XSF Discussion - 2019-03-16

  1. Ge0rG

    moparisthebest: we just discovered a valid use case for DoX over in jdev! If you are using a proxy (`connect` or socks), you need a way to resolve SRV without leaking the domain to your local network. So you need to tunnel DNS over the proxy

  2. ralphm


  3. flow

    Ge0rG, and the DoX server endpoint would be?

  4. ralphm

    Well, I imagine that, like with browsers, this is configurable and/or discoverable.

  5. moparisthebest

    Ha awesome

  6. moparisthebest

    I think browsers just hardcode the endpoint...

  7. moparisthebest

    Firefox let's you change it in about:config

  8. moparisthebest

    Android let's you change it deep into settings

  9. Wiktor

    And in XMPP one can auto discover endpoint by querying server disco info, like http upload. :)

  10. jonas’

    Wiktor, ... and how do you connect to something you can query?

  11. moparisthebest

    Wiktor: you still need a resolver jid/pass + ip + port hardcoded

  12. moparisthebest

    Well, the "querier" account, then you can auto discover the resolver

  13. moparisthebest

    With DNS you'll always need something hardcoded I think

  14. moparisthebest

    Assuming you don't want to leak anything to local DHCP provided DNS server

  15. Ge0rG

    moparisthebest: you should set it up to use anonymous login.

  16. Wiktor

    DoX has the same bootstrapping problem as Do-Anything. I'm not thinking on using it for first query, but for all subsequent queries in the system, effectively upgrading privacy.

  17. moparisthebest

    Yep I need to set up an account with anonymous login firewalled to only contact the resolver

  18. moparisthebest

    Anyone else can do it too though :)

  19. Ge0rG

    moparisthebest: also the correct xmpp URI would be xmpp://user:password@domain/botjid?params

  20. moparisthebest

    It supports params like that?

  21. Ge0rG

    There is a XEP and an RFC for XMPP URI schemes.

  22. moparisthebest

    that's unfortunately tricky and obnoxious

  23. moparisthebest

    in my program I need a clear seperation between "configuration only for this program" and "params sent to endpoint"

  24. moparisthebest

    since it supports http:// anything after the ? gets sent to the server, anything after the # does not

  25. moparisthebest

    so, I just use the same URI parser code for xmpp:// urls, not at all a format that is standard or anyone else can use, but meh

  26. moparisthebest

    it's compatible with my made up tls:// tcp:// and udp:// urls

  27. Ge0rG

    It's incompatible with my brain.

  28. ralphm

    moparisthebest: if you are going to use things that kinda look like an xmpp URI, please make it valid. Bad examples are copy/pasted and the end result would be terrible.

  29. ralphm

    Also don't invent your own URI schemes.

  30. Ge0rG

    What ralphm said.

  31. moparisthebest

    I don't consider them URI schemes I consider them configuration file formats

  32. ralphm

    Then don't let them look like URIs.

  33. Zash

    Is there interest in a XEP with more detailed s2s errors to attach to bounced stanzas? `remote-server-not-found` and `remote-server-timeout` doesn't quite cover the range of possible problems.

  34. ralphm

    As application-specific conditions?

  35. Zash


  36. ralphm

    Sounds like a great idea. Would it be mostly informative for debugging, or do you also expect clients and other entities to handle such detailed conditions differently?

  37. Zash

    Yes, informative machine-readable information. Aiding in debugging by providing users with more info to report is one potential benefit.

  38. ralphm nods

  39. flow

    Zash, +1

  40. flow

    Although I am not sure if it adds that much additional value compared to adding the detaield error information into <text/>

  41. flow

    OTOH it can't hurt

  42. Ge0rG

    Speaking of which...

  43. Zash

    It would be nice if one could hint about whether it's a transient error or something more permanent. Not sure that's possible tho.

  44. ralphm

    Huh? You can use the type attribute?

  45. ralphm


  46. Zash

    Oh, right

  47. Zash

    Wait, I mean, how do you know?

  48. ralphm

    Well, if you don't know, you can't hint.

  49. ralphm

    But, if you're going to create app-specific conditions you could include meta data. Like how long this condition has already lasted.

  50. Zash

    Good idea

  51. ralphm

    Something like suddenly getting an explicit . record for SRV would signal a permanent condition.

  52. ralphm

    (although I guess that's <gone/>)

  53. ralphm

    I'd also mention the usefulness of including the 'by' attribute pointing to the local server, so you can see which entity determined the condition.

  54. Ge0rG

    What about adding a delay element?

  55. Ge0rG

    We have a standard for that

  56. Link Mauve

    “15:52:02 Andrew Nenakhov> Do any clients support 0385? I'm not a fan of it, but if it has some spread, I might reconsider”, I only know of Movim, which uses it the same way Conversations uses OOB AIUI.