XSF Discussion - 2018-09-18

  1. neshtaxmpp

    hi sslh was configured but it log in syslog, it was followed this manual: http://william.shallum.net/random-notes/sslh-configuring-logging-logrotate-and-logwatch and it still log in syslod, sslh was restart and same

  2. moparisthebest

    I mean the answer is you configure them however you want

  3. moparisthebest

    You need to understand ips and ports and what sslh does though, you aren't going to find a copy paste Tut for it

  4. moparisthebest

    peter: nice so 'I'm going to generalize about all federated systems then come up with one that isn't federated because I haven't considered how to solve those problems in a federated system'

  5. neshtaxmpp

    moparisthebest: your tutorial was good... but it suck... simply step by step... and you have to remove , from line 16... Imagine, today you was online... person want install ssllh, he see your tutorial, start scratch in hear... make everything correctly... after some hours to see how to make it work " without step by step he need to lost hime time " and when he run sshl -F /etc/sslh.cfg it will comment " error in line 16 " he will start again scratch head hair and agai other 1 day to configure how to repair the problem. so 2 days to install, configure and run sslhd. but here come true life. what happend if he dont find you moparisthebest... so he has to wait more days... maybe 2 days more until you return... or maybe 1 month... or maybe 1 year... becouse when person dont know how to run somethink. he has to wait untill someone help him... so imagine he has to wait 1 year untill someone or you appear help him. this is 1 year to remove one " simply SHIT , " if he has goodluck he cab wait 1 year, and if he dont habe goodluck it can be 2 years... and more... so for some manual that can work 10 min. he has to wait 1 year or more years... to someone help him. moparisthebest today you can have internet, tomorrow do you know if you are gonna have internet... you can " i pay money " - > piu piu... you can money but when government say no more internet there will be no more internet...

  6. neshtaxmpp

    moparisthebest: and who is the not federated server...

  7. neshtaxmpp

    moparisthebest: is this some kind of indirect you want my help for federated system. if i can i will help.

  8. neshtaxmpp

    moparisthebest: sslh is program for linux " unknown if it work in macos " that help peoples with limited ports. all other ports blocked only open 443 and 80 -> only for viewing web sites... sslh enter here and safe peoples... limited port and firewall... have noce day.

  9. moparisthebest

    What in the world kind of drunken rant was that

  10. neshtaxmpp

    What in the world kind of drunken rant was that

  11. edhelas

    I had some though on OMEMO and related metadata, the problem with OMEMO (and other e2ee solutions) is that they are only encrypting the body element. I was wondering if we couldn't also encrypt, using the same key, the other value of the other attributes of the message (by adding a namespace to those elements for example). For SIMS we could then encrypt <media-type>, <name>, <thumbnail cid…>.

  12. edhelas

    This will still leak some "structural metadata" but at least the content should be protected. And it should be fairly easy to implement it in clients (we have to check for the retro compability).

  13. lovetox

    its a bit more work then just encrypting everything

  14. lovetox

    there are elements you dont want to encrypt

  15. edhelas

    yes :)

  16. lovetox

    and these have to be specified :)

  17. lovetox

    as daniel often said, there is probably no one against full stanza encryption, just no one did write it up yet

  18. edhelas

    that's why I'm saying that we should put a specific tag or namespace for those specific tags

  19. edhelas

    the problem with full stanza encryption is that it requires to hack the parser behavior and thing that should be encrypted and things that shoudn't can't be on the sams XML depth anymore

  20. lovetox

    full stanza encryption is specified in 0373 and i think 0200

  21. lovetox

    also a question was, it should be specified what happens if i find a tag inside the encrypted payload, and outside

  22. daniel

    Or what happens if there is a tag outside that influences the inside. For example a message correction tag

  23. lovetox

    i think we should probably ignore all outside tags except a certain whitelist

  24. lovetox

    but then the problem is, if new xeps arise we have to update that list

  25. jonas’

    I wonder which tags are relevant to clients && must not be encrypted

  26. lovetox

    eme for one

  27. lovetox

    its not about client, its about server

  28. lovetox

    hints for example

  29. jonas’


  30. jonas’

    but the server shouldn’t care about the encrypted payload

  31. jonas’

    and the client shouldn’t care about the unencrypted payload (in general)

  32. jonas’

    you know where I’m getting at?

  33. daniel

    > i think we should probably ignore all outside tags except a certain whitelist Thats what I proposed years ago

  34. jonas’

    i.e. the whitelist will probably be encryption-metadata like EME, and everything else can be ignored by the client.

  35. daniel

    I can only think of stanza and origin id

  36. jonas’

    or stanza-metadata, hm, yes.

  37. daniel

    Eme is only relevant _before_ the decryption

  38. lovetox

    yes stanza-id

  39. daniel

    And can be thrown away later

  40. lovetox

    but this is added by the server anyway

  41. lovetox

    but should not be ignored yes

  42. edhelas


  43. edhelas


  44. edhelas

    MattJ thanks for the comment :)

  45. edhelas


  46. ralphm

    Instead of retrieving all history from MAM, I'd like to ask the archive the last message for each party I conversed with to build a chronological index, and then progressively retrieve history when going into one of them.

  47. ralphm

    Has anyone had a use case like this? If so, how did you solve it?

  48. MattJ

    ralphm, I was planning to write an extension for that. MAP (Message Archive Preview) :)

  49. Seve/SouL

    Sounds great

  50. MattJ

    It seems clients are favouring the per-contact sync, instead of sync-everything

  51. ralphm

    I could imagine maybe a boolean field in the MAM Data Form that indicates you only want one for each party?

  52. MattJ

    Potentially, yes

  53. ralphm

    MattJ: indeed. Also in our case, we don't really have a roster

  54. ralphm

    You have people on your (phone) contact list, and then other sources of things to talk to, like groups and non-people.

  55. ralphm

    By the way, I love the MAP backronym.

  56. MattJ


  57. MattJ

    Fancy working on the XEP?

  58. Zash

    I do believe Kev has talked about some kind of summary like this as well

  59. MattJ

    Reality is, I probably won't get to it for a couple of weeks at least

  60. Ge0rG

    It's much better than the CSI backronym.

  61. ralphm

    We probably are fast-moving on this, but that doesn't mean I can't work on a standard for it and move to that later

  62. lovetox

    ralphm, do you request the last message for every contact in the roster on start?

  63. lovetox

    my question is about how do you solve the problem that you cannot know what the last conversation was in a multi device env

  64. lovetox

    so how do you knwo which jids to sync

  65. jonas’

    lovetox, all

  66. Zash

    Last message per contact

  67. lovetox

    since a certain mam-id

  68. lovetox

    obviously, otherwise this would be very expensive

  69. Zash

    That sounds massively more expensive

  70. Zash

    Keeping the last ID per roster entry in a cache seems doable

  71. jonas’

    note that ralphm was specifically talking about not really having a roster

  72. ralphm

    No, no roster

  73. Zash

    You know I'll cry if you design a thing that requires a SQL RDBM

  74. Ge0rG

    `SELECT MAX(uuid),* FROM contacts, messages WHERE contacts.jid = messages.jid;`

  75. jonas’

    > MAX(uuid)

  76. lovetox

    what does that mean no roster, you talk only to a single jid? because if you have knowledge about more than one jid in your application you have a roster, i dont see how it is relevant if this roster is kept on the server or on the client

  77. jonas’

    that’s not how it works.

  78. ralphm

    My thinking was that you do a MAM request to get all message history, but instruct it to only return one entry per unique other entity you've contacted (other user, room, whatever)

  79. Ge0rG

    jonas’: stop spoiling my fun

  80. jonas’

    lovetox, it is relevant for the server-side MAM implementation whether it knows which JIDs are relevant or whether it has to assume they all are

  81. Zash

    No nice things allowed.

  82. Ge0rG

    ralphm: that might explode if you have chatted to many entities. Or if you were bot-flooded.

  83. ralphm

    lovetox: in our case, instead of a roster, we have a native mobile phone address book, and retrieve matches from the server. Not unlike apps like WhatsApp do.

  84. ralphm

    Ge0rG: well, you can paginate this too, no?

  85. ralphm

    Ge0rG: or are you worried about the server side complexity of 'the last one' per contact?

  86. lovetox

    ralphm do you store the messages on the phone?

  87. ralphm

    lovetox: cache, yes

  88. Ge0rG

    ralphm: both, actually

  89. ralphm

    but you definitely don't want to retrieve all messages at once either, most of the time you only need history for a contact when you start chatting

  90. jonas’

    ralphm, I’m not sure how many messages you are expecting between reconnects and how many contacts you expect people to have, but if the message load is "regular", you might get less traffic with normal "MAM since last connct" than what you propose

  91. ralphm

    jonas’: not on a reinstall

  92. jonas’

    because the one is O(number of contacts ever ever spoken to [monotonically increasing]) and the other is O(number of contacts actively sending messages times average message rate per contact times offline time [approximately constant])

  93. Ge0rG

    or when you didn't charge your phone for a month.

  94. jonas’

    ralphm, okay, that makes sense

  95. jonas’

    but on a reinstall, I wouldn’t worry too much and just do a MAM query for each phonebook entry

  96. ralphm

    eh no

  97. jonas’

    do you expect huge phone books?

  98. Ge0rG

    jonas’: there is an upper bound due to the typical history age timeout, so you'll only get the contacts you chatted to in the last 14d or so

  99. lovetox

    if you have implemented something like that, im very interested how you did it, i try to find a way to backfill the history since a month, and all i can come up is that its not possible without lossing the order of the messages

  100. jonas’

    Ge0rG, depends on the history model on the server side, really

  101. ralphm

    Ge0rG: indeed. I could imagine retrieving the last 7 days of history, but you still want an entry for people you talked to longer ago

  102. ralphm

    And then if you go into one of those chats, you can still backfill that contact

  103. Ge0rG

    ralphm: so you are also asking for indefinite storage of all JIDs you had a chat with?

  104. ralphm

    The thing is that you don't want a full history sync when you reinstall an app or switched phones or whatever

  105. ralphm

    Ge0rG: might still be definite, but still different from a contact list. Contact lists change and also you want the chronological order

  106. ralphm

    The server-side complexity of getting a list like this is an implementation detail. It could be part of the storage model, or you can build and cache an index based on the actual full history.