-
MattJ
Should a MUC room require a password for affiliated JIDs?
-
MattJ
XEP-0045 is silent on the matter as far as I can tell
-
Ge0rG
I'd say yes, for consistency reasons.
-
Ge0rG
But then again... 🤔
-
Kev
I think xep45 should be inconsistent, for consistency reasons.
-
jonasw
well played
-
MattJ
and another case I just hit... if a password is supplied but the room isn't password-protected...? :)
-
Ge0rG
is that due to process consistency, or due to consistency process?
-
jonasw
MattJ, uh... ignore?
-
Kev
Ge0rG: Not sure, but I think so.
-
Ge0rG
MattJ: I'd say: if the joining user is admin/owner, the room should be updated to use the password, otherwise, the user join be rejected.
-
Zash
What if a password is given in the room creation stanza?
-
Ge0rG
</s>
-
Kev
MattJ: There's an argument for rejecting, I think.
-
Kev
If the security properties of the room have changed unexpectedly.
-
MattJ
That's what Prosody currently does, it seems
-
Ge0rG
This is the kind of argument that we owe proxy JIDs to.
-
MattJ
But it doesn't seem very useful (or requiring a password for owner/admin/member)
-
Ge0rG
Yeah, I can see how it might be useful to let the admins in without a password.
-
Kev
Or at least owners.
-
Ge0rG
if the owner wants to exclude admins, they should remove them from the affiliation list first?
-
Kev
Fair.
-
Ge0rG
maybe we should deprecate passwords for the sake of explicit affiliation management and namespace-bump?
-
MattJ
No thanks
-
MattJ
I just used passwords for something
-
Ge0rG
for whatthing?
-
jonasw
namespace-bump XEP-0045.
-
MattJ
jonasw, good idea
-
jonasw
can we tempban Ge0rG from all MUCs for this day? he’s trolling too much :)
-
MattJ
Ge0rG, a system where you invite one JID, but a different JID will join
-
MattJ
So I made a module that injects an invite token into the outgoing invite's password field, and validates the token provided as the password of the joining user
-
jonasw
uhhh
-
jonasw
I’m interested
-
jonasw
I want MUC invites
-
jonasw
to members only MUCs
-
Ge0rG
jonasw: I was just going to say that this isn't possible due to the federated nature of XMPP, but then I realized that there is a person in this MUC who could disable my access to yax.im and firewall me off.
-
jonasw
in onboarding
-
Ge0rG
MattJ: that's... interesting.
-
Ge0rG
MattJ: but please use PARS instead.
-
Ge0rG
I mean, technically you could just have per-user "passwords" for a MUC, but it feels wrong.
-
Ge0rG
It's a hack.
-
Ge0rG
Actually, I like it.
-
jonasw
:D
-
jonasw
reminds me that I need to try my per-device password SASL authcid hack
-
MattJ
Ge0rG, PARS isn't suitable here, the invite is accepted by a machine
-
jonasw
MattJ, what’s wrong with that?
-
Ge0rG
MattJ: use the PARS wire format to pass tokens along.
-
MattJ
Ge0rG, so you mean use a <preauth> element instead of a <password> element?
-
Ge0rG
MattJ: essentially yes, also you could use the URI parameter to carry such invitations via HTTPS
-
MattJ
Maybe in a future version
-
MattJ
The nice things about passwords is that all the code I was dealing with already supported them
-
MattJ
(except in reality each component had a bug, such as looking for or putting the password in the wrong place in the stanza)
-
MattJ
Turns out it's not a child of the <invite> element
-
Ge0rG
MattJ: you could change the server to use the pars token as the primary mechanism but to allow passing the token in the password field
-
Ge0rG
yeah, invitations with passwords are funny.
-
Ge0rG
nobody is checking corner cases
-
Zash
I'm trying to implement tombstones for MUC. How am I supposed to signal that?
-
MattJ
Isn't it in XEP-0045?
-
Zash
Not really
-
Zash
Not that I could see at least.
-
MattJ
Oh, you mean signal that the service implements tombstones?
-
Zash
To signal that, when joining/creating a room, that it's already been destroyed.
-
Zash
Hm, this seems to work with Gajim
-
Zash
Just needed to not reply with weird <messages>