Guus(His JID is in the XEP, in case you're having trouble reaching him)
Guushe's usually very responsive.
danielYes
Dave Cridlandhas left
Steve Killehas left
Steve Killehas joined
marchas joined
dwdhas joined
Guushas left
Yagizadaniel, I'd like to discuss it
Guushas left
YagizaGuus, I guess, discussing XEPs in the MUC is better than privately
Dave Cridlandhas left
Dave Cridlandhas left
Yagizadaniel, I don't know if this was already discussed, but I believe the XEP is missing file hash support.
Yagizadaniel, how do you feel about adding it?
dwdhas left
danielhas left
danielhas joined
danielYagiza: who should add and who should check the hash?
Yagizadaniel, client should add and server should check
Seve/SouLhas joined
andyhas joined
YagizaThe idea is providing file hash in <request/> element instead of or along with file name.
Guushas left
YagizaA server must check the hash. If it already has file with provided hash, it must reply with <slot/> without <put/> element. Instead, it must contain <exist/> element.
Steve Killehas left
rionhas left
YagizaOnce client received such reply it must consider that file was already uploaded to the server before and should use URL provided in <get/> element to access the file.
danielSo this is about dedup and not integrity?
andyhas left
danielhas left
danielhas joined
Yagizadaniel, we may neglect this possibility, like we do it with Avatars, Entity Caps and so on.
Yagizadaniel, even bitcoin neglects possibility of duplicated wallet address. It just generates random hash. Probability of uploading two different files with the same SHA-1 (or SHA-256) on the server is about zero. So, I don't see any problem here.
Yagizadaniel, but we get rid of unnecessary uploads, which is very useful.
Martinhas joined
danielYagiza: I'm gonna keep this in mind in case I'm going to work on the XEP again
Alexhas joined
ralphmhas joined
Yagizadaniel, ok
marchas left
Yagizadaniel, if you have no time for that, I can try to make a PR or some other way send updates for the XEP if you like.
marchas joined
lskdjfhas joined
marcKeep in mind that this extension may leak "sensitve" information
SaltyBonesYagiza, if you dedup across users make sure to consider the privacy implications.
ralphmhas left
marcSaltyBones: what I said :)
HolgerAh I thought this was only about your own uploads. And didn't get the point.
HolgerYes you don't want to dedup across users.
SaltyBonesmarc, I know, just wanted to be explicit. ;)
KevIt looks like a nice way to check if a service has certain files uploaded, yes.
YagizaSaltyBones, marc, what do you mean? Someone knowing file hash may and knowing a server where it is may get access to the file?
rtq3has left
rtq3has joined
marcYagiza: One would be able to automatically check if a file was shared on the server
HolgerYagiza: What's your use case in practice? You and me uploading the same cat pic?
YagizaHolger, not only.
danielAlso dog pics
HolgerAh.
YagizaHolger, 1st use case: I've uploaded a pic, to embed it into my message with HXTML-IM.
Lancehas left
YagizaHolger, then I try o send a message with the same pic to another contact.
KevIn that case you already know the URI and can re-use it?
danielhas left
danielhas joined
YagizaKev, I must cache those URLs somewhere.
goffiKev: only if you are on the same device.
YagizaKev, but why client must do such stupid things, if a server can?
goffi(and client)
Yagizagoffi, yes
danielhas left
danielhas joined
YagizaHolger, another use case:
andyhas joined
marcYagiza: you could restric it for own file uploads but it would not work with OMEMO without leaking information I think
HolgerSo the first use case doesn't cross user boundaries. Sounds like a corner case to me though. Not sure you want a protocol extension for optimizing a corner case.
Yagizamarc, which leaks are you talking about?
Guushas left
danielmarc: well the hash would be on the encrypted file
danielWhich breaks the dedup of course
YagizaHolger, why not?
marcdaniel: indeed
goffido we have a XEP for storing encrypted files?
HolgerYagiza: Because keep it simple. If you start optimizing corner cases you end up with an unnecessarily bloated extension nobody wants to implement. 0363 is widely adopted because of its simplicity.
Lancehas joined
marcdaniel: you could use the plain file hash but then you have to store the correspondig key on the device which leaks info and has the same issue as without this extension
flowWhat Holger said
stefandxmhas left
YagizaHolger, what do you mean by "corner cases" now? What are use cases for this XEP, if not uploading files for sharing (and) reusing links to them?
Lancehas left
ralphmhas joined
danielhas left
danielhas joined
HolgerYagiza: By my definition, a corner case is one that applies to no more than 7.846 percent of the uploads in practice. According to my crystal ball, your case is way below that threshold.
YagizaHolger, so, please tell me your vision of use cases of XEP-0363
SaltyBonesThis is not super interesting in practice because http upload is restricted to small files anyway so reuploading is and storing copies is cheap.
marcYagiza: sharing files is the main goal
marcAsynchronous and across multiple devices
marcAnd in group chats of course
Ge0rGhas left
HolgerYagiza: Sharing cat pics.
HolgerOr maybe even dog pics. Daniel seems to support those as well.
andyhas left
HolgerSo don't tell me I have no great visions!
YagizaHolger, ok. And when you share cat pics, it's not supposed to share the same pic with different contacts?
HolgerYagiza: 0363 supports that. You just re-upload.
SaltyBonesYagiza, with small files adding dedup is just not worth the effort...
jonaswYagiza, either re-upload, or keep a cache of the last N links shared in your client
jonaswyou can even do that across devices, because youβ[l download them for display anyways
SaltyBonesYagiza, if you want to share larger files maybe http_upload is not the right tool for the job?
goffiYagiza: Jingle-FT is more adapted for bigger file, and it already support hashes
danielhas left
danielhas joined
Guushas left
jonaswif Http upload implementations were using SIMS, youβd even get the hash carbon-copied for free
jonaswso you can easily dedup locally without privacy implications :)
YagizaHolger, well. The idea is avoiding unnecessary reuploading. And now you telling that you have to reupload the file. So, why do you call that a coner case, if you admit that the problem is common?
HolgerYagiza: I admitted that? Didn't I already quote my crystal ball?
SaltyBonesYagiza, he is not saying that at all. He said it is uncommon and if it happens you should reupload.
lskdjfhas joined
YagizaSaltyBones, I just want to add optimization where it may be easily implemented. Why do we have such optimizations for avatars, entity caps, BOB and other cases where amounts data we share is also small?
SaltyBonesYagiza, why do you want to add that optimization?
HolgerYagiza: Your optimization is simple, and so are the next 10 enhancements people might suggest for special use cases. The end result is no longer simple.
jonaswYagiza, those are vastly different use-cases
YagizaHolger, so, you don't agree with your crystal ball ;-)
jonaswYagiza, avatars optimize having to re-download the same avatar of the same entity on each presence update. This is a way more massive optimization than optimizing the upload of a link shared twice which can easily be done by the client itself.
KevI don't buy that the optimisation is simple, FWIW.
YagizaSaltyBones, 'cause I like optimizations of course! Optimizations (if they are easy to implement) are always good.
HolgerYagiza: You lost me. Whatever. You didn't convince me it's worth it, and I'd only repeat myself at this point.
SaltyBonesYagiza, that reason is not good enough to justify the work and complexity that it generates.
KevClients remembering URIs is a pretty simple optimisation. Server doing hash checking changes the model for how it needs to be implemented on the server.
Yagizajonasw, IIRC making clients as simple as it possible, leaving all the job to server always was a good idea, wasn't it?
HolgerRight, it's not simple on the server side.
jonaswYagiza, true, but I donβt think that the use-case is even worth the trouble on either
YagizaSaltyBones, which complexity are you talking about?
HolgerYagiza: The idea wasn't making servers unnecessary complex though.
Yagizajonasw, which troubles?
jonaswHolger, actually, a very trivial implementation could be: (a) use hash as file name, (b) handle uploads atomically (like rsync does, itβs not too bad), (c) hash check is trivial now
jonaswYagiza, having to think the privacy implications especially for single-user servers through
Holgerjonasw: Sure it could be done.
jonaswthatβs not much more complex than what implementations are doing already tbh.
danielhas left
danielhas joined
jonaswbut Iβd be worried about the privacy implications. ideally, the URLs would still be unique and ranodm per user, and thatβs where things get complicated
Holgerjonasw: But changing an existing model is not trivial no matter how simple the new solution is.
jonaswthat can probably not be done without a database anymore (for the reverse lookup (hash, user) -> user_file_url)
YagizaHolger, server's job become much more complex, if it will check hashes of files it store? Seriously?
danielhas left
danielhas joined
jonaswYagiza, at leaast it will require a namespace bump
jonaswwe donβt want those
Holgerjonasw: There's existing code to handle quotas and whatnot.
HolgerYagiza: Yes.
jonaswHolger, on *some* implementation s:>
Holgerjonasw: So?
Yagizajonasw, namespace bump? Why?
Guushas left
jonaswYagiza, youβre going to require the client to send a hash, IIUC
Yagizajonasw, yes. But all modern clients already have code to calculate SHA-1, 'cause most of XEPs implemented nowadays require it.
jonaswYagiza, but you still need to change the protocol
jonasw-> namespace bump
andyhas joined
Kevjonasw: I don't think that's true.
Yagizajonasw, but the protocol is still EXPERIMENTAL, so what's the problem?
HolgerIt *should* be true. π
jonaswYagiza, it has massive deployment, thatβs the problem
Holger(We keep having that discussion.)
jonaswthe last namespace bump caused quite a bit of disruption already
KevHolger: Why should it be true?
KevYou're adding an attribute that it's easy to have backwards compat for being missing.
jonaswHolger, Kev, yeah okay, a namespace bump *or* a discoverable feature; but then the servers are going to complain that they canβt rely on the hash and so on.
KevNo attribute, no de-dup.
KevI don't see why that should need a bump.
SaltyBonesjonasw, isn't the point of the namespaces that bumps shouldn't cause disruption? :)
jonaswSaltyBones, they cause disruption if part of the network stops supporting one specific version
jonaswthey donβt cause *erratic* disruption, just well-defined disruption, kinda
KevSaltyBones: No, the opposite. The point of a bump is to cause disruption.
SaltyBones:)
Yagizajonasw, anyone, who implement and deploy EXPERIMENTAL XEP's do know that everything may change dramatically from version to version. SO, once again: what's the problem?
SaltyBonesIn that case I agree.
HolgerKev: I know the idea is ignoring unknown attributes, I just don't like it.
SaltyBonesYagiza, the problem is that you are trying very hard to ignore what people here are saying..
jonaswYagiza, that users donβt care about EXPERIMENTAL vs. DRAFT. they care that they canβt share their catpics anymore.
rtq3has left
rtq3has joined
danielhas left
danielhas joined
Yagizajonasw, so, why do we need to develop XEP's? Let's just make every XEP FINAL from the beginning to avoid such problems for users.
jubalhhas joined
danielhas left
andyhas left
jonaswYagiza, I see your point, and I often concur. Iβm just not sure your use-case is impactful enough to warrant a breakage. and also the feature creep mentioned by Holger.
jubalhhas left
SaltyBonesIndeed, maybe this XEP shouldn't be experimental anymore if it is practically not experimental anymore.
jonaswif we could batch this up with another breaking change (should another one happen with 0363 before it goes to draft), I think thatβd be okay.
YagizaSaltyBones, I didn't ignore anything, replying to almost every statement. I just want to understand your point of view.
jonaswor making it entirely optional, as Kev suggested.
jonaswmight be the case that nobody implements it. which will lead to clients not supporting it and when a server does eventually implement it, theyβll notice that no client can do it and *bam* they drop support of it
SaltyBonesjonasw, that's a lot of wasted effort ;)
jonaswyeah
jonaswI try to recall where that kind of thing happened to me⦠I think with vcard-avatar vs. pep-avatar. or pep-bookmarks vs. private-xml-bookmarks.
Yagizajonasw, yes. Making it optional is a good idea. But this solution will work even with a DRAFT XEP.
jonaswlots of effort only to realize that nobody supports it.
jonaswanyways, lunch
lskdjfhas joined
la|r|mahas joined
la|r|mahas joined
SaltyBonesYagiza, the problem is that it will always be too much work to do anything if people don't believe that it is necessary. And at least the people in here apparently don't.
marchas left
YagizaSaltyBones, I'm not sure. You and Holger. Who else?
SaltyBonesYou don't have to be sure you can keep discussing but I'm out. ;)
stefandxmhas left
YagizaYes. I guess, discussion is over. Everyone, who was interested shared their opinion, Now it's up to daniel, what to do next.
jerehas joined
marmistrzhas left
Martinhas left
jubalhhas joined
lskdjfhas left
lskdjfhas left
Martinhas joined
ovohas left
ovohas joined
rionhas joined
la|r|mahas joined
lskdjfhas joined
Guushas left
marmistrzhas left
Martinhas left
Martinhas joined
marchas joined
andyhas joined
Guushas left
la|r|mahas left
la|r|mahas joined
andyhas left
andyhas joined
danielhas joined
Guushas left
andyhas left
marchas left
andyhas joined
Guushas left
blablahas left
SaltyBoneshas left
andyhas left
vanitasvitaehas left
efrithas joined
rtq3has left
rtq3has joined
Guushas left
Guushas left
andyhas joined
rtq3has left
rtq3has joined
andyhas left
Ge0rGhas left
ludohas joined
ludohas joined
moparisthebesthas joined
Ge0rGhas joined
danielhas left
danielhas joined
marmistrzhas left
ralphmhas joined
tim@boese-ban.dehas left
tuxhas joined
danielhas left
danielhas joined
marchas joined
winfriedhas joined
stefandxmhas joined
marchas left
Zashhas left
lskdjfhas joined
efrithas left
lumihas joined
stefandxmhas left
Ge0rGhas joined
stefandxmhas joined
Dave Cridlandhas left
marmistrzhas left
ralphmhas joined
j.rhas joined
j.rhas joined
moparisthebesthas joined
Guushas left
jerehas left
jerehas joined
moparisthebesthas joined
andyhas joined
Guushas left
SaltyBoneshas left
andyhas left
rtq3has left
rtq3has joined
Dave Cridlandhas left
dwdhas left
Dave Cridlandhas left
dwdhas left
andyhas joined
dwdhas left
andyhas left
rtq3has left
rtq3has joined
dwdhas left
jjrhhas left
vanitasvitaehas left
ralphmhas joined
winfriedhas joined
ralphmhas left
ralphmhas joined
stefandxmhas left
ralphmhas left
ralphmhas joined
danielhas left
danielhas joined
lskdjfhas joined
danielhas left
danielhas joined
lskdjfhas left
danielhas left
danielhas joined
danielhas left
danielhas joined
danielhas left
danielhas joined
jjrhhas left
jjrhhas left
danielhas left
danielhas joined
jjrhhas left
danielhas left
danielhas joined
Guushas left
danielhas left
danielhas joined
Steve Killehas left
lumihas left
danielhas left
danielhas joined
Steve Killehas joined
danielhas left
danielhas joined
marmistrzhas left
danielhas left
danielhas joined
jjrhhas left
matlaghas left
jjrhhas left
danielhas left
danielhas joined
rtq3has left
rtq3has joined
Tobiashas left
j.rhas joined
danielhas left
danielhas joined
moparisthebesthas joined
Tobiashas joined
danielhas left
danielhas joined
ralphmhas joined
j.rhas joined
danielhas left
danielhas joined
jubalhhas left
vanitasvitaehas left
jerehas left
jerehas joined
jjrhhas left
jjrhhas left
ralphmhas left
Kevhas left
SaltyBoneshas left
la|r|mahas left
la|r|mahas joined
marmistrzhas left
Tobiashas left
jubalhhas joined
stefandxmhas joined
Guushas left
j.rhas joined
jjrhhas left
jjrhhas left
Guushas left
Guushas left
jjrhhas left
jjrhhas left
ovohas left
Marandahas left
Marandahas left
Marandahas joined
Dave Cridlandhas left
Marandahas joined
stefandxmhas left
la|r|mahas joined
la|r|mahas joined
moparisthebesthas joined
blablahas left
j.rhas joined
Guushas left
Guushas left
blablahas left
danielhas left
danielhas joined
danielhas left
danielhas joined
Guushas left
danielhas left
danielhas joined
tim@boese-ban.dehas left
jubalhhas left
jubalhhas joined
dwdhas left
danielhas left
danielhas joined
ralphmhas left
Guushas left
ovohas joined
stefandxmhas joined
Marandahas left
SaltyBonesMaybe this is a silly question but what is "Jingle"?
goffiSaltyBones: XEP-0166, or in short a way to establish P2P session
TobiasIt's an abstract peer-to-peer signaling protocol based on XMPP
ZashIf you are familiar with SIP, it's like that
Tobiasjust not encoding things in HTTP like headers but in XML
dwdhas left
SaltyBonesthanks
SaltyBonesgoffi, and you want to use that to build file sharing?
goffiSaltyBones: yes, it's already working actually
SaltyBonesbut you have some sort of dedicated, always-on end-point so it's not really p2p, right?
goffiSaltyBones: it can work between 2 devices
moparisthebestif they are on the same LAN and, in practice, in virtually no other case
goffi(but I have also a component to store files, in this case it's not P2P)
Guushas left
moparisthebestotherwise you have to go through a TURN server which seems far worse than http upload
moparisthebestespecially if you need such a component to store files, why re-invent http ?
KevJingle isn't P2P.
KevIt's a signalling protocol, nothing about it implies it must be P2P (indeed, it's how you negotiate IBB)
SaltyBonesgoffi, what is this for?
moparisthebestgoffi, why is a custom component to store files in any way preferred over an http server?
goffiin my experience the connection is direct most of time. jingle try to establish P2P, but if it can't it will fall back to other mechanisms (proxy, IBB, ...)
goffiSaltyBones: many things. Keeping file for yourself, sharing with other, transmitting files between devices, etc.
SaltyBonesgoffi, just install nextcloud?
goffimoparisthebest: I don't want/need the HTTP overhead, jingle FT is good, and there are already XEPs for file sharing
goffiSaltyBones: why installing and maintaining an other software?
moparisthebestwhat http overhead ?
moparisthebestsurely it's far less than anything you'll come up with in jingle/xmpp ?
moparisthebestjust the negotiation probably takes far more time than an entire http download
Tobiasmoparisthebest, additional code to maintain, all the HTTP corner cases. If you don't have HTTP in your project yet it's a reasonable questions to ask whether you really need to add the full HTTP support.
moparisthebestin my opinion you should use the right tool for the job without reinventing the wheel if possible, if that job is putting files on a server for multiple clients to download, that tool is http
moparisthebestchances are you already have http in your project, but if not, adding it is surely less code to maintain than a custom xmpp component to store files?
goffithere is already a right tool for that with XMPP, and I'm building a XMPP client
stefandxmhas left
rionhas left
SaltyBonesI didn't mean to criticize just curious.
goffiit's OK to criticize, as long as it's not aggressive :)
moparisthebestthere is the saying that if all you have is a hammer everything looks like a nail, it's still not always the right tool for the job
SaltyBonesSo you are building synchronizing on top of jingle ft?
Kevmoparisthebest: And that's a significant problem with people thinking everything needs to happen over HTTP, right? :)
andyhas joined
goffiSaltyBones: no synchronizing (at least not for now), just sharing files.
goffiand also everything is linked to my XMPP account, so permission is trivial to handle.
SaltyBonesgoffi, how is file sharing different from file transfer then?
Tobiasgoffi, +1...getting permissions right with different user groups that fetch stuff via HTTP server gets tricky
HolgerThe right tool for the job is FTP.
moparisthebestKev, the reverse is true also, matrix was the opposite mistake :P
KevHolger: SFTP, I think.
TobiasHolger, right...which is for files, not just for Hypertext
goffiSaltyBones: you can have a list of files, hierarchy, check XEP-0329 it's the one I'm using
moparisthebestFTP is the right tool for no job :P
ZashNothing wrong with FTP
moparisthebestnothing wrong with SFTP, loads wrong with FTP
TobiasZash, as long as you tunnel it over HTTPS, right? :)
ZashHrr
SamWhitedWhich one is SFTP? Is that file transfer over SSH or FTP over TLS?
moparisthebestover ssh, the other is ftps
SamWhitedOne day I will remember which one is SFTP and which one is FTPS
goffi(jingle can use HTTP by the way)
Zashsftp isn't related to ftp afaik, other than in purpose
moparisthebestyep completely different
moparisthebestthere was a really good rundown of all the reasons FTP is terrible written by the author of a really popular FTP server, but I can't seem to find it now...
ZashEverything is terrible
ZashIf you think something isn't terrible, you aren't looking close enough
SamWhitedNot everything is equally terrible though. Some things are less terrible than others.
moparisthebesthttps://mywiki.wooledge.org/FtpMustDie ah there it is
tim@boese-ban.dehas left
ralphmhas left
Marandahas left
SaltyBonesmagic wormhole is kind of cute
Zash"It's old, therefore obsolete"
HolgerBashing FTP is so boring.
HolgerYeah.
andyhas left
danielComplains about FTP being obsolete. Does so on a website that is impossible to read on a mobile phone...
andyhas joined
moparisthebestnot being usable behind NAT or knowing whether uploads/downloads completed etc is also a thing not great for a file transfer mechanism
moparisthebestit's not just the 'old' part
ZashNAT is the evil here, not FTP
Holgermoparisthebest: It's usable behind NAT if your firewall admin isn't stupid, or if you use passive FTP.
moparisthebestnot disagreeing with you, but can't change the world
SamWhitedIt doesn't matter which thing is broken and wrong if the thing I want to use doesn't work. I don't really care whos fault it is or who did or did not work around NATs.
Holgermoparisthebest: It's unencrypted if you don't use TLS, just like HTTP.
moparisthebestit also allows data to be unencrypted even if you do use TLS, unless you do special things
SamWhitedI am tempted to say that there is no situation in which FTP is the correct tool for the job when rsync exists, except that as far as I can tell the rsync protocol is completely undocumented.
SaltyBonesThe universal law of users: Whatever changed last is responsible for all problems. :)
Holgermoparisthebest: What? I don't know of an FTPS client that requests unencrypted transfer by default.
rtq3has left
rtq3has joined
HolgerSamWhited: rsync is *very* expensive.
moparisthebesthopefully not
SamWhitedHolger: that's fair
SaltyBonesgoffi, does the jingle ft understand when your devices are both on lan and then send the file locally?
SamWhitedalthough it's not a problem I run into most of the time, I can see that being an issue if you have older or very limited hardware
jjrhZash, amen.
Seve/SouLhas joined
vanitasvitaehas left
moparisthebestanyway this is what I have against jingle for file transfer for, you end up doing complicated negotiation, and then 99.9% of the time uploading to a TURN server anyway
moparisthebestexcept unlike HTTP, you have to do it multiple times for each resource that wants the file
MarandaFTP? Who uses FTP nowadays anyways...
moparisthebestand if you don't have access to a TURN server it just fails, most xmpp servers support http upload nowadays, many more than have turn servers...
jjrhMaranda, a surprisingly large amount of people.
xnyhpshas joined
waqashas joined
SamWhitedUnencrypted anonymous FTP is still the only decent way I've found of transfering files between my phone and my computer, although I desperately wish there were another way
lovetoxhas joined
moparisthebestthat's my 2 cents anyway goffi , you are going to put all this work into this amazing software that just won't work on the majority of servers for the majority of users...
jjrhadb push / pull?
danielSamWhited: locally or over the network?
moparisthebestSamWhited, android phone?
Marandathinks he presses that SCP button in SSH clients from quite a while.
SamWhitedmoparisthebest: yes
SamWhiteddaniel: either, I normally do it over lan
danielmtp works fine for me
jjrhmtp is kinda slow
SamWhitedyah, mtp always takes forever for me; not sure why.
ZashI use scp/rsync on my phone.
danielProbably depends on the implementation?
danielI don't transfer large files though
jonaswmtp doesnβt work for me :(
moparisthebestnextcloud/syncthing or also I had an sftp server on my phone looking now...
SamWhitedI tend to be backing up lots of little-to-medium sized files. Pictures and music mostly.
SamWhitedI really should figure out how to do ssh/rsync, that would be nicer.
SamWhitedoh hey, that looks promising, thanks.
jonaswjjrh, so the only way to sensibly transfer files from a commodity device to another one is with a CLI command? seriously? :D
moparisthebestthat supports ssh/rsync, I recall having permissions issues though...
Zashtarpipes!
jonaswSamWhited, I use KDE Connect and MTP, and if neither works (which happens, annoyingly) I eject the SD card.
moparisthebesthaha Zash yes that's actually how I ended up transfering a whole internal sdcard once
jjrhjonasw, of course not. But adb is pretty easy to script, plug in your phone and have a udev rule pull everything.
moparisthebestsomething like tar [stuff] | adb shell su tar [stuff]
moparisthebestadb over wifi
Marandaand usb file transfers on my phone aren't that slow anyways.
Marandabrb
danielhas left
danielhas joined
rtq3has left
SaltyBonesI have nextcloud. Works fine for small files or if you have time. :)
daniel> SamWhited, https://arachnoid.com/android/SSHelper/
Oh that looks cool. Thx
rtq3has joined
HolgerYou guys are all too bored (like me). A useless comment mentioning FTP is enough to spawn a 30 minute discussion on random file transfer issues.
YagizaWell... is there any XEP, which describes using TURN servers for Jingle FT?
SamWhitedThis is great, I've already got it working better than the last SSH thing I triedβ¦
SamWhitedthanks for the recommendation.
jonaswhas left
Guushas left
moparisthebestHolger, clearly file transfer is one of the great unsolved problems of computing
danielYagiza: the jingle ft xep is agnostic of transport. So it should just work(tm)
danielI don't know if many people do implement it though
Holgermoparisthebest: True. But I think this works with more or less arbitray IT questions.
danielMost people use socks
moparisthebestthis morning a co-worker was trying to send me a 3kb PDF over skype for business and it wouldn't work, ended up emailing it :'(
moparisthebestalso companies pay a lot for that software
jjrhhas left
MattJI tried emailing a tarball of .lua files to someone this morning, Gmail rejected it for security reasons and I ended up scp'ing to my server and sending them a URL
Yagizadaniel, I thought Jingle FT uses the same transport types, which SI FT uses: IBB, SOCKS5 and OOB.
moparisthebestso, http upload is the only thing that worked? :P
jonaswhas left
ZashYay only the popular thing works because it's popular.
ZashYa'll know how much I hate things that are popular because of their popularity?
moparisthebestI still agree that sucks, but your choice is just never transfer the file on principle, or, use the way that works
ralphmhas joined
andyhas left
andyhas joined
SamWhitedIt's not popular because of it's popularity, it's popular because it's simple and HTTP is a better tool for the job. It was literally made for downloading small files. Sucks for larger files, but most users want to send cat gifs so I don't really care.
moparisthebestyou could also use sneakernet with a flash drive, but http is easier
goffiSaltyBones: yes, that's one of the interest of the thing
ZashBut it's suffocating everything else :(
ZashWe can't have innovation at the lower layers anymore, and that makes me sad
moparisthebestthat's true, udp/tcp is all we can ever have
jubalhhas left
moparisthebestand even then tcp is just getting re-invented over udp with things like QUIC
ZashAnd soon only TCP/TLS/HTTP
goffimoparisthebest: it's not only with the server, it's also between users (ex. tranfering files from your phone to your desktop machine)
Marandacat gifs π» π
waqashas left
jjrhhas left
jjrhhas left
jonaswhas left
MarandaBut didn't someone just want to use BoB for those things :P?
danielhas left
danielhas joined
winfriedhas joined
Zashgoffi?
goffiZash: yes?
ZashWait, wanted to not use bob because of size restrictions
goffino
YagizaMaranda, I'm using BOB for small pics. For large pics I need to implement using something like HTTP File Upload.
YagizaBTW, I don't see a way to use HTTP File Upload for file transfer without using Jingle FT or SI FT as session negotiation protocol.
SaltyBonesgoffi, I wonder how the fuck that works... :D
MarandaYou do..?
SamWhitedI don't understand what innovating at the lower layers has to do with this; if you want to innovate and make something better than HTTP, do that. Using a bad thing that's complicated and not the right tool for the job isn't going to make it more likely that you displace HTTP.
ovohas left
goffiSaltyBones: many candidate are tested, with priorities. The direct connection on local network is tried first.
MarandaTo me it looked like XEP 363 used PUTs... But maybe I'm just having allucinations as usual.
ovohas joined
MarandaI'm not sure where the Jingleing is required in there π€π€
moparisthebestgoffi, it's just highly unlikely p2p will work ever except in the case of LANs, seems odd to optimize for that, but even if you do go that way for p2p transfers, an http server would still be a better place to put uploads than a custom jingle component
goffithe LAN case in one major use case for me.
goffiand in my experience P2P is working quite often
goffiand I have already all jingle implemented, so why should I implement something else ? Specially when there are already XEPs doing what I need
Guushas left
goffiI really don't see the point of the whole discussion, I've implemented something which is working, based on current XEPs and I'm happy with it (except the point I'm trying to solve on standard@).
jonaswgoffi, how do you solve broadcast/multicast (MUCs) and retrievability while the user is offline?
jonaswis that the Jingle Component youβre talking about? if so, thatβs amazing
goffiMUC is no my use can for now, but anyway I have a component so offline retrieving is not a problem at all.
jonaswI canβt parse that sentence, sorry.
waqashas joined
waqashas left
waqashas joined
goffimy use case*. Sorry to disturb your parser.
tuxhas joined
Marandahas left
moparisthebestgoffi, what transfer method is used if both clients are on different LANs behind NAT ?
goffimoparisthebest: check XEP-0234. Socks5 direct, w/ proxy, IBB in that order.
moparisthebestgoffi, and how does this work with multiple clients?
moparisthebestsame account logged in on different resources that is
goffiI don't get your question, this always work with different clients.
moparisthebestjust super wasteful bandwidth-wise?
moparisthebestyou end up uploading it once for each client?
goffiwhat are you talking about?
jonaswmoparisthebest, IIUC, the jingle transfer is handled by a component. the sender uploads once, everyone downloads from componet.
jonaswitβs kinda like HTTP Upload, but with Jingle instead of HTTP.
jonaswhas left
moparisthebestif I want to share a picture from my mobile phone to a contact connected from 5 clients, my phone ends up uploading that once for each client no?
Yagizamoparisthebest, FT XEPs usually used to transfer file from one client to another. Not to share a file.
Yagizamoparisthebest, for file sharing something like HTTP Upload is better.
moparisthebestbut this is about file sharing no?
Yagizamoparisthebest, Jingle FT? No.
Yagizamoparisthebest, it's just a modern way to do the same as SI FT does.
goffiI think I'll publish a blog post with schematics to make things clear.
jonaswgoffi, sounds like a good plan
moparisthebestYagiza, I meant goffi's thing, but yea that'd be nice goffi
Yagizamoparisthebest, ah, ok
andyhas left
rionhas joined
j.rhas left
j.rhas joined
ovohas left
ovohas joined
Dave Cridlandhas left
jjrhhas left
jjrhhas left
jonaswhas left
Martinhas left
jonaswhas left
lskdjfhas joined
Marandahas joined
jonaswhas left
Lancehas joined
Fabianhas left
Lancehas left
Lancehas joined
Yagizahas left
blablahas joined
jubalhhas joined
matlaghas left
dwdhas left
Lancehas left
ralphmhas left
ralphmhas joined
jonaswwhat do you folks think about Trust-On-First-Use pinning for certificate public keys for XMPP servers?
blablahas joined
Steve Killehas left
Steve Killehas left
j.rhas joined
rionhas left
rionhas joined
dwdhas left
stefandxmhas joined
ZashIt's fine until you change the key for whatever reason.
Steve Killehas joined
Dave Cridlandhas left
Dave Cridlandhas left
Syndacehas left
Syndacehas joined
j.rhas joined
dwdhas left
ludohas joined
ludohas joined
jerehas left
jerehas joined
stefandxmhas left
Steve Killehas left
MarandaUhhh that annoying iChat disco# bug.
Marandapfts.
Dave Cridlandhas left
marchas left
Dave Cridlandhas left
dwdhas left
j.rhas joined
j.rhas joined
andyhas joined
stefandxmhas joined
andyhas left
andyhas joined
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
dwdhas left
Marandahas joined
dwdhas left
moparisthebestjonasw, hpkp-type system would be better, there is even a not-yet-submitted xep
moparisthebestI would love that
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Fabianhas joined
stefandxmhas left
Dave Cridlandhas left
moparisthebestjonasw, xnyhps is the one who wrote it but I cannot seem to find a copy...
jonaswmoparisthebest, NOOOO
jonaswwe have TLSA for a reason!
moparisthebestwell obviously that's best I agree, but when entire domains never implement DNSSEC...
Guushas left
Marandahas left
Marandahas joined
moparisthebestsorry entire TLDs is what I meant to say
dwdhas left
jerehas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Marandahas left
Dave Cridlandhas left
dwdhas left
Ge0rGjonasw: I've written a TOFU kind of library for Android back then for yaxim...
Dave Cridlandhas left
Guushas left
Guushas left
moparisthebestTOFU is better than nothing but not as good as HPKP
moparisthebestbecause you end up asking the user 'SHOULD THEY KEY HAVE CHANGED TO THIS CHUNK OF HEX/BASE64: XXXXX'
moparisthebestand they have absolutely no way to tell
moparisthebestas an admin *I* know, and can just set my pins correctly
Ge0rGmoparisthebest: yes, server admins are the ones to know that best.
Dave Cridlandhas left
Ge0rGmoparisthebest: except for the ones who don't give a yota and have self signed certificates in the first place.
ZashIsn't that being deprecated because people shoot themselves in their foots too often?
moparisthebestthey don't go the extra mile and set up pinned keys either, generally
winfriedhas left
moparisthebestwell iirc chrome is dropping support sometime, I still think that's dumb though
moparisthebestyou can bet they'll leave it enabled for google owned domains
ZashIsn't that hardcoded in the binary?
ZashAs in, not protocol
winfriedhas left
winfriedhas joined
moparisthebestgoogle ones are iirc
Ge0rGYou can get your domain onto the preload list with Google and Mozilla. No idea how that scales.
moparisthebestGe0rG, only for HSTS, not for HPKP
Ge0rGmoparisthebest: oh, I thought you can get both.
moparisthebestHSTS == only ever visit this site via HTTPS and enforce valid CA-issued certs, do not allow click-through bypass
moparisthebestnot unless they changed it
rionhas left
Ge0rGYou still can bypass HSTS with the hot key formerly known as "badidea"
Ge0rGHSTS is probably easier to scale with a bloom filter, as opposed to having a gazillion of server fingerprints shipped in your binary
dwdhas left
j.rhas joined
j.rhas joined
rionhas joined
moparisthebestmere mortals can't bypass it though, my mom couldn't
rionhas left
Ge0rGBefore I learned that trick I couldn't either, and it was bothering me much.
Dave Cridlandhas left
moparisthebestvery rarely do you want to bypass it
moparisthebestthe whole point is because given the choice, people always click through, and if the site says not to, you shouldn't give people the choice
ludohas joined
dwdhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Ge0rGBut *I* do know what I'm doing, sometimes even better than the admin of the site I want to visit.
Dave Cridlandhas left
KevActually, it's something I'd like to do quite often.
KevBecause hotels and capture portals.
moparisthebestyea but you nor I are what anyone would consider average computer users
moparisthebestKev, so you allow the MITM to proceed? or you just mean to get to their terrible agreement page?
KevI mean to get to the agreement page.
KevI typically browse to 8.8.8.8 these days.
moparisthebestI usually type in like bob.com for that
moparisthebestbut yea bad systems
SaltyBoneshas left
Zashexample.com!
danielneverssl.com
Fabianhas left
Dave Cridlandhas left
moparisthebestdaniel, nice!
Dave Cridlandhas left
dwdhas left
ralphmhas joined
dwdhas left
Dave Cridlandhas left
Ge0rGused to use a large German news portal, but then they switched to https... π
Guussomeone, invite me to a muc please?
danielGe0rG: me too π
danielWould probably be a good business model not to offer ssl on your news site. Then people would use it to get around captive portals and spend time on your website while there at it
jonaswGe0rG, heise has SSL by now? :-O
danielhas left
danielhas joined
Marandahas joined
moparisthebestout of curiousity, how many captive portals do you deal with on a weekly basis?
moparisthebestI see 1 or 2 a year :P
danielmoparisthebest: our high speed trains have them
moparisthebestah, makes sense
SamWhitedLucky you; I see a captive portal basically every time I'm on the bus, train, or in most coffee shops.
SamWhitedNot that I take the train much (there is a small one, but it doesn't realy go anywhere here) and only some of the busses have wifi, so mostly just coffee shops.
Guushas left
moparisthebestI see them at hotels, but then there are no trains or buses around here and I don't go to coffee shops so...
danielAnd yes what Sam says. A lot of coffee shops have them
SamWhitedOh yah, and hotels. Every time I travel.
danielThere is probably a Firefox plugin that can auto accept the standard ones
danielOr if there isn't there should be
danielOr just put it in Systemd π
SamWhitedI have strict revocation checking on in Firefox, which is unfortunate since they all block their own OCSP servers and CRLs.
Dave Cridlandhas left
SamWhitedSo I generally have to curl to login
moparisthebestthe first thing I do on strange networks is connect to my VPN though, not open up firefox
KevI'm not sure how that would help. You won't be able to VPN until you've clicked through the page.
moparisthebestopenconnect/ocserv is great for speed and firewalls
Dave Cridlandhas left
moparisthebestyea it doesn't work, then I know I need firefox...
marmistrzhas joined
dwdhas left
SamWhitedAt least one place I go sometimes works by stealing DNS, so if you use a VPN and know your IP (or hardcode 8.8.8.8 or something) then you don't need to sign inβ¦
Dave Cridlandhas left
Dave Cridlandhas left
SamWhitedThat same place also has "admin:password" for the credentials on the router though, so now I don't have a portal at all and if anyone is eating the coffee shop bandwidth with Bittorrent they get mysteriously QoSed.
jonasw:D
danielhas left
danielhas joined
Dave Cridlandhas left
moparisthebestsounds like a case of nephew bob the IT guy setting it up for them
dwdhas left
jonaswhas left
efrithas joined
danielhas left
danielhas joined
dwdhas left
danielhas left
danielhas joined
dwdhas left
Dave Cridlandhas left
Guushas left
goffihas left
ludohas left
ludohas joined
Fabianhas joined
tuxhas left
Dave Cridlandhas left
dwdhas left
Dave Cridlandhas left
Guushas left
jonaswhas left
Marandahas left
Marandahas joined
dwdhas left
j.rhas left
j.rhas joined
stefandxmhas joined
Alexhas left
ovohas left
ovohas joined
Seve/SouLhas joined
rtq3has left
rtq3has joined
ludohas joined
stefandxmhas left
Marandahas joined
danielhas left
Alexhas joined
Dave Cridlandhas left
danielhas joined
j.rhas joined
j.rhas joined
Dave Cridlandhas left
dwdhas left
Tobiashas left
ralphmhas joined
jonaswhas left
Dave Cridlandhas left
dwdhas left
vanitasvitaehas left
jubalhhas joined
marmistrzhas left
dwdhas left
rtq3has left
rtq3has joined
danielhas left
danielhas joined
danielhas left
Dave Cridlandhas left
danielhas joined
Dave Cridlandhas left
dwdhas left
marmistrzhas left
Dave Cridlandhas left
danielhas left
danielhas joined
dwdhas left
andyhas left
Dave Cridlandhas left
Ge0rGWhen I'm desperate enough I fire up iodine and tunnel through the captive portal dns
lskdjfhas left
Dave Cridlandhas left
dwdhas left
Dave Cridlandhas left
dwdhas left
Dave Cridlandhas left
jubalhhas joined
Dave Cridlandhas left
Dave Cridlandhas left
dwdhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
ralphmhas joined
Fabianhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
moparisthebestBeen meaning to set that up
moparisthebestSounds awful but as a last resort...