

  368. lskdjf has joined

  369. lskdjf has joined

  370. Ge0rG has left

  371. lumi has left

  372. daniel has left

  373. daniel has left

  374. Ge0rG has left

  375. Dave Cridland has left

  376. Dave Cridland has joined

  377. Dave Cridland has left

  378. Dave Cridland has joined

  379. Guus has left

  380. waqas has left

  381. daniel has left

  382. Ge0rG has left

  383. moparisthebest has joined

  384. moparisthebest has left

  385. moparisthebest has joined

  386. moparisthebest has joined

  387. moparisthebest has joined

  388. moparisthebest has left

  389. Ge0rG has left

  390. Dave Cridland has left

  391. Dave Cridland has joined

  392. lskdjf has joined

  393. Kev has left

  394. matlag has left

  395. Ge0rG has left

  396. SamWhited has joined

  397. Alex has left

  398. Ge0rG has left

  399. Ge0rG has left

  400. waqas has joined

  401. waqas has left

  402. waqas has joined

  403. Ge0rG has left

  404. Dave Cridland has left

  405. Dave Cridland has joined

  406. Dave Cridland has left

  407. Dave Cridland has joined

  408. zinid has left

  409. Ge0rG has left

  410. Ge0rG has left

  411. moparisthebest has joined

  412. Ge0rG has left

  413. Ge0rG has left

  414. Ge0rG has left

  415. Ge0rG has left

  416. tux has left

  417. Dave Cridland has left

  418. Dave Cridland has joined

  419. Dave Cridland has left

  420. Dave Cridland has joined

  421. Ge0rG has left

  422. Alex has joined

  423. waqas has left

  424. hannes has joined

  425. Ge0rG has left

  426. Ge0rG has left

  427. Ge0rG has left

  428. Ge0rG has left

  429. Ge0rG has left

  430. Ge0rG

    > And federation is possible over XMPP with Signal: https://signal.org/blog/the-ecosystem-is-moving/ Heh. I'm pretty sure that link conveys the absolute opposite of the stated message.

  431. Zash

    Wait what

  432. Ge0rG

    From https://news.ycombinator.com/item?id=16127570

  433. Zash

    XMPP over Signal?? Why would you even

  434. lskdjf has joined

  435. lskdjf has joined

  436. Ge0rG has joined

  437. daniel

    I by the love how their method for 'private contact discovery' is basically we just send everything to an Intel black box because Intel knows their shit, right

  438. daniel

    But that's unrelated to random guy on HN not knowing the fuck he is talking about

  439. Ge0rG


  440. blabla has left

  441. Ge0rG has left

  442. Ge0rG

    Recently I had some time on my hands and read through moxie's old stories, about train riding through the US and home squatting. And that's so absolutely different from the "stop calling your product like our product" moxie, it's hard to grasp

  443. Ge0rG

    The ones under https://moxie.org/stories.html

  444. Ge0rG has left

  445. Zash

    "This is your brain. This is your brain on capitalism."

  446. Dave Cridland has left

  447. Dave Cridland has joined

  448. Dave Cridland has left

  449. daniel

    Isn't there one where he was almost raped while hitch hiking or something?

  450. Dave Cridland has joined

  451. Ge0rG has left

  452. daniel

    I think I read those stories some years ago as well

  453. Ge0rG

    daniel: yeah, and he almost died while sailing. And some others.

  454. ralphm has left

  455. ralphm has joined

  456. Ge0rG has left

  457. Ge0rG has left

  458. Ge0rG has left

  459. SamWhited has left

  460. Alex has left

  461. Ge0rG has left

  462. vanitasvitae has left

  463. Ge0rG has left

  464. moparisthebest

    zinid: ah excellent (about ejabberd config pointer)

  465. moparisthebest

    On a related note, does ejabberd TLS support SNI for cert selection?

  466. Holger

    moparisthebest: Sure, zinid added that ages ago.

  467. Holger

    (Last month IIRC.)

  468. moparisthebest


  469. Zash

    Model changes :/

  470. Ge0rG has left

  471. moparisthebest

    SNI is shockingly absent outside https it seems, I had to add it to 2 IRC clients and K-9 mail on Android when I started this whole multiplexing business

  472. moparisthebest

    It's been around for what 14 years at this point?

  473. Zash

    Does anything but HTTPS actually need it?

  474. Holger

    IRC has no STARTTLS I guess :-)

  475. Holger

    But yes mail doesn't need it.

  476. Ge0rG has left

  477. Zash

    For weird reasons tho

  478. moparisthebest

    everything that uses TLS really

  479. moparisthebest

    imap and smtp over TLS need it

  480. moparisthebest

    not STARTTLS, but TLS that is

  481. Ge0rG has left

  482. lskdjf has left

  483. moparisthebest

    the funny thing is, as IPv4 gets harder and harder to get, SNI will become more and more needed by everything

  484. lskdjf has joined

  485. moparisthebest

    and then as IPv4 is replaced by IPv6, SNI will no longer be needed at all essentially 🙂

  486. Holger

    moparisthebest: Sure if you don't use the alternative solution available for email, then you need it :-)

  487. moparisthebest

    starttls should just die everywhere

  488. Zash


  489. moparisthebest

    I think there is even such an RFC for all the email protocols right?

  490. Zash

    Pretty sure all email protocols have starttls

  491. Zash

    Pretty sure I've never seen SMTP over TLS

  492. moparisthebest

    all of them have starttls options and direct-tls options, and an old RFC deprecated direct-tls, and a new one I think re-instates it and deprecates starttls

  493. moparisthebest

    over port 465 is the standard for that Zash

  494. moparisthebest

    for client submission port over direct tls

  495. Guus has left

  496. Zash

    Never seen or heard about anyone ever using that

  497. moparisthebest

    yea the standard smtp ports are 25 (for s2s you could say), 587 for submission (starttls), and 465 for smtps (direct tls), 465 pre-dated 587 and then was deprecated and assigned to some protocol no one uses...

  498. Ge0rG has left

  499. Holger

    Zash: We've been offering SMTPS and IMAPS next to STARTTLS for ages and I've seen many other providers doing so.

  500. moparisthebest

    found it https://datatracker.ietf.org/doc/draft-ietf-uta-email-deep/

  501. moparisthebest

    Cleartext Considered Obsolete: Use of TLS for Email Submission and Access

  502. moparisthebest

    ie starttls must die

  503. Ge0rG has left

  504. moparisthebest

    on an XMPP related note, they chose the terminology 'Implicit TLS' vs what we chose of 'Direct TLS' so it might make sense to update 368 that way

  505. Ge0rG has left

  506. Dave Cridland has left

  507. Dave Cridland has joined

  508. mathieui

    yay, finally got a vacation to attend the summit

  509. Dave Cridland has left

  510. Dave Cridland has joined

  511. Dave Cridland has left

  512. Dave Cridland has joined

  513. moparisthebest

    ha they chose _submissions._tcp vs my initial preference of _submission._tls too

  514. Ge0rG

    Anyone seen stpeter recently?

  515. Ge0rG

    moparisthebest: is the last "s" for "secure" or for plural?

  516. moparisthebest

    same as xmpps, secure

  517. moparisthebest

    or ssl ? 😛

  518. Ge0rG


  519. Guus has left

  520. moparisthebest

    it's not like anyone is going to change https to httpt

  521. Ge0rG

    did you mean: htttp? :P

  522. Zash


  523. moparisthebest

    hpkp:// where every site has a pinned public key? now that's something I could get behind

  524. Zash


  525. Ge0rG

    moparisthebest: and the host part is replaced by the key fingerprint. key fingerprint dot onion.

  526. moparisthebest

    more like cjdns

  527. marc has left

  528. Ge0rG has left

  529. marc has left

  530. Ge0rG has left

  531. daniel has left

  532. Ge0rG has left

  533. marc has joined

  534. Ge0rG has left

  535. Ge0rG has joined

  536. Ge0rG has left

  537. Dave Cridland has left

  538. Dave Cridland has joined

  539. Dave Cridland has left

  540. Dave Cridland has joined

  541. daniel has left

  542. ralphm has left

  543. pep. has left

  544. daniel has left

  545. Ge0rG has left

  546. Ge0rG has left

  547. Martin has left

  548. Ge0rG has left

  549. Dave Cridland has left

  550. Dave Cridland has joined

  551. ralphm has joined

  552. ralphm has joined

  553. Ge0rG has left

  554. jjrh has left

  555. matlag has joined

  556. marc has left

  557. Ge0rG has left

  558. Ge0rG has left

  559. zinid has left

  560. Steve Kille has left

  561. Steve Kille has left

  562. ralphm has joined

  563. Ge0rG has left

  564. ralphm has joined

  565. jere has joined

  566. Ge0rG has left

  567. ralphm has left

  568. Ge0rG has left

  569. Dave Cridland has left

  570. Dave Cridland has joined

  571. ralphm has joined

  572. jjrh has left

  573. tux has joined

  574. Guus has left

  575. jjrh has left

  576. jjrh has left

  577. Dave Cridland has left

  578. Dave Cridland has joined

  579. Dave Cridland has left

  580. Dave Cridland has joined

  581. Ge0rG has left

  582. Ge0rG has left

  583. Steve Kille has joined

  584. Guus has left

  585. Ge0rG has left

  586. Ge0rG has left

  587. tux has joined

  588. Steve Kille has left

  589. jabberatdemo has joined

  590. Dave Cridland has left

  591. Dave Cridland has joined

  592. Dave Cridland has left

  593. Dave Cridland has joined

  594. jabberatdemo has left

  595. Ge0rG has left

  596. Ge0rG has left

  597. la|r|ma has joined

  598. Ge0rG has left

  599. jere has left

  600. jere has joined

  601. Dave Cridland has left

  602. Dave Cridland has joined

  603. Dave Cridland has left

  604. la|r|ma has joined

  605. Dave Cridland has joined

  606. la|r|ma has joined

  607. la|r|ma has joined

  608. Dave Cridland has left

  609. Dave Cridland has joined

  610. Dave Cridland has left

  611. Dave Cridland has joined

  612. Ge0rG has left

  613. Dave Cridland has left

  614. Dave Cridland has joined

  615. ralphm has joined

  616. hannes has left

  617. ralphm has joined

  618. winfried has joined

  619. winfried has joined

  620. marc has joined

  621. ralphm has left

  622. Ge0rG has left

  623. Ge0rG has left

  624. ralphm has joined

  625. jonasw has left

  626. Ge0rG has left

  627. nyco has left

  628. Dave Cridland has left

  629. Dave Cridland has joined

  630. lumi has joined

  631. Ge0rG has left

  632. Ge0rG has left

  633. marc has left

  634. anurodhp has joined

  635. marc has joined

  636. Guus has left

  637. ralphm has joined

  638. ralphm has joined

  639. Ge0rG has left

  640. Guus has left

  641. anurodhp has joined

  642. Ge0rG has left

  643. suzyo has joined

  644. Dave Cridland has left

  645. Dave Cridland has joined

  646. Dave Cridland has left

  647. Dave Cridland has joined

  648. Dave Cridland has left

  649. Dave Cridland has joined

  650. ralphm has joined

  651. tux has joined

  652. Ge0rG has left

  653. ralphm has joined

  654. ralphm has left

  655. ralphm has joined

  656. Ge0rG has left

  657. la|r|ma has left

  658. la|r|ma has joined

  659. ralphm has left

  660. lskdjf has left

  661. ralphm has joined

  662. suzyo has joined

  663. mimi89999 has joined

  664. Ge0rG has left

  665. Ge0rG has left

  666. Ge0rG has left

  667. Ge0rG has left

  668. ralphm has joined

  669. ralphm has joined

  670. Ge0rG has left

  671. la|r|ma has left

  672. la|r|ma has joined

  673. Ge0rG has left

  674. zinid has left

  675. la|r|ma has joined

  676. la|r|ma has joined

  677. la|r|ma has left

  678. la|r|ma has joined

  679. la|r|ma has left

  680. la|r|ma has joined

  681. Dave Cridland has left

  682. Dave Cridland has joined

  683. Ge0rG has left

  684. ralphm has joined

  685. la|r|ma has left

  686. la|r|ma has joined

  687. ralphm has joined

  688. lskdjf has joined

  689. daniel has left

  690. Ge0rG has left

  691. lskdjf has left

  692. lskdjf has left

  693. ralphm has left

  694. ralphm has joined

  695. tux has joined

  696. Ge0rG has left

  697. Dave Cridland has left

  698. Dave Cridland has joined

  699. la|r|ma has left

  700. la|r|ma has joined

  701. la|r|ma has left

  702. la|r|ma has joined

  703. Ge0rG has left

  704. waqas has joined

  705. waqas has left

  706. waqas has joined

  707. Dave Cridland has left

  708. Dave Cridland has joined

  709. Ge0rG has left

  710. Ge0rG has left

  711. goffi has left

  712. Ge0rG has left

  713. lskdjf has left

  714. lskdjf has left

  715. daniel has left

  716. Ge0rG has left

  717. Dave Cridland has left

  718. Dave Cridland has joined

  719. Dave Cridland has left

  720. Dave Cridland has joined

  721. la|r|ma has joined

  722. la|r|ma has left

  723. Guus has left

  724. lumi has left

  725. Ge0rG has left

  726. Link Mauve

    “17:33:12 moparisthebest> Cleartext Considered Obsolete: Use of TLS for Email Submission and Access 17:33:20 moparisthebest> ie starttls must die”, you’ve said that a few times already, but that’s plain wrong, there is nothing more plaintext in StartTLS than in legacy TLS in XMPP.

  727. Ge0rG has left

  728. winfried has left

  729. winfried has joined

  730. Ge0rG has left

  731. la|r|ma has left

  732. lskdjf has left

  733. Ge0rG has left

  734. la|r|ma has left

  735. ralphm has joined

  736. la|r|ma has left

  737. moparisthebest

    Link Mauve: but then why keep it

  738. Link Mauve

    Because a huge lot of software and deployments support it, and because there is no downside.

  739. Link Mauve

    There is a downside to the change though.

  740. SamWhited has left

  741. Zash

    Changing security stuff for what amounts to a small round trip optimization is kinda scary.

  742. Zash

    And the thing about getting through firewalls will just further that arms race

  743. moparisthebest

    Way more software supports direct TLS

  744. la|r|ma has left

  745. Ge0rG has left

  746. Zash

    More popular != better

  747. moparisthebest

    But in this case it does

  748. la|r|ma has left

  749. Ge0rG has left

  750. Link Mauve

    moparisthebest, I just had a look at our server, we have a 1:10 ratio of users of legacy TLS vs. StartTLS.

  751. moparisthebest

    Link Mauve: do you have xep368 DNS records, and what preference order

  752. Link Mauve

    Yes, and same as the normal one.

  753. moparisthebest

    Wait same? What is the weight of each then

  754. Link Mauve

    Ah no, 8 0 for _xmpp-client and 10 0 for _xmpps-client.

  755. Link Mauve

    I remembered wrong.

  756. moparisthebest

    Ah ok well that's why then

  757. Link Mauve

    You can dig _xmpps?-client._tcp.jabberfr.org.

  758. moparisthebest

    You should test with them switched

  759. Link Mauve

    But why? I thought the only reason to have those was to bypass firewalls that intercept the plain text version and only allow TLS-looking ones.

  760. Link Mauve

    If a client fails to connect in StartTLS, but supports legacy TLS, it will just check again once the connection failed.

  761. Zash

    I thought the primary reason was to get through corporate firewalls that only allow http/https

  762. Link Mauve


  763. Link Mauve

    That’s the only reason we have legacy TLS in the first place.

  764. Link Mauve

    We also have XEP-0156 deployed, which is another big one for those.

  765. Ge0rG has left

  766. moparisthebest

    Isn't 368 way easier and more efficient than 156

  767. moparisthebest

    If getting around firewalls is your goal that is

  768. Link Mauve

    Until your firewall starts blocking anything which doesn’t announce it is HTTP.

  769. moparisthebest

    Bottom line though if xmpp was being designed today do you doubt it would only support direct TLS?

  770. Link Mauve

    Because 0156 describes how to use this very HTTP everyone loves so much.

  771. Zash

    Weren't you the one who said "we'll still have websockets"?

  772. Link Mauve

    moparisthebest, that doesn’t matter, it has been invented twenty years ago, you can’t erase that.

  773. moparisthebest

    But you can move towards the ideal situation

  774. Link Mauve

    It’s not more ideal than the rest.

  775. moparisthebest

    If you are redesigning other parts might as well improve it all

  776. Dave Cridland has left

  777. Dave Cridland has joined

  778. Dave Cridland has left

  779. Dave Cridland has joined

  780. daniel has left

  781. daniel has joined

  782. Zash

    I don't see how moving host and service multiplexing around the layers is an improvement.

  783. Ge0rG has left

  784. moparisthebest

    Link Mauve: wait you said 10% of your users are using the xep368 srv record? That seems huge if it's a lower priority

  785. Zash

    Link Mauve: Is it set up so you can detect connections that ignored or failed to get SRV records?

  786. Zash

    Like yax.im is, iirc.

  787. Link Mauve

    Zash, yes.

  788. Zash

    And, iirc, also produces depressing numbers.

  789. Zash

    Like how 90% of all users on a thing I used to run were using DIGEST-MD5 and the rest were using PLAIN

  790. moparisthebest

    That seems like a huge number of users that otherwise wouldn't be able to connect

  791. edhelas

    so looks like Movim is having a "okay" working solution to do video-conferencing with pure WebRTC and Jingle :)

  792. moparisthebest

    Also considering only a couple clients support it

  793. Link Mauve

    moparisthebest, or plain ignore the settings and connect to 5223 anyway.

  794. Zash

    or got SRV sorting wrong

  795. la|r|ma

    edhelas, did you try out cross-browser?

  796. moparisthebest

    Conversations does it right mixing and all, it would connect to 5222 if it could

  797. edhelas

    yup, working between chrome and firefox

  798. edhelas

    disabled on mobile for now

  799. moparisthebest

    edhelas: would be great to get interop working with conversations too :)

  800. edhelas

    ping daniel :3

  801. la|r|ma

    edhelas: what about safari? (I worked with WebRTC for another project and it sucks to get it cross-browser)

  802. moparisthebest

    Did that xep work as is or did you find rough edges?

  803. edhelas

    I don't know if there's a WebRTC implementation in Java for Android

  804. edhelas

    la|r|ma don't know, don't have Macs at home :D

  805. la|r|ma

    you can use chromes libwebrtc on android

  806. moparisthebest

    edhelas: actually a conversations fork has webrtc support

  807. edhelas

    moparisthebest well I basically had everything in the XEPs to do the conversion between SDP and Jingle

  808. moparisthebest

    Just signaling doesn't use xmpp

  809. edhelas


  810. moparisthebest

    So take some code from there, implement signaling part with jingle, done

  811. la|r|ma

    moparisthebest, which fork?

  812. moparisthebest

    la|r|ma: uuuhhhhh author responded in that issue

  813. moparisthebest

    Spreedbox or something?

  814. lskdjf has joined

  815. Link Mauve

    edhelas, I’d really like to interoperate between the desktop and the web, I just sent an email to the Jitsi guys about that.

  816. Ge0rG has left

  817. edhelas

    sure, would love to try interroperability with Jitsi, and why not Dino one day :)

  818. edhelas

    moparisthebest I've also anotated the XEP numbers in the file :)

  819. Ge0rG has left

  820. la|r|ma

    I build a PoC for Jingle with Dino half a year back (only basic unencrypted audio via ice-udp)

  821. edhelas

    I'm really impatient to show all those nice features interroperable between Dino, Conversations, Movim and others :)

  822. edhelas

    SàT also for the social part

  823. la|r|ma has left

  824. Ge0rG has left

  825. marc has left

  826. jjrh has left

  827. jjrh has left

  828. Ge0rG has left

  829. jjrh has left

  830. moparisthebest

    Would that part of movim work with prosody?

  831. jjrh has left

  832. jjrh has left

  833. edhelas

    eheh, nothing relies on the servers :D

  834. edhelas

    it's a pure client implementation

  835. edhelas

    well I still have to implement TURN/STUN if the XMPP server offers it

  836. Ge0rG has left

  837. Zash has left

  838. Ge0rG has left

  839. moparisthebest

    edhelas: will I meant movim in general

  840. edhelas

    not yet

  841. edhelas

    still waiting for proper pubsub support

  842. moparisthebest

    I know it needs pep stuff prosody doesn't have yet

  843. moparisthebest

    But does plain chat and that webrtc stuff work

  844. edhelas


  845. moparisthebest

    I'll have to try it :)

  846. jjrh has left