-
Neustradamus
For info: https://dev.gajim.org/gajim/gajim/blob/gajim-1.0.0/ChangeLog
-
edhelas
Dave Cridland hi :)
-
Zash
Where do I vote for having Dave be put in charge of naming things?
-
Kev
Try the having-vote-place.
-
Zash
So I just put "Dave gets to name things" on a blank vote in the coming general elections?
-
jonasw
:D
-
jonasw
I wasn’t sure whether he was drunk and whether I should really merge that :-)
-
goffi
https://news.ycombinator.com/item?id=16611579
-
Ge0rG
Pigeon, one of the two big players in xmpp.
-
tim@boese-ban.de
looking at my roster, its still widely used :(
-
Ge0rG
tim@boese-ban.de: I've heard of a client called Pidgin, which has a pigeon logo.
-
tim@boese-ban.de
Ge0rG, I think the author wanted to say pidgin
-
waqas
I've also heard about it
-
Ge0rG
tim@boese-ban.de: I don't know. Maybe. But even then, claiming that pidgin and empathy, of all, are the important clients, is a very wide stretch
-
Neustradamus
Ge0rG: ah ah
-
Neustradamus
gaim :D
-
Ge0rG
It's like I would use my HN karma to advertise yaxim, which nobody has ever heard of.
-
Neustradamus
http://www.tuteurs.ens.fr/logiciels/gaim_1.png
-
Ge0rG
,oO( https://du7ybees82p4m.cloudfront.net/5710e5c78b7945.23147303.jpg?width=910&height=512 )
-
Neustradamus
Miam
-
Zash
Ge0rG: The are or have been shipped by major distros as The Default, so it's safe to assume that they are widely used.
-
Ge0rG
That sounds like the Internet Explorer argument.
-
Zash
Ge0rG: I suppose "important" isn't the right word
-
Zash
But something
-
Zash
The IE situation is not too far off tho.
-
Ge0rG
The new bookmarks looks like a sensible cleanup of the old mess, but it's not going far enough in my eyes. It would be nice to have some kind of per device / per device class autojoin, and the nickname should be stored either centrally or in each bookmark to prevent conversations from automatically using my local part
-
Zash
There's a XEP for that
-
Zash
The Centralized Canonical Nickname
-
Zash
-xep user nickname
-
Bunneh
Zash: User Nickname (Standards Track, Draft, 2012-03-21) See: https://xmpp.org/extensions/xep-0172.html
-
Ge0rG
So all the user's clients should subscribe to the pep node.
-
moparisthebest
Ge0rG: that sounds good, I have mucs I want to autojoin everywhere but also mucs I only want to autojoin from the desktop
-
lovetox
but this seems a bit complicated to me
-
lovetox
how would you identify the devices?
-
lovetox
with resource seems a bit flaky
-
MattJ
I think clients should just keep their own overrides
-
MattJ
trying to categorise clients is too complex
-
lovetox
yeah so if you bookmark a channel from your phone, and you have a checkbox "autojoin only from this device", the client should set autojoin=false to pep, and save a override for this bookmark localy in the db
-
lovetox
so this works also now, no need to add anything to the xep
-
MattJ
Yep
-
MattJ
and clients don't have to support this if they don't want to, so it keeps the protocol simple
-
lovetox
so how far are we in prosody with publish options and persistence support?
-
MattJ
persistence is in trunk, if you enable mod_pep_plus (this is still considered 'beta', and will be merged into mod_pep after more people have tested it)
-
MattJ
publish-options is in progress, mostly done I think, I just need to test it
-
lovetox
what i also thought when ready the new xep, would it not be easier to let the server just set the correct node config for the new bookmark namespace
-
lovetox
instead of hoping that every dev reads the xep and applies publish options
-
lovetox
*read
-
Holger
Then again the client dev can't just blindly publish bookmarks hoping the server will do that.
-
lovetox
if its written in the xep that the server must do this ..
-
Holger
It's not today.
-
Holger
Ah the new one.
-
lovetox
its also not mentioned there
-
lovetox
but there is something in there, that the server has to merge items or stuff
-
lovetox
so server has to do something for this xep anyway
-
MattJ
oh really?
-
MattJ
I'd better read it then...
-
lovetox
When a client publishes a new item, the server MAY collate all items, casting them into the 'storage:bookmarks' namespace and setting the jid attribute to the item id in each case.
-
lovetox
but yeah all optional
-
pep.
Dave Cridland, what are the "security reasons" mentioned for the password field? Is it because you don't want that to be clear on the server? Or on the client? (or both)
-
pep.
Also SamWhited ^
-
lovetox
i find this a bit overboard to remove password from the xep
-
pep.
same
-
lovetox
only because the admin of the server can read the password?
-
lovetox
so what nobody cares
-
lovetox
regular people just set the password to hinder other regular people to join the channel
-
lovetox
not to protect super secret information from bad server admins
-
lovetox
its probably easier for the admin to just read the logs
-
MattJ
If you're protecting from the admin, they can just reset your password and log in as you and join a members-only room anyway
-
lovetox
also the description: Unencrypted string for the password needed to enter a password-protected room.
-
lovetox
it would not help in any way if the password would be unkown to the admin
-
waqas
There's technically sasl for MUC, but I think Prosody is the only implementation, don't think any clients implement it.
-
lovetox
admin can do what he wants
-
waqas
But as MattJ said, admins can usually reset passwords, and often just modify the server if they want to
-
lovetox
so i even question the "not recommended"
-
lovetox
i think this stems from a time, where xmpp connections where not TLS secured
-
lovetox
or it was not that common
-
lovetox
*were
-
MattJ
but then an attacker would see the password when you send it to the room anyway...
-
MattJ
and so would the server admin :)
-
MattJ
mod_log_room_passwords would be trivial :)
-
MattJ
so yes, I don't think this is really protecting anyone from anything
-
lovetox
no i meant the warning about sending passwords unencrypted stems from a time where TLS was not common
-
MattJ
Right
-
lovetox
today i see no problem with it because we can assume everything is TLS
-
lovetox
and we cant do anything against admin anyway
-
MattJ
The only other thing you might be protecting against is someone who gains access to your account
-
MattJ
If passwords are not in bookmarks, a new device has to ask for passwords for autojoin MUCs on initial use
-
lovetox
first thing that will happen if we dont sync passwords, people will come and ask for password sync xep :D
-
pep.
MattJ, I think at this point you've pretty much lost already
-
pep.
I wouldn't worry about some random MUC's passwords
-
MattJ
The MUC owner may :)
-
pep.
You can just change the password..
-
lovetox
is there any client that has some cool concept for message type "normal" ?
-
pep.
I think psi has a different view for them
-
lovetox
gajim now opens a single email like window, where you can answer and prev message is quoted
-
Ge0rG
lovetox: will that window steal focus?
-
pep.
MattJ, one issue I can see is another user gaining access to the muc, and then mam_muc
-
lovetox
Ge0rG, depends, default you get only a notification and if you open the notification the window opens
-
pep.
Not sure what to do exactly for this, but I don't think the issue is the password
-
lovetox
so no, its not that horrible
-
Ge0rG
Ah, that's okay I suppose
-
lovetox
:D
-
lovetox
i mean i could make a window like a email client
-
lovetox
that looks like a inbox
-
lovetox
and all messages go in there
-
lovetox
but this really feels weird, like if you want email just use email
-
Ge0rG
lovetox: and are there still dialogs in 1.0 where the JID is split into two input fields for local part and host?
-
Ge0rG
lovetox: and are there still dialogs in 1.0 where the JID is split into two input fields for local part and host?
-
Ge0rG
lovetox: and are there still dialogs in 1.0 where the JID is split into two input fields for local part and host?
-
Ge0rG
Sigh. I really need to fix this race condition.
-
lovetox
wow you sent this message 3 times
-
pep.
:D
-
lovetox
am yes i know its a wish of yours, but account creation assistent has not been reworked
-
lovetox
but i guess its a good idea to add for the gajim 1.1 milestone
-
Ge0rG
lovetox: I wrote it during a stream resume, so it was first delivered normally but didn't count for the stanza counter, then it was delivered again by 0198 and then again by the sync after connect code. It's a nasty race condition I really need to fix
-
pep.
Ge0rG, at least you're not losing the message :-°