XSF Discussion - 2019-01-02

00:06:07 Half-Shot has left
00:08:28 jjrh has left
00:11:48 jjrh has left
00:22:11 neshtaxmpp has left
00:22:12 neshtaxmpp has left
00:28:06 Half-Shot has left
00:28:13 nyco has left
00:32:04 UsL has left
00:32:04 UsL has joined
00:35:05 jjrh has left
00:35:23 jjrh has left
00:38:54 Half-Shot has left
00:40:04 jjrh has left
00:40:30 jjrh has left
00:40:58 jjrh has left
00:42:25 jjrh has left
00:47:47 Half-Shot has left
01:00:27 Half-Shot has left
01:01:54 jjrh has left
01:03:47 Half-Shot has left
01:07:53 lskdjf has joined
01:17:52 Half-Shot has left
01:20:16 Half-Shot has left
01:20:19 Half-Shot has joined
01:20:34 Neustradamus has left
01:20:56 Neustradamus has joined
01:21:04 l has left
01:29:48 lovetox has left
01:40:04 ThibG has left
01:48:52 ThibG has joined
01:51:56 Half-Shot has left
01:53:09 l has joined
01:53:38 neshtaxmpp has joined
01:54:35 Half-Shot has joined
01:56:13 Andrew Nenakhov has left
01:56:23 Andrew Nenakhov has joined
01:57:00 lskdjf has joined
02:12:17 Half-Shot has left
02:19:02 404.city has joined
02:19:50 lnj has left
02:19:51 lnj has joined
02:19:58 lnj has left
02:19:59 lnj has joined
02:20:06 lnj has left
02:20:07 lnj has joined
02:20:14 lnj has left
02:20:15 lnj has joined
02:20:21 lnj has left
02:20:22 lnj has joined
02:41:11 sezuan has left
02:41:34 UsL has left
02:41:35 UsL has joined
02:42:25 lumi has joined
02:46:34 pep. has joined
03:07:55 UsL has left
03:07:58 UsL has joined
03:38:29 oli has joined
03:54:10 Zash has left
04:14:15 alacer has joined
04:18:23 Marc Laporte has joined
04:20:10 Marc Laporte has left
04:59:42 igoose has left
05:00:37 igoose has joined
05:03:57 Marc Laporte has joined
05:11:23 ThibG has left
05:11:25 ThibG has joined
05:15:11 404.city has left
05:30:41 !xsf_Martin has joined
05:41:27 lnj has left
05:48:13 alacer has left
05:49:50 daniel has joined
05:53:10 alacer has joined
06:30:26 nyco has joined
06:42:18 vinx55 has joined
06:46:55 steven has left
07:05:28 mimi89999 has joined
07:07:28 vinx55 has left
07:13:42 vaulor has joined
07:23:33 steven has joined
07:43:42 alacer has left
07:45:11 alacer has joined
07:55:47 Marc Laporte has left
08:00:14 !xsf_Martin has joined
08:01:52 ralphm has left
08:03:10 l has joined
08:10:21 alacer has left
08:13:09 alacer has joined
08:16:18 genofire has left
08:18:44 oli has joined
08:19:57 Steve Kille has left
08:23:50 !xsf_Martin has joined
08:28:19 alacer has left
08:28:38 Steve Kille has joined
08:33:01 alacer has joined
08:37:36 l has left
08:45:16 l has joined
08:47:51 labdsf has left
08:59:05 alacer has left
08:59:46 labdsf has joined
09:03:04 alacer has joined
09:07:27 Ann has joined
09:08:32 oli has left
09:08:39 oli has joined
09:17:46 igoose has left
09:18:53 igoose has joined
09:20:11 frainz has left
09:20:17 frainz has joined
09:24:03 genofire has left
09:24:08 genofire has joined
09:24:25 mrDoctorWho has left
09:31:17 mightyBroccoli has left
09:31:21 genofire has left
09:31:25 genofire has joined
09:32:50 alacer has left
09:33:39 ThibG has joined
09:33:43 ThibG has joined
09:37:59 l has joined
09:38:18 moparisthebest has left
09:39:14 mightyBroccoli has joined
09:44:34 ThibG has left
09:44:36 ThibG has joined
09:56:58 alacer has joined
09:58:56 Yagiza has joined
09:58:57 Seve has left
09:59:37 vaulor has left
10:00:57 ralphm has left
10:05:07 alacer has left
10:05:25 mightyBroccoli has left
10:05:26 mightyBroccoli has joined
10:07:12 alacer has joined
10:11:21 pep. has left
10:17:36 labdsf has left
10:18:30 404.city has joined
10:18:50 404.city has left
10:19:24 tux has left
10:23:31 labdsf has joined
10:27:21 l has joined
10:32:11 valo has joined
10:32:22 valo has joined
10:36:41 !xsf_Martin has left
10:36:55 !xsf_Martin has joined
10:37:42 alacer has left
10:40:42 alacer has joined
10:40:54 lnj has joined
10:44:33 lskdjf has joined
10:49:25 alacer has left
10:59:55 Ann has left
10:59:57 Ann has joined
11:01:00 Ann has left
11:01:02 Ann has joined
11:02:28 oli has joined
11:03:05 oli has joined
11:05:46 daniel has joined
11:06:52 Half-Shot has joined
11:28:09 Zash has left
11:28:22 alacer has joined
11:33:21 goffi has joined
11:35:02 marc_ has joined
11:39:33 !xsf_Martin has left
11:55:44 alacer has left
11:57:09 alacer has joined
11:59:52 vaulor has joined
12:01:26 l has joined
12:12:27 Neustradamus has left
12:15:25 thorsten has left
12:16:48 thorsten has joined
12:18:43 l has left
12:18:44 l has joined
12:19:02 Neustradamus has joined
12:22:31 Neustradamus has left
12:23:10 Neustradamus has joined
12:26:45 alacer has left
12:27:09 alacer has joined
12:29:28 Neustradamus has left
12:33:22 Ge0rG has left
12:36:05 lumi has joined
12:37:41 !xsf_Martin has joined
12:41:53 Neustradamus has joined
12:46:45 Andrew Nenakhov has left
12:48:42 !xsf_Martin has left
12:53:45 ThibG has left
12:53:50 ThibG has joined
12:58:39 frainz has left
12:58:45 frainz has joined
13:05:00 Neustradamus has left
13:05:24 lskdjf has joined
13:05:28 alacer has left
13:05:56 Neustradamus has joined
13:12:25 lovetox has joined
13:13:14 Andrew Nenakhov has joined
13:14:01 Nekit has joined
13:21:23 frainz has left
13:21:27 frainz has joined
13:22:21 mightyBroccoli has left
13:22:23 mightyBroccoli has joined
13:24:09 frainz has left
13:24:58 frainz has joined
13:26:38 igoose has left
13:26:42 igoose has joined
13:37:35 daniel has left
13:40:14 lskdjf has joined
13:40:38 alacer has joined
13:40:46 daniel has joined
13:50:17 ThibG has left
13:50:18 ThibG has joined
13:57:36 frainz has left
13:57:40 frainz has joined
13:58:11 alacer has left
13:58:40 erkanfiles has joined
14:01:29 erkanfiles ralphm: I just finished the minutes for 2018-12-20... Could you check this before I submit? This is my first try...
14:02:07 erkanfiles Or anybody else?
14:02:08 Ge0rG erkanfiles: I can review as well if you wish. You need somebody to forward them to the lists anyway.
14:02:29 Ge0rG (I'm not on board, but on members)
14:19:22 moparisthebest has joined
14:24:38 moparisthebest has left
14:24:38 moparisthebest has joined
14:29:28 Ge0rG > This server could not prove that it is logs.xmpp.org; its security certificate is from xmpp.org *sigh*
14:31:43 waqas has left
14:31:52 waqas has joined
14:31:53 Yagiza has left
14:32:19 moparisthebest has joined
14:32:19 moparisthebest has joined
14:33:56 freddo has joined
14:34:28 mightyBroccoli has left
14:34:28 benpa has joined
14:34:28 benpa has joined
14:34:28 _purple_bot has joined
14:34:28 _purple_bot has joined
14:34:28 Matthew has joined
14:34:28 Matthew has joined
14:34:28 uhoreg has joined
14:34:28 uhoreg has joined
14:34:59 jjrh has left
14:36:52 Ge0rG has left
14:37:48 benpa has joined
14:37:48 uhoreg has joined
14:37:48 _purple_bot has joined
14:37:48 Matthew has joined
14:38:25 lnj has left
14:40:58 Zash has left
14:40:58 benpa has joined
14:40:58 _purple_bot has joined
14:40:59 Matthew has joined
14:40:59 uhoreg has joined
14:44:30 jjrh has left
14:44:46 jjrh has left
14:44:50 mightyBroccoli has joined
14:45:41 jjrh has left
14:46:09 benpa has joined
14:46:09 uhoreg has joined
14:46:09 _purple_bot has joined
14:46:09 Matthew has joined
14:48:38 lukkec has joined
14:49:01 waqas has left
14:49:08 lukkec has left
14:49:13 lukkec has joined
14:49:17 jjrh has left
14:49:58 lukkec has left
14:50:03 lukkec has joined
14:50:38 erkanfiles has joined
14:50:47 lukkec has left
14:50:53 lukkec has joined
14:51:38 lukkec has left
14:51:44 lukkec has joined
14:52:28 lukkec has left
14:52:34 lukkec has joined
14:53:18 lukkec has left
14:53:24 lukkec has joined
14:54:09 lukkec has left
14:54:15 lukkec has joined
14:54:43 Holger has left
14:54:58 lukkec has left
14:55:04 lukkec has joined
14:55:48 lukkec has left
14:55:54 lukkec has joined
14:55:56 moparisthebest has left
14:56:06 moparisthebest has joined
14:56:38 lukkec has left
14:56:44 lukkec has joined
14:57:28 lukkec has left
14:57:34 lukkec has joined
14:58:18 lukkec has left
14:58:24 lukkec has joined
14:59:08 lukkec has left
14:59:13 frainz has left
14:59:14 lukkec has joined
14:59:59 lukkec has left
15:00:05 lukkec has joined
15:00:44 frainz has joined
15:00:49 lukkec has left
15:00:55 lukkec has joined
15:01:40 lukkec has left
15:01:46 lukkec has joined
15:02:30 lukkec has left
15:02:36 lukkec has joined
15:03:20 lukkec has left
15:03:26 lukkec has joined
15:03:46 ralphm has left
15:04:10 lukkec has left
15:04:16 lukkec has joined
15:05:00 lukkec has left
15:05:06 lukkec has joined
15:05:15 redditor has joined
15:05:50 lukkec has left
15:05:57 lukkec has joined
15:06:40 lukkec has left
15:06:45 lukkec has joined
15:07:30 lukkec has left
15:07:36 lukkec has joined
15:07:56 lukkec has left
15:12:32 j.r has joined
15:13:21 Yagiza has joined
15:13:31 krauq has left
15:15:54 krauq has joined
15:21:05 mightyBroccoli has left
15:23:11 jjrh has left
15:23:59 jjrh has left
15:24:01 !xsf_Martin has joined
15:26:57 l has left
15:27:33 mightyBroccoli has joined
15:27:40 pep. has left
15:27:57 lskdjf has left
15:28:27 Seve has joined
15:31:48 jjrh has left
15:36:19 redditor has left
15:36:26 redditor has joined
15:42:30 redditor has left
15:42:31 redditor has joined
15:46:42 winfried has joined
15:46:47 winfried has joined
15:53:17 Ann has left
15:59:26 Ann has joined
16:06:25 j.r has joined
16:15:10 dos has left
16:23:23 UsL has joined
16:27:12 Lance has joined
16:31:42 mightyBroccoli has left
16:33:16 Steve Kille has left
16:33:23 Steve Kille has left
16:33:31 mimi89999 has joined
16:37:13 mrDoctorWho has joined
16:38:20 mightyBroccoli has joined
16:44:11 l has joined
16:45:03 Steve Kille has joined
16:49:10 waqas has joined
16:51:40 l has left
16:58:44 Alex has joined
17:00:30 redditor has left
17:00:32 redditor has joined
17:03:09 ralphm has left
17:08:11 Zash has left
17:11:16 pep. https://wiki.xmpp.org/web/Main_Page somebody added "Quickstart for developers" on the main page, but it points nowhere. There's also "Modern Login Procedure" that points nowhere. Even if that can be a good idea I vote to remove them while they're empty.
17:12:20 j.r has joined
17:12:36 l has joined
17:15:06 mightyBroccoli has left
17:15:11 mightyBroccoli has joined
17:15:55 ta has joined
17:21:45 l has left
17:24:40 redditor has left
17:24:42 redditor has joined
17:26:58 tux has joined
17:34:58 krauq has left
17:36:48 Syndace We had a discussion about OMEMO key cross-signing and without giving any further context it seems like revocation is the biggest problem which needs some smart ideas. If we do it the GPG-way we need some sort of revocation-cert. The problem is where to upload the revocation cert to, because a malicious admin could block uploading those or remove them from PEP/whatever.
17:42:15 Wiktor has left
17:42:31 valo has left
17:42:38 valo has joined
17:43:39 Lance has left
17:47:08 Lance has joined
17:52:40 Lance has left
17:52:42 Lance has joined
17:56:44 erkanfiles has joined
17:57:52 j.r has joined
17:58:30 j.r has joined
17:59:25 Wiktor Syndace, why is cross signing intermixed with revocations? As far as I understand cross signing is for extending trust to new keys. If the device is not used for some time it's "revoked" automatically in current design already. That'd cover common scenarios like device migration.
18:01:08 Syndace What do you mean by "current design"?
18:01:34 Syndace Revocation is for when you loose a device or you know the keys have been compromised.
18:03:17 Wiktor I mean by what Conversations do hehe, if you lose a device then after some time the client will stop encrypting for that decide
18:03:23 Wiktor Device*
18:03:49 Syndace Okay, that does not use cross-signing though ^^
18:04:28 Wiktor Yes but it's already working for "revocations" so no need to invent anything new here
18:04:44 Ann has left
18:05:07 Wiktor Just keep the same rules for cross signed devices, no need for extra revocations
18:05:25 Syndace I'm sorry but those are two completely different things. One is publishing cryptographic signatures to tell others that you trust a certain key and the other is some client-side timeout logic that is not specified or cryptographically backed at all
18:07:56 ta has left
18:08:50 Wiktor I'd keep it lightweight, like in Matrix, the cross signing signature should be created by already trusted device and add trust only once, then the trusted device should be treated like any other.
18:09:09 Wiktor If not you risk reimplemening OpenPGP and that's a lot of stuff.
18:09:13 blackmarket has joined
18:09:17 ta has left
18:10:12 genofire has left
18:10:20 blackmarket has left
18:10:57 Syndace Yes that's the goal. The thing is that revocation cannot be ignored really. You need a mechanism to tell people that a key is not trustworthy any more. Otherwise an attacker could use compromised keys to cross-sign as many malicious devices as he likes to.
18:11:46 ta has left
18:12:21 Wiktor Yep, but distributing revocations is a problem. That's why OpenPGP has keyservers to make it hard to remove revocations.
18:12:29 ta has joined
18:13:08 genofire has joined
18:13:24 Wiktor Actually I had an idea how to use OpenPGP (on Android through OpenKeychain) to distribute trusted devices set. But that's including OpenPGP in the solution...
18:17:32 pep. Wiktor, if you implement a way to say "I trust this device" to others, you will also need a way to say "I don't trust this device anymore", I don't think there's any need for arguing that one is not needed
18:18:29 pep. And indeed that can be easily blocked by the server
18:19:16 Wiktor And all that has already been solved by OpenPGP, I just warn that there is a risk of reimplemening square wheel here
18:19:47 pep. That point is clear. That's not what I was replying to
18:21:13 pep. You talked about Matrix, do you have any insight on how they handle this?
18:21:19 Wiktor OpenPGP also has signature expiry, you can use that to automatically expire signatures and require re signing if the device is used
18:23:16 Wiktor Nope, I'm not involved in Matrix that much, the blog post I read only mentioned cross signing by already trusted devices
18:23:24 pep. Right, I read that one as well
18:32:25 redditor has joined
18:40:12 waqas has left
18:43:09 Yagiza has left
18:54:17 redditor has joined
19:03:27 Ann has left
19:04:23 Ann has left
19:05:58 uhoreg The (work-in-progress) proposal for cross-signing in Matrix is at https://github.com/matrix-org/matrix-doc/pull/1756, which uses a master key for signing device keys, rather than having devices sign each other and trying to navigate an arbitrary trust graph. And rather than revocations, we're just nuking the master key and replacing it with a new one.
19:06:24 uhoreg It does depend on the server being somewhat trustworthy, but I don't think there's much you can do about it.
19:09:22 Syndace Trusting the server is not acceptable for OMEMO I'd say.
19:13:21 uhoreg If you can figure out a way to do it without having to trust the server to distribute things properly, I'd be very interested in seeing it. It would be very desirable to have that property, but I haven't been able to figure it out yet.
19:13:23 Ann has left
19:15:14 pep. Yeah I'm also doubtful, even if that's also a property I would like, in the context of e2ee
19:17:52 redditor has left
19:17:53 redditor has joined
19:21:51 jonas’ has left
19:22:25 j.r has joined
19:24:22 redditor has joined
19:25:00 steven has left
19:26:09 lovetox also omemo is relying on the server already
19:26:41 pep. Yes it is. A server can just refuse publishing keys
19:26:43 lovetox if you remove a device from your devicelist, to broadcast to others that its not in use anymore
19:27:15 lovetox then this could be just not broadcasted, and other contacts will never know that you dont use the device anymore
19:31:48 Syndace It is relying on the server but the only thing the server can do is block OMEMO overall or attempt to MITM.
19:32:13 lovetox no as i just described
19:32:20 Syndace Or that, righr
19:32:21 lovetox it can block "revocation" of devices
19:32:36 jonas’ the only use of which would be to attempt MITM, right?
19:32:50 lovetox you cant MITM omemo
19:33:07 lovetox its simply not possible as of to date
19:33:12 Syndace well if the admin got hands on one of your devices it would make sense for him to block the unpublishing
19:33:13 lovetox but you can steal a device
19:33:17 Syndace why is it not
19:33:21 lovetox and then block that this device is revoked
19:33:39 lovetox but thats not MITM
19:34:17 pep. lovetox, you can mitm? and it can easily _not_ be detected, (who even reads the list of fingerprints)
19:34:28 pep. Ah hmm
19:34:30 pep. Not MITM
19:34:35 pep. Add yourself in the device list
19:34:43 jonas’ yeah, you’re not in the middle, but ... I’d still call this mitm
19:34:58 lovetox sorry if you dont verify the fingerprint, then its also not a MITM attack, its a I hope this user doesnt know what he does attack
19:35:05 jonas’ the effects (can read and inject(?) messages) and the mitigations (validate your bloody fingerprints) are the same
19:35:19 Ann has left
19:36:32 pep. jonas’, inject yes, the original account doesn't even have to know
19:37:08 pep. If OMEMO is based on the fact that the server is not trusted, this is pretty much a fail
19:37:31 lovetox pep., i cant agree with you on that
19:37:47 lovetox you seem to think you can just add a device and then everyone is starting to encrypt all his messages to that
19:37:47 krauq has joined
19:38:02 pep. Because it's not true?
19:38:07 lovetox this is simply not possible if you configure your client correctly
19:38:14 lovetox you cant with Gajim
19:38:17 pep. Right, you have a big assumption right there
19:38:28 lovetox there will be a popup that tells you, NEW DEVICE do you want to trust?
19:38:39 lovetox otherwise it will never encrypt to that device
19:39:17 lovetox there is no attack as a malicious server, that does not depend on the user actively ignoring to verify fingerprints
19:39:22 jonas’ lovetox, and the average user will just accept
19:39:35 lovetox but thats true for every encryption
19:39:38 pep. Yes
19:39:42 lovetox this has nothing to do with omemo
19:39:59 pep. Well, yes and no. It has to do how it's designed, and what type of users it's targetting
19:40:18 pep. People come to us saying "OMEMO is the #1 feature I want. I don't consider a client otherwise" and they don't understand what it means
19:40:29 lovetox I could easily write a client that encrypts only to QR code scanned devices
19:40:41 lovetox then every device is physically verified
19:40:58 lovetox this is a client UI decision, and is not a fail in the protocol
19:41:11 pep. True, you could. I doubt you'd manage to market that
19:41:47 lovetox yeah of course, lets make compromises, because the thread model is not NSA prove
19:42:06 lovetox the thread model is, lets encrypt 99% of my data in a way that 99% of people cant decrypt it
19:42:23 lovetox *profe
19:42:35 pep. proof :)
19:42:37 lovetox *proof
19:42:41 lovetox damn it
19:42:54 lovetox didnt write that for a long time, and it seemd wrong :D
19:42:57 j.r has joined
19:44:11 lovetox no im all for looking into this stuff, but signal protocol or whatever you want to call it, is pretty pretty good
19:44:30 lovetox there is really not much left to make better
19:47:18 Ge0rG > lets encrypt 99% of my data in a way that 99% of people cant decrypt it I don't want 99% of people to decrypt my data! Only a selected subset of a few persons!
19:47:48 Ge0rG the challenge is to build a usable client around the signal protocol.
19:48:02 Ge0rG actually, no. The challenge is to build a usable client around any encryption primitive.
19:49:02 lovetox i agree thats the challenge
19:49:06 Half-Shot has left
19:49:15 Ge0rG I think that OpenPGP has better UX than OMEMO, and Matrix seems to agree. A per-account master key that is the root of all trust for a user is so much more transparent and usable than N device keys on your side and M device keys on each of your contact's side with NxM trust relationships
19:49:25 Ge0rG But what do I know.
19:49:36 lovetox and in my opinion what we have now, specially in Gajim there is lots of room for improvement before i go and criticise the protocol
19:50:21 Ge0rG if the protocol did it right, you wouldn't have a forest of possible fuckups to solve in your client.
19:50:26 lovetox Ge0rG, i also wrote a already usable openpgp plugin for the current Gajim version, works fine, i didnt impl the secret key transfer yet
19:51:42 lovetox and you can also make openpgp hard to use
19:52:08 steven has left
19:52:18 pep. lovetox, I just tested with conversations and dino, none tell me I've added a new device
19:52:23 Ge0rG But we only ever specify the wire format, no need to tell developers how to solve the really complicated UX problems.
19:52:32 pep. So I guess that's already a nice set of users not checking
19:52:50 lovetox pep., because blind trust is activated in C by default maybe?
19:52:51 Ge0rG Except that for encryption, a UX fail might kill people.
19:52:57 pep. lovetox, of course it is
19:53:02 pep. That's the whole point of Conversations
19:53:11 lovetox to actually have conversations :D
19:53:16 lovetox not care about encryption
19:53:22 pep. I disagree here
19:53:37 lovetox i agree with that to be honest, lets concentrate less about that crypto mania and more about usable clients
19:54:52 Ge0rG Let's not implement OMEMO.
19:55:16 pep. mod_omemo_mitm when
19:55:20 pep. Just to prove a point
19:55:25 Ge0rG If you are a political dissident, don't use xmpp. It will get you killed.
19:57:44 waqas has joined
19:59:38 Ge0rG Also there is no strong binding between the JID and the keys, so OMEMO ends up being an encryption overlay with opaque rules (superset of device IDs of all the participant JIDs) on top of a message routing overlay with opaque rules on top of a federated client - server - server - client overlay on top of TCP IP
20:00:03 ta Ge0rG: just out of couriosity, what's your recommendation for endangered persons?
20:05:31 Ge0rG ta: depends on who's after you. NSA - don't use Smartphones. Russians - don't use Telegram. Other countries - use Apple devices and Signal with a burner number from an American VoIP service
20:06:52 sezuan has left
20:08:37 mimi89999 has left
20:08:48 Ge0rG ta: I'm not an endangered person, so I didn't do thorough research.
20:12:27 Half-Shot has joined
20:13:14 vaulor has joined
20:14:45 pep. Tbh I understand the "privacy by default" bits and I agree with that. I would want to reach a level where people still have some margin to do their research when they suspect they're being targeted. Atm it's probably to late when you reach this conclusion
20:15:18 ta Mw neither, but i am interested in that topic. To secure your privacy yoi almost have to act like a "wanted" person.
20:16:19 ta I am aware that XMPP is not ideal for that matter either.
20:17:17 pep. I don't think any solution out there is tbh, you can use bits and pieces of some solutions, but the most effective one is certainly to act as a commoner
20:18:10 ta And configuring mobile devices to leak as little information as possible is a fight against windmills.
20:18:58 mightyBroccoli has left
20:21:20 lorddavidiii has joined
20:23:08 ta I can not act like most commoners, i don't want to use closed Software (dont get me started on hardware, its a pity). So i always stand out of the masses. That's why i like to encrypt stuff. Since i would stand out my bitstreams sourroubding me shall not be plaintext. Like i dont run around with Information about me printed on my clothes.
20:26:03 Tobias has left
20:26:04 Tobias has joined
20:26:49 ta Some real p2p solution routed through some onion protocol, verified only in person and used on fully encrypted devices with plausible deniabillity is probably the safest way to not leak content of your Conversation, but will be obvious as hell to agencies.
20:27:24 lorddavidiii has left
20:29:14 lorddavidiii has joined
20:33:45 ta has left
20:34:23 tux has left
20:35:40 lorddavidiii has left
20:45:22 mightyBroccoli has joined
20:52:40 jjrh has left
20:52:54 jjrh has left
20:55:24 oli so xmpp was a great idea some time ago, but post snowden...
20:56:18 j.r has joined
20:56:34 pep. Because pre-Snowden wasn't as bad?
20:56:36 oli for irc like groups use matrix. for one to one use something p2p
20:57:19 pep. I'd be interested to know if matrix actually helps here, or if it's more or less the same issues and you have to trust the server somewhat
20:57:40 pep. hint: I don't think it changes much
20:58:07 ta Depends on your needs
20:58:43 Half-Shot has left
21:00:45 pep. We already specified the need in the discussion above. "You don't trust your server"
21:03:43 lorddavidiii has joined
21:07:23 Guus has left
21:08:02 redditor has left
21:08:02 l has joined
21:08:45 l has joined
21:08:46 j.r has joined
21:10:04 lorddavidiii has left
21:10:30 erkanfiles has joined
21:10:33 rion has joined
21:12:21 lorddavidiii has joined
21:14:02 rion Hi. I'm looking at "6.3 Stream Feature" of caps xep. It's nice. But is there something similar for services list (disco#items) and their versions? I mean I'd like to cache not just jabber.ru but conference.jabber.ru, upload.jabber.ru and other services of my server.
21:16:24 lovetox but how do you get the info about the version of the disco items?
21:16:48 lovetox with normal contacts, we exchange presence and we have to do this anyway so we add the version there and save a query
21:17:02 Alex has left
21:17:13 lovetox but you exchange nothing with a MUC or component where you could add the version and save the query
21:17:35 lovetox the first every contact is the disco query, so you get to know what that thing is in the first place
21:17:44 l has joined
21:17:51 rion lovetox: no idea how to do this properly. for example if caps computation of jabber.ru would also include conference.jabber.ru that would be enough for me.
21:18:44 lovetox to answer your question, no we dont have something like that for server components
21:18:58 rion btw about muc. ejabberd already can compute caps for it and send them early on join.
21:19:14 lovetox thats too late
21:19:26 lovetox you have to know if a jid is a muc before you join
21:19:57 rion well yes. but it's better than nothing
21:20:54 rion is there a place where I can write my wishes for xep improvements?
21:21:01 lovetox hm its only useful if you dont use MAM
21:21:24 lovetox yes the standards mailing list
21:21:57 lovetox standards@xmpp.org
21:22:29 lovetox oh rion i spoke too soon
21:22:41 lovetox there is an experimental xep who does what you want i think
21:22:46 lovetox at least in part
21:22:46 lovetox https://xmpp.org/extensions/xep-0390.html#usecases-stream-feature
21:22:47 rion 390?
21:23:15 lovetox thats would be also the place to comment for improvements because its experimental
21:23:19 lovetox 115 will never change
21:24:00 lovetox also for the MUC case there is another problem
21:24:10 lovetox the MUC component has caps but they are not that useful
21:24:27 lovetox because every MUC jid itself can have different caps
21:24:59 rion interesting
21:27:47 lovetox yeah but also here again, server caps yeah nice
21:27:58 lovetox but what you even more need are your account caps
21:35:54 waqas has left
21:45:42 lorddavidiii has left
21:49:33 lorddavidiii has joined
21:51:15 lorddavidiii has left
21:52:22 l has left
21:55:32 Ann has left
22:10:05 thorsten has left
22:12:30 jjrh has left
22:12:39 redditor has joined
22:17:51 !xsf_Martin has joined
22:18:23 redditor has left
22:18:24 redditor has joined
22:18:51 !xsf_Martin has joined
22:19:41 lskdjf has joined
22:20:14 Ann has left
22:22:32 Ann has left
22:24:12 yomane has joined
22:25:53 yomane has left
22:26:08 yomane has joined
22:26:29 yomane has left
22:26:39 yomane has joined
22:29:12 moparisthebest has joined
22:29:52 rion well I just sent the email about xep-0390 updates. I hope it's not lost since I don't have any notifications about its destiny :)
22:30:28 lovetox yeah takes some minutes until it shows up
22:30:28 l has joined
22:30:42 lovetox you registered on the list though?
22:30:54 rion nope..
22:30:54 yomane has left
22:31:04 lovetox em yeah i maybe should have mentioned that ^^^^
22:31:06 yomane has joined
22:31:16 lovetox dont know if it allows to post for unregistered users
22:31:37 lovetox https://mail.jabber.org/mailman/listinfo/standards
22:31:38 rion should I send "register" or something ?
22:31:43 rion ok
22:32:02 lovetox hm rion no mom
22:32:07 lovetox seems you dont need to register
22:32:15 lovetox the registration is for subscribing
22:32:35 yomane has left
22:32:40 lovetox here you can look if it is posted
22:32:41 lovetox https://mail.jabber.org/pipermail/standards/
22:32:50 yomane has joined
22:33:16 lovetox ah damn rion
22:33:19 lovetox it says it
22:33:20 lovetox Note: To cut down on spam, you must be subscribed to this list in order to post!
22:35:06 yomane has left
22:35:21 yomane has joined
22:35:42 rion I see. I'll resend :)
22:35:55 rion just subscribed
22:37:05 yomane has left
22:37:17 yomane has joined
22:37:32 yomane has left
22:37:42 yomane has joined
22:37:53 yomane has left
22:38:07 yomane has joined
22:40:16 jjrh has left
22:41:20 rion it's there now
22:49:11 l has joined
22:51:00 lovetox gratz on your first post :D
22:51:34 rion =))
22:53:29 thorsten has joined
22:59:41 ThibG has left
22:59:47 ThibG has joined
23:32:57 tux has left
23:36:35 lnj has left
23:52:04 ralphm has left
23:52:06 ralphm has joined
23:55:17 Half-Shot has joined
23:55:54 rion has left
23:58:05 vanitasvitae has left
23:59:28 Half-Shot_ has joined
23:59:33 Half-Shot_ has left
23:59:55 !xsf_Martin has left