Listen to how XMPP is pronounced: https://www.youtube.com/watch?v=fz0yDNwEydU&feature=youtu.be&t=495
It's like a message from God! :D
Steve Killehas left
Steve Killehas left
lhas left
lhas joined
thorstenhas left
Steve Killehas left
Dave Cridlandhas left
Dave Cridlandhas left
lskdjfhas joined
Dave Cridlandhas left
Dave Cridlandhas joined
cookiehas left
thorstenhas left
cookiehas joined
404.cityhas left
thorstenhas left
Dave Cridlandhas left
Dave Cridlandhas joined
j.rhas joined
lskdjfhas left
!XSF_Martinhas joined
Dave Cridlandhas left
edhelas
èxèmpaÿpeÿ
lhas joined
lhas joined
j.rhas left
j.rhas joined
!XSF_Martinhas joined
Dave Cridlandhas left
danielhas left
Dave Cridlandhas left
Dave Cridlandhas joined
danielhas joined
thorstenhas left
labdsfhas left
labdsfhas joined
Syndacehas joined
Syndacehas joined
Dave Cridlandhas left
Dave Cridlandhas joined
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas left
thorstenhas left
valohas joined
Valerianhas joined
Valerianhas left
Valerianhas joined
vanitasvitaehas left
lskdjfhas left
lumihas joined
lskdjfhas left
lskdjfhas left
ludohas joined
Valerianhas left
Guushas left
lhas left
Dave Cridlandhas left
Dave Cridlandhas joined
vanitasvitaehas left
xnyhpshas joined
xnyhpshas joined
xnyhpshas left
xnyhpshas joined
xnyhpshas left
xnyhpshas joined
ThibGhas joined
ThibGhas joined
Dave Cridlandhas left
Dave Cridlandhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas joined
Alexhas left
Alexhas joined
danielhas left
xnyhpshas left
xnyhpshas joined
danielhas joined
j.rhas joined
Dave Cridlandhas left
Dave Cridlandhas joined
mrdoctorwhohas joined
lhas left
tahas joined
lhas joined
lnjhas left
lnjhas joined
xnyhpshas left
xnyhpshas joined
Dave Cridlandhas left
Dave Cridlandhas joined
valohas left
thorstenhas left
Valerianhas joined
ThibGhas left
ThibGhas joined
danielhas left
danielhas joined
Guushas left
Guushas joined
ludohas left
Dave Cridlandhas left
Dave Cridlandhas joined
Guushas left
Valerianhas left
Valerianhas joined
Guushas joined
Zashhas left
valohas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Dave Cridlandhas left
Valerianhas left
Valerianhas joined
Valerianhas left
Valerianhas joined
Zashhas left
Dave Cridlandhas left
Dave Cridlandhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
lhas joined
Valerianhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Dave Cridlandhas left
Dave Cridlandhas joined
thorstenhas left
MbJ3has joined
Dave Cridlandhas left
Dave Cridlandhas joined
jubalhhas joined
tahas joined
lhas joined
lhas joined
goffihas left
goffihas joined
thorstenhas left
Dave Cridlandhas left
Dave Cridlandhas left
Dave Cridlandhas joined
lhas left
alexishas joined
MbJ3has left
MbJ3has joined
Dave Cridlandhas left
Dave Cridlandhas joined
ludohas joined
vinx55has joined
lhas joined
Guushas left
Dave Cridlandhas left
Dave Cridlandhas joined
Dave Cridlandhas left
Dave Cridlandhas joined
Guushas left
thorstenhas left
vinx55has left
mimi89999has joined
efrithas joined
vinx55has joined
jjrhhas left
Dave Cridlandhas left
Dave Cridlandhas joined
thorstenhas left
waqashas joined
andyhas left
jjrhhas left
thorstenhas left
Guushas left
thorstenhas joined
Guushas left
Dave Cridlandhas left
apachhas left
Dave Cridlandhas joined
vinx55has left
Dave Cridlandhas left
Dave Cridlandhas joined
Dave Cridlandhas left
Dave Cridlandhas joined
jjrhhas left
moparisthebesthas left
jjrhhas left
alexishas left
nycohas left
alexishas joined
ludohas left
jjrhhas left
danielhas left
mrdoctorwhohas joined
danielhas left
Holgerhas left
mrdoctorwhohas left
thorstenhas left
efrithas left
Holgerhas joined
Holgerhas joined
jjrhhas left
Valerianhas joined
jjrhhas left
apachhas left
vanitasvitaehas left
Holgerhas joined
blablahas joined
thorstenhas left
blablahas left
j.rhas joined
404.cityhas joined
mrdoctorwhohas joined
jjrh
In regards to the list message "staleness of devices" When we are talking about 'messages' are we referring to stanza's, or specifically the <message/> stanza?
j.rhas joined
rionhas left
jjrhhas left
jonasw
given that it’s omemo, we’re probably referring to OMEMO messages
jonasw
vanitasvitae, ^
jjrhhas left
vanitasvitae
jjrh: an OMEMO <encrypted/> element
Dave Cridlandhas left
Dave Cridlandhas joined
vanitasvitae
Which is encrypted for our device
Dave Cridlandhas left
Dave Cridlandhas joined
jjrh
Ah okay thanks for the clarification.
404.cityhas left
vanitasvitae
jjrh: :)
Steve Killehas left
Steve Killehas left
Steve Killehas joined
apachhas left
blablahas joined
lskdjfhas joined
404.cityhas joined
404.cityhas left
Alexhas left
ludohas joined
lovetoxhas joined
alexishas left
alexishas joined
404.cityhas joined
Guushas left
jubalhhas left
Guushas left
Dave Cridlandhas left
Dave Cridlandhas joined
apachhas left
tuxhas left
jjrhhas left
ralphmhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
SamWhitedhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
tahas joined
valohas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
ludohas left
marchas joined
jjrhhas left
vanitasvitaehas left
jjrhhas left
Ge0rGhas joined
anjanhas joined
anjanhas left
anjanhas joined
anjanhas left
anjanhas joined
anjanhas left
anjanhas joined
anjanhas left
anjanhas joined
ralphmhas joined
labdsfhas left
danielhas left
danielhas joined
anjanhas joined
Valerianhas left
Valerianhas joined
Valerianhas left
Valerianhas joined
Valerianhas left
Valerianhas joined
j.rhas joined
Valerianhas left
labdsfhas joined
404.cityhas left
404.cityhas joined
ralphmhas left
labdsfhas left
labdsfhas joined
marchas left
Valerianhas joined
ralphmhas joined
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
labdsfhas left
404.cityhas left
Dave Cridlandhas left
Dave Cridlandhas joined
apachhas left
Dave Cridlandhas left
Dave Cridlandhas joined
lumihas left
valohas joined
Valerianhas left
labdsfhas joined
ralphmhas joined
Dave Cridlandhas left
Dave Cridlandhas joined
Dave Cridlandhas left
Dave Cridlandhas joined
marchas joined
Dave Cridlandhas left
Dave Cridlandhas joined
Dave Cridlandhas left
Dave Cridlandhas joined
labdsfhas left
labdsfhas joined
jubalhhas joined
Yagizahas left
thorstenhas left
Dave Cridlandhas left
Dave Cridlandhas joined
apachhas left
Valerianhas joined
muppethhas left
muppethhas joined
muppethhas left
muppethhas joined
waqashas left
thorstenhas left
alexishas left
jubalhhas left
labdsfhas left
lskdjfhas left
alexishas joined
mrdoctorwhohas joined
j.rhas joined
alexishas left
labdsfhas joined
waqashas joined
labdsfhas left
labdsfhas joined
labdsfhas left
labdsfhas joined
labdsfhas left
labdsfhas joined
ludohas joined
lskdjfhas left
j.rhas joined
Dave Cridlandhas left
Dave Cridlandhas joined
lovetox
jdev seems down
lovetox
flow: 3.2 Verification of <openpgp/> Content
Recipients MUST verify that the signature is valid, that the signature's key corresponds to the sender's key,
labdsfhas left
labdsfhas joined
jonasw
seems up to me, lovetox
lovetox
can we relax this a little bit
lovetox
if a contact writes me offline messages, and i dont have the keys yet
jonasw
then you have to wait until you have the keys, no?
lovetox
this would mean caching all messages for later decryption IF i get the public key
jonasw
signature validation sounds kinda important.
Dave Cridlandhas left
Dave Cridlandhas joined
lovetox
yes, but it doesnt has to be made instantly
lovetox
especially not on first contact
labdsfhas left
labdsfhas joined
lovetox
i dont know how omemo does that, but i can read offline messages also without querying keys from the contact first
lovetox
especially with other rules in the XEP like "blind trust on first contact" which seem to try and make this as easy and painless as possible
jonasw
you can’t be sure those aren’t spoofed though
lovetox
we are talking about first contact, if a attacker is a man in the middle, he can supply all the data he wants, it does not help me to query keys
lovetox
signature verification makes only sense, if i verified that a fingerprint belongs truly to my contact
jonasw
but if it’s an offline message, it’s unclear whether the attacker *still* has the power
jonasw
it might be that they hijacked a device and were able to send a spoofed message
!XSF_Martin
Why not mark the message as 'unverified'
jonasw
but that access to the account was revoked?
jonasw
lovetox, the contact also might have untrusted devices which intentionally do not have access to the GPG keys and are not used to send or receive GPG messages
jonasw
hmm. but those devices could publish forged keys, so nevermind
lovetox
!XSF_Martin, not allowed by the XEP
lovetox
im not arguing that there cant be a case found where this rule would help to migitate a attack
lovetox
the question is, is it worth the hassle
lovetox
it does not help against man in the middle which is the biggest risk, we blind trust all keys, this alone is a HUGE risk
jonasw
it boils down to: (a) who controls which keys are considered valid vs. who is able to send a message with this sender? and (b) why sign when verification is optional?
lovetox
so why beeing so strict on this thing that does certainly not add a new big risk
lovetox
jonasw, im not saying verification should be optional
jonasw
anyways, gotta run
lovetox
just something like, on first contact we can display the messages until we received the key
lovetox
or something like that
lovetox
i mean i can do this anyway, this XEP MUST is useless because it cant be enforced
lovetox
it should be in the business rules or something, a suggestion with an exception or something like that
lovetox
always verify, except you hadnt time to receive the key or something
lovetox
what im saying, i will not implement this, its not worth the hassle to make the whole client async decrypt messages