XSF Discussion - 2018-02-10

  1. moparisthebest

    zinid: so e2e isn't important but muc Avatar is?

  2. moparisthebest

    Sorry I'm just trolling :)

  3. moparisthebest

    That's the good thing about open protocol and community, everyone can work on what's important to them :)

  4. zinid

    marc, yes

  5. zinid

    moparisthebest, and what are you working on? 🙂

  6. moparisthebest

    zinid: my most recent xmpp related thing? Client side components/gateways

  7. zinid

    moparisthebest, where is your e2ee implementations?

  8. moparisthebest

    Omemo and pgp work fine :)

  9. zinid

    yeah, tell that 1000 times and you this will become truth

  10. Zash

    You should read Daves membership reapplication

  11. zinid

    damn, there is a wall of text again

  12. zinid

    well, that's Dave 🙂

  13. zinid

    ok, I read briefly and understood nothing

  14. moparisthebest

    Countless e2e xeps?

  15. moparisthebest

    I only know of 3, 2 of which are pgp and not forward secret

  16. moparisthebest

    I guess you could add OTR in there

  17. zinid

    so if a protocol has a drawback then it's not counted as a protocol?

  18. zinid

    (I'm not even starting to debate lacking forward secrecy is a drawback)

  19. moparisthebest

    No I didn't think otr was a xep

  20. zinid

    moparisthebest, there is also I-D about new e2eee

  21. moparisthebest

    It's just text encryption people sometimes use over XMPP

  22. zinid

    so we have omemo, otr, pgp, and that new I-D

  23. zinid

    four xeps

  24. zinid

    damn, we probably even have less for file transfer 😉

  25. moparisthebest

    2 different pgp xeps

  26. zinid

    5 xeps

  27. Zash


  28. moparisthebest

    Still way less than countless and almost half are not forward secret

  29. moparisthebest

    Never heard of them

  30. daniel

    I guess you didn't use gajim then until three years ago or so

  31. moparisthebest

    2013 I think

  32. moparisthebest

    I used pgp then

  33. zinid

    moparisthebest, just implement the protocol where you exchange messages via direct p2p jingle sessions, and call it a day

  34. zinid

    I think you can install a session via jingle and then use that server-less protocol

  35. zinid

    what xep is that...

  36. Zash


  37. zinid


  38. moparisthebest

    zinid: that's tox and eats battery

  39. zinid

    who cares? nobody will use it except you and a few other nerds

  40. moparisthebest

    Well and that would also leak your IP

  41. zinid

    you can live with that I think

  42. moparisthebest

    Tox doesn't do that

  43. zinid

    doesn't do what?

  44. moparisthebest

    I can also live with pgp or omemo

  45. zinid

    moparisthebest, the problem is that others cannot leave with omemo

  46. moparisthebest

    Tox does stuff like tor to avoid leaking your IP

  47. moparisthebest

    Then don't turn it on?

  48. zinid

    moparisthebest, I didn't turn it on, but I see other XEPs start to suffer from this OMEMO shit

  49. moparisthebest

    One could say this vcard shit is spreading too

  50. zinid

    right now we cannot put any data outside <body/> element, because it's "insecure" and "metadata leaks"

  51. zinid

    moparisthebest, vcards forbid me to attach elements to stanzas?

  52. moparisthebest

    The new pgp xep fixes that

  53. moparisthebest

    And in a way omemo can reuse

  54. zinid

    fixes what?

  55. moparisthebest

    It encrypts entire XML sections

  56. zinid

    so daniel will implement SIMS finally?

  57. moparisthebest

    Not just body

  58. Zash

    How do you turn OMEMO off?

  59. moparisthebest

    Isn't it off by default

  60. zinid

    Zash, good question, I don't think it's possible to disable OMEMO for incoming messages

  61. zinid

    at least in conversations

  62. Zash

    Pretty sure all the clients will just publish keys and stuff without asking first

  63. zinid

    moparisthebest, it's enabled in Conversations, you still can get incoming messages even if you don't press that "lock icon"

  64. rion

    is there any xep to have "message displayed" event? it was in xep-0022 but then it was obsoleted.

  65. Flow

    rion, "displayed" is considered as an bad idea by some (incl. me) for a federated network, but we have delivery receipts

  66. Flow

    and it's trivial to build a "message displayed" mechanism for your internal usage

  67. daniel

    rion: xep333

  68. Zash

    chat states, message receipts, 333

  69. rion

    yeah 333 seems to exact match :)

  70. rion


  71. Flow

    daniel, wasn't xep333 the one you wanted to take care of?

  72. daniel

    Flow: yes

  73. Flow

    daniel, what was the issue with it again?

  74. daniel

    No major issues. I wanted to clarify it a bit and change some of the rules

  75. jonasw

    I read that as "nothing. just everything" :-). good morning everyone.

  76. jonasw

    eh, not even morning anymore

  77. Flow

    daniel, ahh ok, i thought there where some major issues with it

  78. Seve/SouL

    Do you guys know which XMPP server do they use?

  79. Seve/SouL


  80. edhelas

    If I'm not wrong it was a tuned ejabberd

  81. SamWhited

    I was told MongooseIM at some point