XSF Discussion - 2018-12-30


  1. goffi has joined

  2. oli has joined

  3. Guus has left

  4. lorddavidiii has left

  5. oli has joined

  6. MatthewX has left

  7. Syndace has left

  8. lumi has left

  9. Syndace has left

  10. UsL has left

  11. UsL has joined

  12. MatthewX has joined

  13. lnj has left

  14. MatthewX has left

  15. MatthewX has joined

  16. Half-Shot has joined

  17. lskdjf has joined

  18. dos has left

  19. l has joined

  20. oli has joined

  21. lovetox has left

  22. moparisthebest has joined

  23. chunk has joined

  24. lnj has left

  25. andrey.g has left

  26. moparisthebest has left

  27. MatthewX has left

  28. efrit has left

  29. jjrh has left

  30. MatthewX has joined

  31. Syndace has left

  32. Half-Shot has left

  33. marc_ has left

  34. andrey.g has joined

  35. alacer has joined

  36. waqas has left

  37. waqas has joined

  38. MatthewX has left

  39. MatthewX has joined

  40. MatthewX has left

  41. marc_ has joined

  42. chunk has joined

  43. marc_ has left

  44. sezuan has left

  45. chunk has left

  46. chunk has joined

  47. marc_ has joined

  48. chunk has left

  49. chunk has joined

  50. chunk has left

  51. chunk has joined

  52. thorsten has left

  53. pep. has left

  54. thorsten has joined

  55. steven has joined

  56. genofire has left

  57. genofire has left

  58. genofire has left

  59. genofire has left

  60. genofire has left

  61. chunk has left

  62. genofire has left

  63. matlag has left

  64. alacer has left

  65. alacer has joined

  66. chunk has joined

  67. chunk has left

  68. marc_ has left

  69. marc_ has joined

  70. genofire has left

  71. genofire has left

  72. moparisthebest has left

  73. mimi89999 has left

  74. mimi89999 has joined

  75. pep. has joined

  76. steven has left

  77. genofire has left

  78. genofire has left

  79. genofire has left

  80. genofire has left

  81. genofire has left

  82. genofire has left

  83. genofire has left

  84. genofire has left

  85. chunk has joined

  86. marc_ has left

  87. marc_ has joined

  88. genofire has left

  89. genofire has left

  90. oli has joined

  91. matlag has left

  92. moparisthebest has left

  93. waqas has left

  94. waqas has joined

  95. genofire has left

  96. alacer has left

  97. oli has left

  98. oli has joined

  99. genofire has left

  100. sezuan has left

  101. erkanfiles has left

  102. erkanfiles has joined

  103. waqas has left

  104. waqas has joined

  105. alacer has joined

  106. steven has joined

  107. lorddavidiii has joined

  108. ThibG has left

  109. oli has joined

  110. edhelas has left

  111. edhelas has joined

  112. ThibG has joined

  113. chunk has joined

  114. l has joined

  115. l has left

  116. chunk has left

  117. Seve has joined

  118. chunk has joined

  119. vaulor has joined

  120. l has joined

  121. genofire has left

  122. genofire has left

  123. Nekit has joined

  124. genofire has left

  125. lskdjf has joined

  126. frainz has left

  127. chunk has joined

  128. chunk has joined

  129. genofire has left

  130. genofire has left

  131. frainz has joined

  132. chunk has left

  133. goffi has joined

  134. genofire has left

  135. chunk has joined

  136. genofire has joined

  137. genofire has left

  138. genofire has left

  139. genofire has left

  140. genofire has left

  141. genofire has left

  142. genofire has left

  143. genofire has left

  144. genofire has left

  145. genofire has joined

  146. chunk has left

  147. APach has left

  148. waqas has left

  149. waqas has joined

  150. efrit has joined

  151. oli has joined

  152. Half-Shot has joined

  153. ThibG has joined

  154. mimi89999 has joined

  155. chunk has joined

  156. Yagiza has joined

  157. edhelas has left

  158. edhelas has left

  159. edhelas has left

  160. l has left

  161. lskdjf has left

  162. vanitasvitae has left

  163. vanitasvitae has joined

  164. vanitasvitae has left

  165. vanitasvitae has joined

  166. Zash has left

  167. Half-Shot has left

  168. Half-Shot has joined

  169. lskdjf has left

  170. Half-Shot has left

  171. lovetox has joined

  172. lnj has joined

  173. alacer has left

  174. lumi has joined

  175. alacer has joined

  176. alacer has left

  177. l has joined

  178. waqas has left

  179. alacer has joined

  180. lskdjf has joined

  181. Guus has left

  182. lorddavidiii has left

  183. marc_ has left

  184. mimi89999 has joined

  185. alacer has left

  186. oli has left

  187. oli has joined

  188. marc_ has joined

  189. lorddavidiii has joined

  190. waqas has joined

  191. erkanfiles has joined

  192. erkanfiles has joined

  193. erkanfiles has left

  194. erkanfiles has joined

  195. waqas has left

  196. lskdjf has joined

  197. ThibG has left

  198. ThibG has joined

  199. moparisthebest has joined

  200. genofire has left

  201. moparisthebest has joined

  202. frainz has left

  203. frainz has joined

  204. lskdjf has joined

  205. lorddavidiii has left

  206. lskdjf has left

  207. lskdjf has left

  208. Yagiza has left

  209. tux has left

  210. l has joined

  211. l has left

  212. chunk has left

  213. chunk has joined

  214. lorddavidiii has joined

  215. l has left

  216. Andrew Nenakhov has left

  217. Andrew Nenakhov has joined

  218. Yagiza has joined

  219. steven has left

  220. l has joined

  221. Wiktor has left

  222. Wiktor has joined

  223. Wiktor has left

  224. Wiktor has joined

  225. Wiktor has left

  226. Wiktor has joined

  227. alacer has joined

  228. moparisthebest has joined

  229. genofire has left

  230. Fahrgast has left

  231. lskdjf has joined

  232. moparisthebest has joined

  233. Fahrgast has joined

  234. alacer has left

  235. genofire has joined

  236. valo has left

  237. Syndace has left

  238. MatthewX has joined

  239. valo has joined

  240. Fahrgast has left

  241. Fahrgast has joined

  242. sezuan has left

  243. alacer has joined

  244. Half-Shot has joined

  245. Holger has left

  246. Half-Shot has left

  247. ta has left

  248. ta has joined

  249. ta has left

  250. ta has joined

  251. Half-Shot has joined

  252. Yagiza has left

  253. alacer has left

  254. Fahrgast has left

  255. Fahrgast has joined

  256. APach has left

  257. l has left

  258. Syndace has left

  259. Yagiza has joined

  260. l has left

  261. l has left

  262. Maranda has left

  263. l has joined

  264. l has left

  265. mrdoctorwho has left

  266. mrdoctorwho has joined

  267. pep.

    TIL https://xmpp.org/extensions/xep-0209.html

  268. pep.

    I knew about the feature but I always thought it was a custom client thing

  269. mathieui

    didn’t we talk about it at the meetup?

  270. jonas’

    wait what

  271. jonas’

    amazing

  272. jonas’

    same here, pep.

  273. jonas’

    now let’s move that to multi-item PEP and it’s actually useful.

  274. edhelas

    jonas’ <3

  275. mathieui

    pep., if you feel bored, don’t hesitate to fix https://lab.louiz.org/poezio/poezio/issues/2557

  276. sasza has joined

  277. pep.

    mathieui, I don't think so. Or I didn't understand it like that. I'm discussing this with sasza just now

  278. jonas’

    a proper solution for metacontacts of which the information lives server-side is somthing I wanted

  279. jonas’

    and then I ditched it. and now it doesn’t fit in my roster data model anymore.

  280. owl has joined

  281. jonas’

    but given that it can greatly improve UX for those of us with (friends with) multiple accounts ... :)

  282. mrdoctorwho has left

  283. chunk has joined

  284. mrdoctorwho has joined

  285. Half-Shot has left

  286. pep.

    There doesn't seem to be much security concerns for this meta-contact thing. owl was wondering if it was possible to use this as a pre-condition (but not requirement) for <moved/>. I also think it would be interesting

  287. pep.

    At the moment it seems I can just send a meta-contact tag for any other jid as long as I know their identity tag?

  288. oli has left

  289. jonas’

    what?

  290. jonas’

    send to whom?

  291. genofire has left

  292. genofire has joined

  293. pep.

    Say I, userA, sends a meta-contact thing to userB, <meta jid='userA@jid1' tag='foo' .. />. Now userB knows my identity tag right, they could use it to send userC <meta jid='userB@jid1' tag='foo' ../> ?

  294. pep.

    There doesn't seem to be any auth mechanism(?)

  295. mrdoctorwho has left

  296. pep.

    /verification

  297. jonas’

    XEP-0209 does not specify anything for sending a meta-contact thing to another user.

  298. jonas’

    so why should there be an auth or verification mechanism?

  299. pep.

    oh

  300. pep.

    I see

  301. jonas’

    did you only look at the examples? ;-P

  302. pep.

    Yes and I was confused

  303. jonas’

    heh

  304. pep.

    Because it's not what I thought it was

  305. pep.

    With owl we were picturing something else, users would be able to say "This is another account of mine"

  306. pep.

    That would need another XEP then.. and would probably need to interact with this

  307. jonas’

    put it in vcard?

  308. pep.

    hmm?

  309. jonas’

    I bet you can put a JID in a vcard

  310. jonas’

    put all your accounts in all your vcards

  311. jonas’

    also allows cross-validation

  312. pep.

    Yeah cross-validation should be a thing

  313. pep.

    The issue owl had was that with <moved/> (and even with what's being discussed, https://wiki.xmpp.org/web/Sprints/2018_November_Dusseldorf/Pad grep for moved), it's not possible to say "hey I moved to that other JID" anymore if the first server is down

  314. l has left

  315. pep.

    Ge0rG, ^

  316. chunk has joined

  317. Half-Shot has joined

  318. Half-Shot has left

  319. oli has joined

  320. oli has joined

  321. oli has joined

  322. chunk has joined

  323. chunk has joined

  324. Half-Shot has joined

  325. Zash has left

  326. genofire has left

  327. Half-Shot has left

  328. 404.city has joined

  329. Half-Shot has joined

  330. mrDoctorWho has joined

  331. Guus has left

  332. owl has left

  333. MattJ has joined

  334. steven has left

  335. !xsf_Martin has joined

  336. mrdoctorwho has joined

  337. !xsf_Martin has left

  338. Half-Shot has left

  339. !xsf_Martin has joined

  340. labdsf has left

  341. MatthewX has left

  342. Half-Shot has joined

  343. Half-Shot has left

  344. Ge0rG

    pep.: yes, also if you actually delete the old account. Moved is full of hairy corner cases of xmpp.

  345. Ge0rG

    Next time I have a bit of time to tackle it, I'll prepare a proposal for a new Moved, probably based on a mix of messages and pep

  346. labdsf has joined

  347. l has left

  348. edhelas

    is stream compression still a thing in XMPP ?

  349. Zash

    It has dubious security properties. Prosody got rid of it. Dunno about others.

  350. l has joined

  351. Tobias has left

  352. Tobias has joined

  353. lskdjf has left

  354. lskdjf has joined

  355. efrit has left

  356. mimi89999 has joined

  357. jonas’

    FWIW https://github.com/horazont/aioxmpp/issues/249#issuecomment-435442679

  358. jonas’

    (scroll to the bottom of that comment for a summary)

  359. jonas’

    TL;DR: if you do it rightâ„¢, the benefits are rather slim, but it can at least revert the base64 overhead

  360. flow

    edhelas, I'd say yes, and I believe that the side channels can be closed

  361. flow

    jonas’, you consider 12% bytes saved in the worst case "rather slim"?

  362. flow

    Or am I misreading the stats and its 1.2% or something?

  363. Zash

    Does it consider the extra memory usage on servers?

  364. jonas’

    yes, 12% is rather slim IMO

  365. jonas’

    12% is low enough that I’d be interested if the additional CPU time involved on the client side isn’t worse than transmitting the extra bytes

  366. jonas’

    (not to mention the memory overhead)

  367. Zash

    As a server dev, I'd rather avoid more memory usage

  368. edhelas

    I saw some security issues regarding TLS + compression as well

  369. Zash

    Yeah, you don't want SASL / password anywhere near compression.

  370. labdsf has left

  371. labdsf has joined

  372. APach has left

  373. neshtaxmpp has joined

  374. Half-Shot has joined

  375. lskdjf has left

  376. l has left

  377. l has joined

  378. l has joined

  379. mimi89999 has left

  380. l has joined

  381. moparisthebest has joined

  382. moparisthebest has joined

  383. Half-Shot has left

  384. ta has left

  385. marc_ has left

  386. APach has left

  387. ta has joined

  388. APach has left

  389. mimi89999 has joined

  390. marc_ has joined

  391. APach has left

  392. APach has left

  393. efrit has joined

  394. l has joined

  395. Yagiza has left

  396. jonas’

    "password or password-equivalent" is probably more fitting, given that SCRAM for example is safe-ish even without encryption, IIRC.

  397. chunk has left

  398. oli has joined

  399. chunk has joined

  400. APach has left

  401. labdsf has left

  402. labdsf has joined

  403. Tobias has left

  404. Tobias has joined

  405. Zash

    Depends on what you wanna protect or be safe against

  406. l has left

  407. l has joined

  408. APach has left

  409. mimi89999 has joined

  410. goffi has joined

  411. l has left

  412. MatthewX has joined

  413. Tobias has joined

  414. Tobias has joined

  415. Zash has left

  416. oli has joined

  417. oli has left

  418. labdsf has left

  419. labdsf has joined

  420. 404.city has left

  421. labdsf has left

  422. labdsf has joined

  423. waqas has joined

  424. mrdoctorwho has left

  425. mrdoctorwho has joined

  426. !xsf_Martin has left

  427. labdsf has left

  428. labdsf has joined

  429. pep. has left

  430. oli has left

  431. oli has left

  432. oli has joined

  433. Half-Shot has joined

  434. MatthewX has left

  435. labdsf has left

  436. labdsf has joined

  437. labdsf has left

  438. labdsf has joined

  439. oli has left

  440. oli has joined

  441. efrit has left

  442. efrit has joined

  443. l has joined

  444. labdsf has left

  445. labdsf has joined

  446. MattJ has joined

  447. marc_ has left

  448. oli has left

  449. MatthewX has joined

  450. oli has joined

  451. steven has left

  452. MatthewX has left

  453. moparisthebest has left

  454. Wiktor has left

  455. labdsf has left

  456. labdsf has joined

  457. labdsf has left

  458. labdsf has joined

  459. tux has left

  460. ThibG has left

  461. ThibG has joined

  462. Zash has left

  463. labdsf has left

  464. labdsf has joined

  465. labdsf has left

  466. labdsf has joined

  467. labdsf has left

  468. pep. has left

  469. labdsf has joined

  470. ThibG has left

  471. oli has joined

  472. goffi has joined

  473. lorddavidiii has left

  474. ThibG has joined

  475. lorddavidiii has joined

  476. genofire has left

  477. genofire has joined

  478. genofire has left

  479. genofire has joined

  480. tux has left

  481. edhelas has left

  482. edhelas has left

  483. edhelas has left

  484. oli has left

  485. oli has joined

  486. oli has left

  487. oli has joined

  488. oli has left

  489. oli has joined

  490. oli has left

  491. oli has joined

  492. oli has left

  493. oli has joined

  494. edhelas has left

  495. vaulor has left

  496. vaulor has joined

  497. ThibG has left

  498. ThibG has joined

  499. l has joined

  500. l has joined

  501. l has joined

  502. l has joined

  503. l has joined

  504. l has joined

  505. l has joined

  506. l has joined

  507. l has joined

  508. l has joined

  509. l has joined

  510. l has joined

  511. l has joined

  512. lskdjf has left

  513. lskdjf has joined

  514. vaulor has left

  515. edhelas has left

  516. edhelas has joined

  517. edhelas has left

  518. edhelas has joined

  519. edhelas has left

  520. edhelas has joined

  521. edhelas has left

  522. edhelas has joined

  523. edhelas has left

  524. edhelas has joined

  525. labdsf has left

  526. labdsf has joined

  527. Nekit has joined

  528. oli has left

  529. UsL has left

  530. UsL has joined

  531. edhelas has left

  532. edhelas has joined

  533. edhelas has left

  534. edhelas has joined

  535. edhelas has left

  536. edhelas has joined

  537. mimi89999 has joined

  538. edhelas has left

  539. edhelas has joined

  540. edhelas has left

  541. edhelas has joined

  542. edhelas has left

  543. edhelas has joined

  544. edhelas has left

  545. lorddavidiii has left

  546. genofire has left

  547. genofire has joined

  548. moparisthebest has joined

  549. l has left

  550. oli has left

  551. edhelas has joined

  552. edhelas has left

  553. edhelas has joined

  554. genofire has joined

  555. genofire has joined

  556. igoose has left

  557. igoose has joined

  558. genofire has joined

  559. oli has left

  560. genofire has left

  561. oli has left

  562. vanitasvitae

    XML namespaces containing multiple occurences od ':' (eg. "urn:xmpp:bob") are valid, are they? https://github.com/dino/dino/issues/394#issuecomment-450573159 Maybe someone can shine some light on this issue?

  563. vanitasvitae

    s/od/of

  564. oli has left

  565. oli has left

  566. oli has joined

  567. l has joined

  568. lovetox

    this is indeed wrong vanitasvitae

  569. vanitasvitae

    So such namespaces are not allowed?

  570. lovetox

    as you see on the captcha node

  571. lovetox

    namespace and node name are exchanged

  572. lovetox

    the thing is the namespace is not as namespace declared

  573. lovetox

    as you can read <urn:xmpp:captcha xmlns='captcha'>

  574. lovetox

    but it should be

  575. lovetox

    <captcha xmlns='urn:xmpp:captcha'>

  576. lskdjf has joined

  577. lovetox

    if this comes from an ejabberd, this is a major bug

  578. vanitasvitae

    ah 😀

  579. vanitasvitae

    Okay, I understood it wrong then

  580. vanitasvitae

    I thought "xmlns='urn:xmpp:bob'" would be illegal.

  581. lovetox

    are you not running a stable version?

  582. vanitasvitae

    Thanks for clarifying.