XSF Discussion - 2019-09-21

  1. matkor has left

  2. matkor has joined

  3. lskdjf has left

  4. ralphm has left

  5. ralphm has joined

  6. karoshi has left

  7. pdurbin has joined

  8. zach has left

  9. zach has joined

  10. pdurbin has left

  11. UsL has left

  12. UsL has joined

  13. mukt2 has joined

  14. mukt2 has left

  15. Chobbes has left

  16. zach has left

  17. zach has joined

  18. Chobbes has joined

  19. neshtaxmpp has left

  20. neshtaxmpp has joined

  21. zach has left

  22. zach has joined

  23. zach has left

  24. zach has joined

  25. Chobbes has left

  26. UsL has left

  27. mukt2 has joined

  28. mukt2 has left

  29. zach has left

  30. zach has joined

  31. adiaholic has joined

  32. UsL has joined

  33. Daniel has left

  34. sonny has left

  35. andy has joined

  36. Daniel has joined

  37. pdurbin has joined

  38. pdurbin has left

  39. adiaholic has left

  40. adiaholic has joined

  41. matkor has left

  42. matkor has joined

  43. zach has left

  44. zach has joined

  45. adiaholic has left

  46. adiaholic has joined

  47. Daniel has left

  48. sonny has joined

  49. mimi89999 has left

  50. mimi89999 has joined

  51. pdurbin has joined

  52. adiaholic has left

  53. adiaholic has joined

  54. mukt2 has joined

  55. mukt2 has left

  56. xalek has left

  57. wurstsalat has left

  58. waqas has left

  59. zach has left

  60. zach has joined

  61. Yagiza has joined

  62. Daniel has joined

  63. winfried has left

  64. COM8 has joined

  65. Nekit has joined

  66. winfried has joined

  67. COM8 has left

  68. adiaholic has left

  69. zach has left

  70. zach has joined

  71. lumi has joined

  72. winfried has left

  73. winfried has joined

  74. Maranda has left

  75. Maranda has joined

  76. Yagiza has left

  77. Yagiza has joined

  78. wurstsalat has joined

  79. Mikaela has joined

  80. adiaholic has joined

  81. Yagiza has left

  82. Yagiza has joined

  83. zach has left

  84. zach has joined

  85. mukt2 has joined

  86. Yagiza has left

  87. Yagiza has joined

  88. karoshi has joined

  89. mukt2 has left

  90. Steve Kille has left

  91. jubalh has joined

  92. larma has left

  93. Daniel has left

  94. Daniel has joined

  95. Steve Kille has joined

  96. larma has joined

  97. zach has left

  98. zach has joined

  99. Daniel has left

  100. Daniel has joined

  101. adiaholic has left

  102. adiaholic has joined

  103. debacle has joined

  104. Daniel has left

  105. Daniel has joined

  106. Daniel has left

  107. Daniel has joined

  108. Tobias has joined

  109. Daniel has left

  110. Daniel has joined

  111. jubalh has left

  112. Daniel has left

  113. Daniel has joined

  114. zach has left

  115. zach has joined

  116. adiaholic has left

  117. adiaholic has joined

  118. Daniel has left

  119. Daniel has joined

  120. flow

    MattJ, May I suggest to remove the "Servers MUST NOT include the <stanza-id/> element in messages addressed to JIDs that do not have permissions to access the archive" from xep313. It appears to provide very little, I'd even say nothing because the id-String shouldn't reveal anything, for a lot of complexity in the MAM archive service implementation

  121. Daniel has left

  122. Daniel has joined

  123. lovetox

    it does reveal something

  124. lovetox

    on ejabberd for example the exact timestamp of the message

  125. MattJ

    I think it would have to be tied with a requirement that ids do not leak any info

  126. lovetox

    yeah and this would be bad

  127. MattJ

    I'm not sure timestamp counts as a problem

  128. MattJ

    But if it was combined with a counter it would

  129. MattJ

    And timestamps are not unique on their own

  130. flow

    lovetox, well that would violate a MUST frmo xep359

  131. flow

    also I am not sure if timestamps are a problem

  132. lovetox

    its very useful that ejabberd uses timestamps as messages

  133. lovetox

    its very useful that ejabberd uses timestamps as ids

  134. lovetox

    as it allows to determine a order

  135. lovetox

    even if impl cannot rely on it because other servers dont do that

  136. MattJ

    Tell me you don't depend on that :)

  137. flow

    furthermore, we could at least relax the requirement in xep313, e.g. by making it conditional

  138. lovetox

    of course i dont, as not all servers do that

  139. lovetox

    when i remember correctly the only argument against a orderable id was

  140. lovetox

    clusters may be more complex to implement that

  141. flow

    but I would simply remove that requirement from xep313, which also would make the xep less complex, which is always good

  142. pep.

    > MattJ> I think it would have to be tied with a requirement that ids do not leak any info Isn't that the case already?

  143. zach has left

  144. zach has joined

  145. pep.

    For 0359 stuff

  146. pep.

    Hmm, it says "unique and stable" and recommends UUID..

  147. pep.

    I think that's good enough

  148. goffi has joined

  149. adiaholic has left

  150. deepak has joined

  151. Daniel has left

  152. Daniel has joined

  153. deepak has left

  154. lovetox

    i see xep 0398 is under specified

  155. marc_ has joined

  156. lovetox

    it says "Upon receiving a vCard publication request with a valid photo attached"

  157. Daniel has left

  158. zach has left

  159. Daniel has joined

  160. zach has joined

  161. lovetox

    so no photo element is invalid in this case?

  162. lovetox

    means every client out there now has to publish empty photo elements in there vcard for avatar conversion to work?

  163. lovetox

    is this intended? why not just interpret no photoelement as <photo/>

  164. lovetox

    or did the XEP author foget about the "Delete a photo" usecase

  165. lovetox

    and this sentence reflects only setting a avatar other than none

  166. lovetox

    ^ Daniel

  167. Daniel

    yes the XEP doesn’t cover deletion

  168. Daniel


  169. flow

    pep., see also the security section of xep359

  170. pep.

    Right, so that's settled then

  171. flow

    MattJ, xep359 already has that requirement that IDs do not leak inve, hence i was supprised to find that section in xep313

  172. APach has left

  173. adiaholic has joined

  174. adiaholic has left

  175. sonny has left

  176. APach has joined

  177. adiaholic has joined

  178. sonny has joined

  179. lskdjf has joined

  180. mukt2 has joined

  181. adiaholic has left

  182. adiaholic has joined

  183. adiaholic has left

  184. adiaholic has joined

  185. mukt2 has left

  186. emus has joined

  187. MattJ

    pep.: "unique and stable" is not enough

  188. zach has left

  189. zach has joined

  190. MattJ

    We've already seen security issues from far simpler and more obvious problems, it's not enough to say that a sentence in a separate document covers us

  191. pep.

    MattJ, see what was said above

  192. pep.

    0359 mandates more than that

  193. emus has left

  194. emus has joined

  195. pep.

    - the IDs defined in this extension MUST be unique and stable within the scope of the generating XMPP entity - Entities observing the value MUST NOT be able to infer any information from it - The value of 'id' MUST be considered a non-secret value.

  196. marc_ has left

  197. marc_ has joined

  198. pep.

    (obviously, "MUST NOT be able to infer any information from it" is only practical to some extent, but that wouldn't be an issue for MAM would it)

  199. debacle has left

  200. emus has left

  201. vanitasvitae has left

  202. Ge0rG

    I suggest to introduce a new stanza element, <mam-id>, that is not leaking any information.

  203. zach has left

  204. zach has joined

  205. vanitasvitae has joined

  206. Ge0rG

    With a "MUST NOT be equal to any of the other id elements or attributes of the message" requirement.

  207. marc_ has left

  208. pdurbin has left

  209. winfried has left

  210. winfried has joined

  211. winfried has left

  212. winfried has joined

  213. Nekit has left

  214. winfried has left

  215. winfried has joined

  216. winfried has left

  217. winfried has joined

  218. winfried has left

  219. winfried has joined

  220. debacle has joined

  221. winfried has left

  222. winfried has joined

  223. winfried has left

  224. winfried has joined

  225. COM8 has joined

  226. winfried has left

  227. mukt2 has joined

  228. winfried has joined

  229. COM8 has left

  230. Tobias has left

  231. Tobias has joined

  232. Alex has left

  233. Alex has joined

  234. andy has left

  235. zach has left

  236. zach has joined

  237. andy has joined

  238. mukt2 has left

  239. j.r has left

  240. mukt2 has joined

  241. Mikaela has left

  242. Mikaela has joined

  243. j.r has joined

  244. APach has left

  245. zach has left

  246. zach has joined

  247. emus has joined

  248. zach has left

  249. zach has joined

  250. APach has joined

  251. adiaholic has left

  252. adiaholic has joined

  253. mukt2 has left

  254. Nekit has joined

  255. pdurbin has joined

  256. rion has left

  257. rion has joined

  258. j.r has left

  259. j.r has joined

  260. pdurbin has left

  261. zach has left

  262. zach has joined

  263. marc_ has joined

  264. MattJ

    Can't tell if sarcasm

  265. winfried has left

  266. winfried has joined

  267. horst has joined

  268. APach has left

  269. APach has joined

  270. debacle has left

  271. horst has left

  272. zach has left

  273. zach has joined

  274. Zash

    In https://xmpp.org/extensions/xep-0398.html#presence it's implied but not explicitly stated that the server should leave empty <photo/> elements alone. Why is that? (poke Daniel)

  275. Daniel

    Iirc to give clients the option to join w/o avater

  276. Daniel

    Not that it really makes sense. But I think that was the intention behind it

  277. zach has left

  278. zach has joined

  279. mukt2 has joined

  280. mukt2 has left

  281. zach has left

  282. zach has joined

  283. Zash

    Some clarification there would be good I think

  284. pdurbin has joined

  285. waqas has joined

  286. APach has left

  287. zach has left

  288. zach has joined

  289. APach has joined

  290. Kev has joined

  291. j.r has left

  292. pdurbin has left

  293. Daniel

    Quick update on the IM regulation. I just (accidentally) talked to someone who was on the SPD's (major party in Germany) digital working group thing. And it was her that Katharina barley asked in 2018 about IM regulation. And she contacted the CCC who was like "mhh we don't really know". And now it's apparently dead because according to her the SPD is not in a functional state right now

  294. zach has left

  295. zach has joined

  296. Daniel

    Cc Ge0rG

  297. pep.

    What was that article then a week ago? :/

  298. Daniel

    dunno. i mean it did not have any sources. maybe it was old sources

  299. Daniel

    or just made up

  300. pep.


  301. andy has left

  302. Kev has left

  303. Daniel

    also she asked for me contact information and i wrote down my website and my email address and then she asked for my phone number because she doesn’t write email; and under pressure I couldn’t remember it (why do people think that 10 random numbers are a good ID) - i gues s i need a business card

  304. pep.

    "why do people think that 10 random numbers are a good ID" haha, I agree, and that's not even because of the infamous Zooko.

  305. Ge0rG

    Daniel: did you take her phone number at least?

  306. zach has left

  307. zach has joined

  308. zach has left

  309. zach has joined

  310. jubalh has joined

  311. Daniel

    Ge0rG, no. it felt more like a "don’t call us we call you" situation

  312. Nekit has left

  313. j.r has joined

  314. Ge0rG

    Daniel: that's a bit sad.

  315. Daniel

    last time i tried to talk to a politician she offered to take a selfie with me

  316. pep.

    "PR, PR, PR"?

  317. Ge0rG

    Daniel: looks like you learned the hard way how modern politics work...

  318. zach has left

  319. zach has joined

  320. jubalh has left

  321. fippo

    daniel: maybe she wanted the phone number to contact you via signal? :-p

  322. marc_ has left

  323. zach has left

  324. zach has joined

  325. lumi has left

  326. pdurbin has joined

  327. zach has left

  328. zach has joined

  329. Kev has joined

  330. Kev has left

  331. debacle has joined

  332. adiaholic has left

  333. adiaholic has joined

  334. pdurbin has left

  335. adiaholic has left

  336. adiaholic has joined

  337. lumi has joined

  338. zach has left

  339. zach has joined

  340. adiaholic has left

  341. adiaholic has joined

  342. krauq has left

  343. krauq has joined

  344. zach has left

  345. zach has joined

  346. mukt2 has joined

  347. zach has left

  348. zach has joined

  349. jubalh has joined

  350. xalek has joined

  351. jubalh has left

  352. jubalh has joined

  353. jubalh has left

  354. marc_ has joined

  355. adiaholic has left

  356. jubalh has joined

  357. jubalh has left

  358. jubalh has joined

  359. jubalh has left

  360. jubalh has joined

  361. jubalh has left

  362. jubalh has joined

  363. jubalh has left

  364. jubalh has joined

  365. jubalh has left

  366. jubalh has joined

  367. jubalh has left

  368. jubalh has joined

  369. jubalh has left

  370. zach has left

  371. zach has joined

  372. jubalh has joined

  373. jubalh has left

  374. mukt2 has left

  375. adiaholic has joined

  376. mukt2 has joined

  377. adiaholic has left

  378. pdurbin has joined

  379. zach has left

  380. zach has joined

  381. pdurbin has left

  382. j.r has left

  383. zach has left

  384. zach has joined

  385. mukt2 has left

  386. mukt2 has joined

  387. zach has left

  388. zach has joined

  389. Yagiza has left

  390. mukt2 has left

  391. mukt2 has joined

  392. mukt2 has left

  393. zach has left

  394. zach has joined

  395. lumi has left

  396. waqas has left

  397. mukt2 has joined

  398. mukt2 has left

  399. j.r has joined

  400. mukt2 has joined

  401. zach has left

  402. zach has joined

  403. mukt2 has left

  404. andy has joined

  405. mukt2 has joined

  406. mimi89999 has left

  407. mimi89999 has joined

  408. Kev has joined

  409. Kev has left

  410. mukt2 has left

  411. zach has left

  412. zach has joined

  413. mimi89999 has left

  414. mimi89999 has joined

  415. eevvoor has joined

  416. mukt2 has joined

  417. winfried has left

  418. winfried has joined

  419. pdurbin has joined

  420. winfried has left

  421. winfried has joined

  422. winfried has left

  423. winfried has joined

  424. mukt2 has left

  425. mukt2 has joined

  426. karoshi has left

  427. winfried has left

  428. winfried has joined

  429. mukt2 has left

  430. mukt2 has joined

  431. winfried has left

  432. winfried has joined

  433. Kev has joined

  434. Kev has left

  435. zach has left

  436. zach has joined

  437. mukt2 has left

  438. pdurbin has left

  439. winfried has left

  440. winfried has joined

  441. winfried has left

  442. winfried has joined

  443. winfried has left

  444. winfried has joined

  445. debacle has left

  446. mukt2 has joined

  447. lumi has joined

  448. karoshi has joined

  449. zach has left

  450. zach has joined

  451. LNJ has left

  452. zach has left

  453. zach has joined

  454. winfried has left

  455. andrey.g has left

  456. winfried has joined

  457. zach has left

  458. zach has joined

  459. goffi has left

  460. mukt2 has left

  461. mukt2 has joined

  462. andy has left

  463. mukt2 has left

  464. mukt2 has joined

  465. zach has left

  466. zach has joined

  467. andrey.g has joined

  468. eevvoor has left

  469. Tobias has left

  470. mukt2 has left

  471. mukt2 has joined

  472. mukt2 has left

  473. debacle has joined

  474. Nekit has joined

  475. mukt2 has joined

  476. lovetox has left

  477. marc_ has left

  478. Mikaela has left

  479. waqas has joined

  480. mukt2 has left

  481. karoshi has left

  482. UsL has left

  483. UsL has joined

  484. zach has left

  485. zach has joined

  486. debacle has left

  487. waqas has left

  488. Nekit has left