So this is like POSH but with added connection infos
lovetox
though what is the use case
lovetox
?
lovetox
is there a use case where we cant put these infos into srv entrys?
alacerhas left
jonasw
lovetox, not sure if one can resolve SRV from within a web client
jubalhhas joined
danielhas left
pep.
https://www.w3.org/TR/raw-sockets/
danielhas joined
Ge0rGhas left
Dave Cridlandhas left
SaltyBoneshas left
SaltyBoneshas joined
Ge0rGhas left
Zashhas joined
marmistrzhas joined
Alexhas joined
rtq3has joined
nycohas left
mimi89999has left
alexishas left
alexishas joined
alacerhas joined
jubalhhas left
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
jubalhhas joined
jubalhhas left
jerehas left
jerehas joined
alacerhas left
lovetoxhas left
Dave Cridlandhas left
marmistrzhas left
Dave Cridland
moparisthebest, I'm going to need a crapload of reasons why this proposal isn't duplicating DOH etc.
jonasw
DOH?
rtq3has left
rtq3has joined
daniel
Because nobody supports DNS over http🙄
lovetoxhas joined
daniel
I see your point though
goffihas left
jonasw
moparisthebest, have you seen https://xmpp.org/extensions/xep-0156.html#http ?
lovetoxhas left
Dave Cridlandhas left
Nekithas left
lovetoxhas joined
Dave Cridlandhas left
Wiktor
jonasw: for discovering domain name and port an extension to XEP 0156 would be IMHO sufficient, but as far as I can see moparisthebest wants something that could contain info about SNI/ALPN to be used as well as public key pins, etc.
jonasw
uh
jonasw
that doesn’t make sense to me
jonasw
but I bet there’s a rationale
Dave Cridlandhas left
marmistrzhas left
jubalhhas joined
Wiktor
especially that public key pinning is being withdrawn from browsers...
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
ralphm
Well, yeah. The problem with HPKP *in the browser*, is that if at a point in time, the wrong header was received by the browser, there is no way to undo this, except for waiting until that header's expiry. Besides the actual owner of the website messing up, the other issue is with somebody hijacking your website in some way, if only temporary, and issuing cripling headers.
ralphm
Of course, for mobile apps, this is different. There, you still have the option to issue a new version of your app.
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Ge0rG
apps should just do cert pinning
Wiktor
ralphm: yes, but the xeo that moparisthebest is authoring would be more similar to hpkp in the browser (as I guess xmpp clients would not ship with this list and would not update the list as servers change their pins)
ralphm
Ge0rG: please explain how you handle cert expiry. Unless you meant public key pinning, in which case I will ask: how do you handle revocation in case your secret key is compromised?
Wiktor
Ge0rG: cert pinning can be more dangerous than key pinning, in case someone revokes your cert you're out of options, see https://scotthelme.co.uk/the-power-to-revoke-lies-with-the-ca/
jubalhhas left
ralphm
Wiktor: I think HPKP definitely has merit, so if you can mitigate the above by having some way to recover from faulty headers, yay!
Ge0rG
ralphm: indeed I'm using "cert pinning" as a loosely defined term for pinning either the SPKI, the certificate or the CA cert.
Ge0rG
ralphm: which of those should be taken, I'd decide on a case-by-case basis
Wiktor
ralphm: well, it's just a very sharp blade, if you take extra care then sure, but I wouldn't recommend it lightly
Ge0rG
ralphm: I think it's not too far-fetched to have a long-living self-signed cert for an app and to roll out a new app version in case of compromise.
Wiktor
Ge0rG: new app version? that'd tightly couple client to server, for centralized service such as Signal this is OK but for XMPP all clients would need to be upgraded... unless I'm missing something in this design :)
ralphm
I agree that rolling out a new app is the easier way, but using HPKP in this particular case makes it more seamless to the user. Having to tell your user to upgrade, is a) painful, b) not trivial if you depended on the certificate/key to deliver a notice to the app.
Ge0rG
Wiktor: I'm only talking of apps that are bound to a given service. For other (xmpp-style) apps, I've written https://github.com/ge0rg/MemorizingTrustManager
Ge0rG
ralphm: right. with sufficient planning, you can have a fallback pin in the app, too ;)
Wiktor
got it
jonasw
Ge0rG, I’d have a backup cert in a secure store which the app already trusts. if cert A is comprimised, I roll out cert B on the services. App would distrust cert A once it has seen cert B in the wild.
jonasw
then I’ve got some time to roll out an update with cert B as primary and a new cert C as backup.
ralphm
jonasw: that is more or less exactly HPKP
Ge0rG
There is an easy solution: don't lose your private keys :P
ralphm
Ge0rG: thanks for your theoretical insight
Ge0rG
ralphm: I'm full of those. Ask me for more any time
jonasw
Ge0rG, ah, damn, so simple a plan! pity that *I* didn’t think of that. Maybe make that an RFC, it’s genious :)
ralphm
:facepalm:
rtq3has left
rtq3has joined
lskdjfhas joined
intosihas joined
jubalhhas joined
jubalhhas left
lumihas joined
danielhas left
danielhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
marmistrzhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Lancehas joined
SaltyBoneshas left
mrdoctorwhohas joined
Dave Cridlandhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
lskdjfhas left
jubalhhas joined
Valerianhas left
Valerianhas joined
SaltyBoneshas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas left
Lancehas joined
mimi89999has left
Andrew Nenakhovhas joined
danielhas left
danielhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
danielhas left
danielhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
la|r|mahas left
Tobiashas joined
marmistrzhas left
danielhas left
danielhas joined
danielhas left
danielhas joined
lskdjfhas joined
lskdjfhas joined
Valerianhas left
Valerianhas joined
Guushas left
Tobiashas joined
Lancehas joined
Steve Killehas left
Dave Cridlandhas left
Dave Cridlandhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
jubalhhas left
danielhas left
danielhas joined
danielhas left
danielhas joined
danielhas left
danielhas joined
ThibGhas joined
ThibGhas joined
alacerhas joined
Guushas left
danielhas left
danielhas joined
alacerhas left
rtq3has left
rtq3has joined
Guushas left
Guushas left
Dave Cridlandhas left
alexishas left
alexishas joined
alexishas left
alexishas joined
marmistrzhas left
mimi89999has left
Kevhas left
mimi89999has left
Andrew Nenakhovhas left
Guushas left
Andrew Nenakhovhas joined
Guushas left
Holgerhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Lancehas joined
Andrew Nenakhovhas left
Guushas left
Wiktorhas joined
Guushas left
Guushas left
Andrew Nenakhovhas joined
marmistrzhas joined
marmistrzhas joined
Guushas left
tuxhas joined
Zashhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
lnjhas joined
Dave Cridlandhas left
Dave Cridlandhas left
Zashhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
alexishas left
alexishas joined
alexishas left
alexishas joined
Wiktorhas joined
alexishas left
alexishas joined
alexishas left
la|r|mahas joined
alexishas joined
la|r|mahas joined
lnjhas left
Holgerhas left
alexishas left
alexishas joined
alexishas left
alexishas joined
alexishas left
alexishas joined
alexishas left
alexishas joined
xnyhpshas joined
danielhas left
jonasw
I wonder whether we want a way to signal in-band that an account has been deleted.
danielhas joined
xnyhpshas joined
jonasw
example use-case: user A registers at foreign biboumi instance B, joins a channel and sets it to persistent. account of user A gets deleted. biboumi will forever be in that channel for no use
jonasw
idea: send <presence type="unavailable"><deleted/></presence> in response to presence probes.
MattJ
type="error" <gone/>
MattJ
Already in the RFC
jonasw
MattJ, oh
jonasw
did I say something?
mimi89999has joined
la|r|mahas joined
la|r|mahas joined
Guushas left
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
Holger
But biboumi won't actively contact the JID and hence not receive that stanza error, right?
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
Holger
Oh "in response to presence probes". biboumi generates presence probes?
Zash
Should servers send out that to bookmarked rooms or something?
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
Zash
Would sorta fit with the move towards account based groupchats
la|r|mahas joined
la|r|mahas joined
pep.has left
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
jonasw
Holger, yeah, biboumi would have to poll or do something similar
la|r|mahas joined
Holger
That could also help affiliation list entries and nickname registrations and stuff like that.
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
jubalhhas joined
jonasw
(or require presence subscription)
la|r|mahas joined
jubalhhas left
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
alacerhas joined
Valerianhas left
Valerianhas joined
Valerianhas left
Valerianhas joined
Valerianhas left
rtq3has left
jubalhhas joined
jubalhhas left
Lancehas joined
mimi89999has left
Guushas left
Guushas left
Guushas left
lumihas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
lnjhas joined
alacerhas left
Lancehas joined
Dave Cridlandhas left
Dave Cridlandhas left
marmistrzhas left
rtq3has joined
rtq3has left
rtq3has joined
Dave Cridlandhas left
Dave Cridlandhas left
alacerhas joined
tuxhas left
Dave Cridlandhas left
alacerhas left
alacerhas joined
jubalhhas joined
Dave Cridlandhas left
jjrhhas left
Valerianhas joined
jubalhhas left
Dave Cridlandhas left
moparisthebesthas left
moparisthebest
Dave Cridland, DOH is only provided by a few providers and is easily blocked, plus SRV records can't contain sni/alpn info
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
moparisthebest
the entire point of this is to be censorship resistant, I haven't gotten down to use cases and such yet
moparisthebest
it also supports domain fronting and such
Zash
Use Tor?
moparisthebest
I hear china is pretty good at blocking tor
jonasw
I don’t think this makes a lot of sense in general use-cases.
jonasw
china is pretty good at blocking a lot of stuff, even if running via VPN.
Zash
You can't crypto your way out of *blocking*
jubalhhas joined
moparisthebest
you can to a point
Nekithas joined
Zash
And is blocking equal to censorship?
moparisthebest
yes? it's designed to get around blocking
alacerhas left
alexishas left
alexishas joined
moparisthebest
and application code should be able to use the exact same logic as for xep-0368 (and kinda-posh) except a single https call instead of DNS queries
moparisthebest
it's a total hack that shouldn't exist, you can thank oppressive regimes
lovetoxhas left
lovetoxhas joined
Dave Cridland
I don't follow why this is more resistent than DOH etc.
moparisthebest
Dave Cridland, because each xmpp server runs their own
moparisthebest
it's federated
Dave Cridland
So you just block the XMPP server IP as a whole?
moparisthebest
then the operator spins up another xmpp server someplace else
Zash
Calling everything censorship annoys me. :(
moparisthebest
also you can use tricks to make it not look like an XMPP server
SaltyBoneshas left
moparisthebest
(you could inspect IP + User-Agent requesting this document and lie to russian govt with a 404)
moparisthebest
plus it supports domain fronting (send sni someunrelatedservice.com) and nothing else currently does
alacerhas joined
rtq3has left
Yagizahas joined
Ge0rG
Chinese VPN detection is based on traffic patterns, so even if you tunnel through https, they'll throttle you into oblivion
moparisthebest
xmpp runs pretty well on slow connections doesn't it?
Zash
Sure
MattJ
It can do. I'm not entirely certain how many standard implementations handle it
MattJ
e.g. I think some clients aggressively ping the server
moparisthebest
oh thought of another reason for this, telegram is handing different server blocks to different people based on region to make IP blocking harder
moparisthebest
and you can only do that if you can afford to run your own DNS network
moparisthebest
unless it's just a page on a web server in which case any tiny xmpp server can do it
marmistrzhas left
matlaghas left
Ge0rG
how many IP blocks does a tiny xmpp server have, typically?
jonasw
hah
Maranda
0
jonasw
something between 0 and 1 I guess
Maranda
as long as you don't take in account ipv6
Ge0rG
Maranda: how many non-consecutive IPv6 blocks do you have?
Maranda
ipv4 I got like 3 IPs, ipv6 one native, and one /48 tunneled.
Ge0rG
Maranda: 3 IPs from different ISPs?
Maranda
(on the xmpp server vps, but it does different stuff)
alacerhas left
Maranda
Nay?
alacerhas joined
Ge0rG
Maranda: how do you want to get around blocking with that?
Maranda
well they're non consecutive though
jonasw
"how many blocks with different rwhois do you have?" is probably the most reasonable question in this context ;-)
Maranda
the ipv4 addresses are all from different CIDRs
Ge0rG
I've got a dozen or so IPs from my core ISP, over two different CIDRs. And I could arrange for traffic redirects on two other ASNs, more if I involve friends.
Maranda
Ge0rG, I'm not sure neither I care about blocking I just answered your ip question btw
moparisthebest
Ge0rG, well if you could aws and such, a lot
Ge0rG
moparisthebest: do the moxie dance?
moparisthebest
regardless, way more than if you have to run your own distributed global dns network
moparisthebest
Ge0rG, that's the whole point yes
jonasw
I don’t see use in that, to be honest
jonasw
it will be way too complex for any server or client to implement *with actual benefit*
Marandagives an eerie stare at XEP-0357
Andrew Nenakhovhas joined
j.rhas joined
jjrhhas left
j.rhas joined
moparisthebest
jonasw, anything that implements 368 and http upload should be able to implement this with, ~20 lines of code max?
jonasw
moparisthebest, but there’s no benefit
jonasw
as Ge0rG said, you need quite a bit of resources (both time and money) to do the things which bring the benefit here
moparisthebest
jonasw, the benefit is evading blocks
jonasw
I am aware
Valerianhas left
Valerianhas joined
Ge0rG
you can't evade blocks if all you have is one IP address.
jonasw
yeah
Lancehas joined
moparisthebest
you can if they don't know it's an xmpp server, and you can for a bit
moparisthebest
then you jump to a different xmpp server
jonasw
yeah, but, who has the time resources to actually do that
moparisthebest
plus right now even big xmpp servers can't do domain fronting etc without custom clients
Dave Cridlandhas left
moparisthebest
this would enable that too
Maranda
well I added on lightwitch.org a xep 368 record for direct tls c2s on port 443, I played with port multiplexing a bit.
Maranda
:P
jonasw
yeah, 368 was simple and such, which is why it gained adoption really fast
Maranda
and noticed Conversation is actually using it.
jonasw
but this isn’t simple
moparisthebest
explain how it's any different?
jonasw
and it doesn’t bring any benefit without additional resources (time to hop IPs, and the actual IPs to hop to)
Maranda
jonasw, I'm not sure if I should consider implementing direct tls for s2s too...
Kevhas left
moparisthebest
jonasw, it does, domain fronting
jonasw
moparisthebest, where does that still work?
jonasw
I heard google and AWS kill you if you do that
moparisthebest
if you are a huge service like signal maybe
Dave Cridlandhas left
moparisthebest
just as a future view, this is step 1 to censorship (blocking for Zash) proof xmpp
moparisthebest
other stuff we talked about is being able to keep your contact list/conversations and hop between any xmpp server you like at any time, even being able to be connected to multiple at the same time (clients would ignore jid and use a cryptographic identifier instead, servers would be unchanged)
moparisthebest
fun stuff
Marandahas left
moparisthebest
oh also allowing contact's clients to route messages, the fun possibilities are endless
jonasw
that’s mostly stuff you talked about, which I personally find quite unneeded and overkill
jonasw
before venturing in that direction XMPP should get it’s basic sh*t together.
jonasw
we’re still losing messages (#thanksomemo)
Dave Cridlandhas left
moparisthebest
sure if you don't live in a place that is blocking secure chat apps this is entirely un-needed jonasw
ThibGhas joined
jonasw
moparisthebest, a place which is blocking secure chat apps will block XMPP too when the time has come
Zash
Yeah, can we get all our shit, put it in backpack, so it's together.
moparisthebest
not if we make it impossible to block with those changes?
moparisthebest
that is after all the entire point
jonasw
that won’t make it impossible.
jonasw
only harder
moparisthebest
you only have to make it hard enough so it's not worth trying
Valerianhas left
Valerianhas joined
Zash
moparisthebest: https://www.schneier.com/books/secrets_and_lies/pref.html this was a good read
moparisthebest
it looks like https, anyone can use any server, so as fast as you block them, new ones pop up and you interrupt no one
Dave Cridlandhas left
Zash
I think you need to read it
jonasw
moparisthebest, it does not look like HTTPS
jonasw
it may look like HTTPS on the byte level
jonasw
but the chinese are very godo at blocking based on patterns
jonasw
you won’t stop /that/ with your fancy stuff
jonasw
(with patterns, I mean packet sizes and timings)
moparisthebest
so it looks like any modern interactive html5 app?
jonasw
moparisthebest, not quite
jonasw
take a look at their research.
j.rhas left
jonasw
they can detect e.g. Facebook quite certainly even through a VPN.
Holger
> being able to keep your contact list/conversations and hop between any xmpp server you like at any time, even being able to be connected to multiple at the same time (clients would ignore jid and use a cryptographic identifier instead, servers would be unchanged)
Haha, sure. We fail at fixing avatars.
moparisthebest
Zash, I read this one https://www.schneier.com/books/data_and_goliath/
j.rhas joined
waqashas joined
jonasw
my thoughts exactly, Holger
Dave Cridlandhas left
moparisthebest
that's just client-side changes though, you could make a version of conversations that did that today without anything extra required from servers
moparisthebest
it would even be backwards compatible with other clients, though not very friendly UI wise in them
jonasw
"just clients"
jonasw
because clients aren’t the main problem :)
moparisthebest
you specifically mentioned avatars which require all clients and all servers to change
moparisthebest
you'd agree changing a single client is easier right?
Holger
Well if we're just interested in a single client then the avatar issues become much easier to solve as well.
Holger
Whatever. Just implement it if it's so simple?
moparisthebest
I plan to
Holger
+1
moparisthebest
I don't really write specs without implementations
moparisthebest
usually the implementations come first, I think that makes me a bad programmer, oh well :)
Zash
I think you wanna write specs and implement at roughly the same time
MattJ
+1
Zash
Maybe think real hard about requirements first.
Zash
But all that goes out the window when you start implement anyways
MattJ
I don't think I've ever seen a pre-written spec survive an implementation unscathed
Ge0rG
> clients would ignore jid and use a cryptographic identifier instead
Congratulations, you just combined the drawbacks of XMPP with the drawbacks of p2p systems and the drawbacks of mixnets
jerehas joined
Yagizahas left
moparisthebest
I looked at it the other way, benefits if p2p systems plus benefits of XMPP
Ge0rG
moparisthebest: what's the benefit of XMPP once you replace JID-based routing with crypto identifiers?
Ge0rG
Why not XEP-0174 over .onion nodes?
Zash
Why not normal xmpp over .onion?
moparisthebest
Ge0rG, routing is still jid-based, clients just collapse multiple JIDs using the same crypto identifier under one 'contact'
moparisthebest
and the benefit is still all the other things xmpp provides, one of the biggest being it's mobile-battery-friendly
Ge0rG
moparisthebest: how do you tell your buddies about your new JID if they also just switched JIDs because of blocking?
jonasw
I don’t even want to think how that works with MAM queries
jonasw
or MUCs.
jonasw
or anything non-trivial really
Ge0rG
moparisthebest: you just invented a crypto-overlay network over XMPP.
moparisthebest
right that's exactly what it will be
Ge0rG
moparisthebest: but WHY?
moparisthebest
fun and censorship resistance? :P
jonasw
for certain definitions of fun
jonasw
not to kinkshame, but I’m not into that I think
Ge0rG
moparisthebest: it won't get you censorship resistance.
Ge0rG
moparisthebest: because once your server is censored, you have no way to find out the new identity of your friends
moparisthebest
I guess that is a problem if you both switch at the same time
moparisthebest
DHT over XMPP ?
Ge0rG
why use xmpp if you can have QUANTUM BLOCKCHAIN TECHNOLOGY!