-
edhelas
could it be possible to share PEP messages with MUC ?
-
edhelas
then I can share my localisation with people in a room for example ?
-
MattJ
Prosody now allows you to get PEP items from people in a MUC, but there is no automatic subscription (yet?)
-
edhelas
Holger what about ejabberd :) ?
-
edhelas
MattJ how does it work ? I need to configure my PEP node for that ?
-
MattJ
It would need to whitelist the MUC JID or be open, yes
-
MattJ
For "live" updates, I wrote about this 9 (!) years ago: https://blog.prosody.im/multi-user-chat-gets-rich/
-
edhelas
interesting
-
Zash
NINE YEARS
-
MattJ
https://mail.jabber.org/pipermail/standards/2009-June/022173.html
-
MattJ
and this post to the list ^
-
Zash
Crickets?
-
edhelas
<3
-
MattJ
I implemented it in Gajim, though I'm guessing the patch no longer applies :)
-
Holger
edhelas: Hmmm.
-
Holger
The point is making stuff available to room members (or occupants?) who are not on my contact list, without making it available world-wide?
-
Holger
(Plus anon rooms?)
-
edhelas
yes
-
edhelas
for example in a room where people could share their location or mood
-
Zash
Having directed presence count in the PEP access check?
-
Zash
Does anyone actually follow https://xmpp.org/extensions/xep-0178.html now?
-
Zash
Or ...
-
Zash
Really tiny mention of "or fall back to dialback" in there
-
peter
Zash: for c2s or s2s or both?
-
Zash
Mostly thinking of s2s here
-
peter
Also, I doubt that any CAs issue certs with the xmppAddr field.
-
Zash
All glory to Let's Encrypt
-
Zash
There can be only one! etc...
-
Zash
But at least one server offers EXTERNAL even if the cert doesn't match, then expects dialback to be attempted after <{sasl}failure>
-
peter
What aspect of XEP-0178 are you wondering about? The interaction with dialback or the core functionality?
-
peter
Ah, right.
-
peter
Hrm, that seems less than ideal.
-
Kev
Zash: Us? I'd say that's a bug. I'd say it's always a bug to advertise external and not have it succeed.
-
peter
We might want to take a look at how 178, 220, and 344 interact.
-
Zash
ejabberd
-
Zash
don't forget 288 :)
-
peter
Well yeah.
-
peter
That too. :-)
-
Kev
288 interacts by not having interoperable implementations :D
-
peter
LOL
-
Zash
IIRC the rationale was to be able to report certificate validation errors back with the SASL failure, which seems sensible
-
Kev
We'll be redoing S2S in M-Link shortly and I'm seriously wondering if there's value in us (re-)implementing 288.
-
peter
If we just used the blockchain, this would all be easy. https://medium.com/originprotocol/introducing-origin-messaging-decentralized-secure-and-auditable-13c16fe0f13e
-
Kev
Not using blockchain was our second big mistake.
-
Kev
Sorry, third.
-
Kev
Our second was not using bittorrent.
-
Zash
Blockchain based PubSub over BitTorrent!
-
Kev
And our first was not using yaml (I assume JSON must be going out of fashion by now).
-
peter
JSON is Forever™
-
waqas
MongoDB is webscale, etc
-
waqas
Kev: A little curious about what "redoing S2S in M-Link" would result in
-
waqas
Just a code cleanup, or something beyond that?
-
Kev
waqas: Nothing visible, just tidying up some things internally.
-
waqas
Got it
-
Kev
Well, nothing visible from the protocol side.
-
Kev
But enhancing support for our non-Internet type routing scenarios.
-
waqas
That sounds neat
-
Kev
Yeah, some of this stuff is genuinely difficult and interesting.
-
Zash
288 seems like it'd be beneficial for some of those
-
Zash
also helps in some cases like where the server is behind a NAT or moving around without updating DNS
-
Kev
In those sorts of cases you probably don't want to S2S at all :)
-
Zash
read: I like being able to run a server on my laptop and have it work even when I visit people
-
Kev
(Probably you want 361 in most of those cases)
-
Kev
(X2X)
-
Kev
Except the 'moving laptop pretending to be a server' case possibly.
-
Kev
Although even 288 isn't enough to save you there.
-
Zash
Not perfect but it works
-
Kev
Sometimes.
-
Kev
I suspect that you'd find that a clustered server would give you partial service, depending on the model.
-
Kev
It'd be quite reasonable for a cluster to want one S2S session per node, rather than a giant mesh of session routing.
-
Zash
Since I do this mostly to test stuff locally, it only needs to work sometimes, ie when I'm testing.
-
Kev
But now I'm vanishing.
-
pep.
> Kev> And our first was not using yaml (I assume JSON must be going out of fashion by now). Wasn't yaml a superset of json
-
Zash
yaml is a superset of everything
-
Maranda
Hmm M-Link and 288 in the same sentence, did Bidi ever work in it to begin with? 🤔😜👹
-
moparisthebest
Has anyone ever seen or heard of MAM between different devices connected to the same account?
-
moparisthebest
Someone in another muc was surprised omemo didn't work this way
-
moparisthebest
(he didn't use those words of course, more like why don't I have full history on new device B when device A has full history)
-
Link Mauve
moparisthebest, it’d then be trivial for the server (“the attacker”) to obtain the logs of things it shouldn’t have had access to.
-
Link Mauve
At some point we could also drop the act and just implement OMEMO in the server.
-
moparisthebest
Link Mauve: well presumably it would reencrypt, but yea still kind of breaks PFS