XSF Discussion - 2019-03-16

moparisthebest: we just discovered a valid use case for DoX over in jdev! If you are using a proxy (`connect` or socks), you need a way to resolve SRV without leaking the domain to your local network. So you need to tunnel DNS over the proxy

🤣

Ge0rG, and the DoX server endpoint would be?

Well, I imagine that, like with browsers, this is configurable and/or discoverable.

Ha awesome

I think browsers just hardcode the endpoint...

Firefox let's you change it in about:config

Android let's you change it deep into settings

And in XMPP one can auto discover endpoint by querying server disco info, like http upload. :)

Wiktor, ... and how do you connect to something you can query?

Wiktor: you still need a resolver jid/pass + ip + port hardcoded

Well, the "querier" account, then you can auto discover the resolver

With DNS you'll always need something hardcoded I think

Assuming you don't want to leak anything to local DHCP provided DNS server

moparisthebest: you should set it up to use anonymous login.

DoX has the same bootstrapping problem as Do-Anything. I'm not thinking on using it for first query, but for all subsequent queries in the system, effectively upgrading privacy.

Yep I need to set up an account with anonymous login firewalled to only contact the resolver

Anyone else can do it too though :)

moparisthebest: also the correct xmpp URI would be xmpp://user:password@domain/botjid?params

It supports params like that?

There is a XEP and an RFC for XMPP URI schemes.

that's unfortunately tricky and obnoxious

in my program I need a clear seperation between "configuration only for this program" and "params sent to endpoint"

since it supports http:// anything after the ? gets sent to the server, anything after the # does not

so, I just use the same URI parser code for xmpp:// urls, not at all a format that is standard or anyone else can use, but meh

it's compatible with my made up tls:// tcp:// and udp:// urls

It's incompatible with my brain.

moparisthebest: if you are going to use things that kinda look like an xmpp URI, please make it valid. Bad examples are copy/pasted and the end result would be terrible.

Also don't invent your own URI schemes.

What ralphm said.

I don't consider them URI schemes I consider them configuration file formats

Then don't let them look like URIs.

Is there interest in a XEP with more detailed s2s errors to attach to bounced stanzas? `remote-server-not-found` and `remote-server-timeout` doesn't quite cover the range of possible problems.

As application-specific conditions?

Yes

Sounds like a great idea. Would it be mostly informative for debugging, or do you also expect clients and other entities to handle such detailed conditions differently?

Yes, informative machine-readable information. Aiding in debugging by providing users with more info to report is one potential benefit.

Zash, +1

Although I am not sure if it adds that much additional value compared to adding the detaield error information into <text/>

OTOH it can't hurt

Speaking of which...

It would be nice if one could hint about whether it's a transient error or something more permanent. Not sure that's possible tho.

Huh? You can use the type attribute?

https://tools.ietf.org/html/rfc6120#section-8.3.2

Oh, right

Wait, I mean, how do you know?

Well, if you don't know, you can't hint.

But, if you're going to create app-specific conditions you could include meta data. Like how long this condition has already lasted.

Good idea

Something like suddenly getting an explicit . record for SRV would signal a permanent condition.

(although I guess that's <gone/>)

I'd also mention the usefulness of including the 'by' attribute pointing to the local server, so you can see which entity determined the condition.

What about adding a delay element?

We have a standard for that

“15:52:02 Andrew Nenakhov> Do any clients support 0385? I'm not a fan of it, but if it has some spread, I might reconsider”, I only know of Movim, which uses it the same way Conversations uses OOB AIUI.