XSF Discussion - 2019-09-21

  1. matkor has left
  2. matkor has joined
  3. lskdjf has left
  4. ralphm has left
  5. ralphm has joined
  6. karoshi has left
  7. pdurbin has joined
  8. zach has left
  9. zach has joined
  10. pdurbin has left
  11. UsL has left
  12. UsL has joined
  13. mukt2 has joined
  14. mukt2 has left
  15. Chobbes has left
  16. zach has left
  17. zach has joined
  18. Chobbes has joined
  19. neshtaxmpp has left
  20. neshtaxmpp has joined
  21. zach has left
  22. zach has joined
  23. zach has left
  24. zach has joined
  25. Chobbes has left
  26. UsL has left
  27. mukt2 has joined
  28. mukt2 has left
  29. zach has left
  30. zach has joined
  31. adiaholic has joined
  32. UsL has joined
  33. Daniel has left
  34. sonny has left
  35. andy has joined
  36. Daniel has joined
  37. pdurbin has joined
  38. pdurbin has left
  39. adiaholic has left
  40. adiaholic has joined
  41. matkor has left
  42. matkor has joined
  43. zach has left
  44. zach has joined
  45. adiaholic has left
  46. adiaholic has joined
  47. Daniel has left
  48. sonny has joined
  49. mimi89999 has left
  50. mimi89999 has joined
  51. pdurbin has joined
  52. adiaholic has left
  53. adiaholic has joined
  54. mukt2 has joined
  55. mukt2 has left
  56. xalek has left
  57. wurstsalat has left
  58. waqas has left
  59. zach has left
  60. zach has joined
  61. Yagiza has joined
  62. Daniel has joined
  63. winfried has left
  64. COM8 has joined
  65. Nekit has joined
  66. winfried has joined
  67. COM8 has left
  68. adiaholic has left
  69. zach has left
  70. zach has joined
  71. lumi has joined
  72. winfried has left
  73. winfried has joined
  74. Maranda has left
  75. Maranda has joined
  76. Yagiza has left
  77. Yagiza has joined
  78. wurstsalat has joined
  79. Mikaela has joined
  80. adiaholic has joined
  81. Yagiza has left
  82. Yagiza has joined
  83. zach has left
  84. zach has joined
  85. mukt2 has joined
  86. Yagiza has left
  87. Yagiza has joined
  88. karoshi has joined
  89. mukt2 has left
  90. Steve Kille has left
  91. jubalh has joined
  92. larma has left
  93. Daniel has left
  94. Daniel has joined
  95. Steve Kille has joined
  96. larma has joined
  97. zach has left
  98. zach has joined
  99. Daniel has left
  100. Daniel has joined
  101. adiaholic has left
  102. adiaholic has joined
  103. debacle has joined
  104. Daniel has left
  105. Daniel has joined
  106. Daniel has left
  107. Daniel has joined
  108. Tobias has joined
  109. Daniel has left
  110. Daniel has joined
  111. jubalh has left
  112. Daniel has left
  113. Daniel has joined
  114. zach has left
  115. zach has joined
  116. adiaholic has left
  117. adiaholic has joined
  118. Daniel has left
  119. Daniel has joined
  120. flow MattJ, May I suggest to remove the "Servers MUST NOT include the <stanza-id/> element in messages addressed to JIDs that do not have permissions to access the archive" from xep313. It appears to provide very little, I'd even say nothing because the id-String shouldn't reveal anything, for a lot of complexity in the MAM archive service implementation
  121. Daniel has left
  122. Daniel has joined
  123. lovetox it does reveal something
  124. lovetox on ejabberd for example the exact timestamp of the message
  125. MattJ I think it would have to be tied with a requirement that ids do not leak any info
  126. lovetox yeah and this would be bad
  127. MattJ I'm not sure timestamp counts as a problem
  128. MattJ But if it was combined with a counter it would
  129. MattJ And timestamps are not unique on their own
  130. flow lovetox, well that would violate a MUST frmo xep359
  131. flow also I am not sure if timestamps are a problem
  132. lovetox its very useful that ejabberd uses timestamps as messages
  133. lovetox its very useful that ejabberd uses timestamps as ids
  134. lovetox as it allows to determine a order
  135. lovetox even if impl cannot rely on it because other servers dont do that
  136. MattJ Tell me you don't depend on that :)
  137. flow furthermore, we could at least relax the requirement in xep313, e.g. by making it conditional
  138. lovetox of course i dont, as not all servers do that
  139. lovetox when i remember correctly the only argument against a orderable id was
  140. lovetox clusters may be more complex to implement that
  141. flow but I would simply remove that requirement from xep313, which also would make the xep less complex, which is always good
  142. pep. > MattJ> I think it would have to be tied with a requirement that ids do not leak any info Isn't that the case already?
  143. zach has left
  144. zach has joined
  145. pep. For 0359 stuff
  146. pep. Hmm, it says "unique and stable" and recommends UUID..
  147. pep. I think that's good enough
  148. goffi has joined
  149. adiaholic has left
  150. deepak has joined
  151. Daniel has left
  152. Daniel has joined
  153. deepak has left
  154. lovetox i see xep 0398 is under specified
  155. marc_ has joined
  156. lovetox it says "Upon receiving a vCard publication request with a valid photo attached"
  157. Daniel has left
  158. zach has left
  159. Daniel has joined
  160. zach has joined
  161. lovetox so no photo element is invalid in this case?
  162. lovetox means every client out there now has to publish empty photo elements in there vcard for avatar conversion to work?
  163. lovetox is this intended? why not just interpret no photoelement as <photo/>
  164. lovetox or did the XEP author foget about the "Delete a photo" usecase
  165. lovetox and this sentence reflects only setting a avatar other than none
  166. lovetox ^ Daniel
  167. Daniel yes the XEP doesn’t cover deletion
  168. Daniel yet
  169. flow pep., see also the security section of xep359
  170. pep. Right, so that's settled then
  171. flow MattJ, xep359 already has that requirement that IDs do not leak inve, hence i was supprised to find that section in xep313
  172. APach has left
  173. adiaholic has joined
  174. adiaholic has left
  175. sonny has left
  176. APach has joined
  177. adiaholic has joined
  178. sonny has joined
  179. lskdjf has joined
  180. mukt2 has joined
  181. adiaholic has left
  182. adiaholic has joined
  183. adiaholic has left
  184. adiaholic has joined
  185. mukt2 has left
  186. emus has joined
  187. MattJ pep.: "unique and stable" is not enough
  188. zach has left
  189. zach has joined
  190. MattJ We've already seen security issues from far simpler and more obvious problems, it's not enough to say that a sentence in a separate document covers us
  191. pep. MattJ, see what was said above
  192. pep. 0359 mandates more than that
  193. emus has left
  194. emus has joined
  195. pep. - the IDs defined in this extension MUST be unique and stable within the scope of the generating XMPP entity - Entities observing the value MUST NOT be able to infer any information from it - The value of 'id' MUST be considered a non-secret value.
  196. marc_ has left
  197. marc_ has joined
  198. pep. (obviously, "MUST NOT be able to infer any information from it" is only practical to some extent, but that wouldn't be an issue for MAM would it)
  199. debacle has left
  200. emus has left
  201. vanitasvitae has left
  202. Ge0rG I suggest to introduce a new stanza element, <mam-id>, that is not leaking any information.
  203. zach has left
  204. zach has joined
  205. vanitasvitae has joined
  206. Ge0rG With a "MUST NOT be equal to any of the other id elements or attributes of the message" requirement.
  207. marc_ has left
  208. pdurbin has left
  209. winfried has left
  210. winfried has joined
  211. winfried has left
  212. winfried has joined
  213. Nekit has left
  214. winfried has left
  215. winfried has joined
  216. winfried has left
  217. winfried has joined
  218. winfried has left
  219. winfried has joined
  220. debacle has joined
  221. winfried has left
  222. winfried has joined
  223. winfried has left
  224. winfried has joined
  225. COM8 has joined
  226. winfried has left
  227. mukt2 has joined
  228. winfried has joined
  229. COM8 has left
  230. Tobias has left
  231. Tobias has joined
  232. Alex has left
  233. Alex has joined
  234. andy has left
  235. zach has left
  236. zach has joined
  237. andy has joined
  238. mukt2 has left
  239. j.r has left
  240. mukt2 has joined
  241. Mikaela has left
  242. Mikaela has joined
  243. j.r has joined
  244. APach has left
  245. zach has left
  246. zach has joined
  247. emus has joined
  248. zach has left
  249. zach has joined
  250. APach has joined
  251. adiaholic has left
  252. adiaholic has joined
  253. mukt2 has left
  254. Nekit has joined
  255. pdurbin has joined
  256. rion has left
  257. rion has joined
  258. j.r has left
  259. j.r has joined
  260. pdurbin has left
  261. zach has left
  262. zach has joined
  263. marc_ has joined
  264. MattJ Can't tell if sarcasm
  265. winfried has left
  266. winfried has joined
  267. horst has joined
  268. APach has left
  269. APach has joined
  270. debacle has left
  271. horst has left
  272. zach has left
  273. zach has joined
  274. Zash In https://xmpp.org/extensions/xep-0398.html#presence it's implied but not explicitly stated that the server should leave empty <photo/> elements alone. Why is that? (poke Daniel)
  275. Daniel Iirc to give clients the option to join w/o avater
  276. Daniel Not that it really makes sense. But I think that was the intention behind it
  277. zach has left
  278. zach has joined
  279. mukt2 has joined
  280. mukt2 has left
  281. zach has left
  282. zach has joined
  283. Zash Some clarification there would be good I think
  284. pdurbin has joined
  285. waqas has joined
  286. APach has left
  287. zach has left
  288. zach has joined
  289. APach has joined
  290. Kev has joined
  291. j.r has left
  292. pdurbin has left
  293. Daniel Quick update on the IM regulation. I just (accidentally) talked to someone who was on the SPD's (major party in Germany) digital working group thing. And it was her that Katharina barley asked in 2018 about IM regulation. And she contacted the CCC who was like "mhh we don't really know". And now it's apparently dead because according to her the SPD is not in a functional state right now
  294. zach has left
  295. zach has joined
  296. Daniel Cc Ge0rG
  297. pep. What was that article then a week ago? :/
  298. Daniel dunno. i mean it did not have any sources. maybe it was old sources
  299. Daniel or just made up
  300. pep. k
  301. andy has left
  302. Kev has left
  303. Daniel also she asked for me contact information and i wrote down my website and my email address and then she asked for my phone number because she doesn’t write email; and under pressure I couldn’t remember it (why do people think that 10 random numbers are a good ID) - i gues s i need a business card
  304. pep. "why do people think that 10 random numbers are a good ID" haha, I agree, and that's not even because of the infamous Zooko.
  305. Ge0rG Daniel: did you take her phone number at least?
  306. zach has left
  307. zach has joined
  308. zach has left
  309. zach has joined
  310. jubalh has joined
  311. Daniel Ge0rG, no. it felt more like a "don’t call us we call you" situation
  312. Nekit has left
  313. j.r has joined
  314. Ge0rG Daniel: that's a bit sad.
  315. Daniel last time i tried to talk to a politician she offered to take a selfie with me
  316. pep. "PR, PR, PR"?
  317. Ge0rG Daniel: looks like you learned the hard way how modern politics work...
  318. zach has left
  319. zach has joined
  320. jubalh has left
  321. fippo daniel: maybe she wanted the phone number to contact you via signal? :-p
  322. marc_ has left
  323. zach has left
  324. zach has joined
  325. lumi has left
  326. pdurbin has joined
  327. zach has left
  328. zach has joined
  329. Kev has joined
  330. Kev has left
  331. debacle has joined
  332. adiaholic has left
  333. adiaholic has joined
  334. pdurbin has left
  335. adiaholic has left
  336. adiaholic has joined
  337. lumi has joined
  338. zach has left
  339. zach has joined
  340. adiaholic has left
  341. adiaholic has joined
  342. krauq has left
  343. krauq has joined
  344. zach has left
  345. zach has joined
  346. mukt2 has joined
  347. zach has left
  348. zach has joined
  349. jubalh has joined
  350. xalek has joined
  351. jubalh has left
  352. jubalh has joined
  353. jubalh has left
  354. marc_ has joined
  355. adiaholic has left
  356. jubalh has joined
  357. jubalh has left
  358. jubalh has joined
  359. jubalh has left
  360. jubalh has joined
  361. jubalh has left
  362. jubalh has joined
  363. jubalh has left
  364. jubalh has joined
  365. jubalh has left
  366. jubalh has joined
  367. jubalh has left
  368. jubalh has joined
  369. jubalh has left
  370. zach has left
  371. zach has joined
  372. jubalh has joined
  373. jubalh has left
  374. mukt2 has left
  375. adiaholic has joined
  376. mukt2 has joined
  377. adiaholic has left
  378. pdurbin has joined
  379. zach has left
  380. zach has joined
  381. pdurbin has left
  382. j.r has left
  383. zach has left
  384. zach has joined
  385. mukt2 has left
  386. mukt2 has joined
  387. zach has left
  388. zach has joined
  389. Yagiza has left
  390. mukt2 has left
  391. mukt2 has joined
  392. mukt2 has left
  393. zach has left
  394. zach has joined
  395. lumi has left
  396. waqas has left
  397. mukt2 has joined
  398. mukt2 has left
  399. j.r has joined
  400. mukt2 has joined
  401. zach has left
  402. zach has joined
  403. mukt2 has left
  404. andy has joined
  405. mukt2 has joined
  406. mimi89999 has left
  407. mimi89999 has joined
  408. Kev has joined
  409. Kev has left
  410. mukt2 has left
  411. zach has left
  412. zach has joined
  413. mimi89999 has left
  414. mimi89999 has joined
  415. eevvoor has joined
  416. mukt2 has joined
  417. winfried has left
  418. winfried has joined
  419. pdurbin has joined
  420. winfried has left
  421. winfried has joined
  422. winfried has left
  423. winfried has joined
  424. mukt2 has left
  425. mukt2 has joined
  426. karoshi has left
  427. winfried has left
  428. winfried has joined
  429. mukt2 has left
  430. mukt2 has joined
  431. winfried has left
  432. winfried has joined
  433. Kev has joined
  434. Kev has left
  435. zach has left
  436. zach has joined
  437. mukt2 has left
  438. pdurbin has left
  439. winfried has left
  440. winfried has joined
  441. winfried has left
  442. winfried has joined
  443. winfried has left
  444. winfried has joined
  445. debacle has left
  446. mukt2 has joined
  447. lumi has joined
  448. karoshi has joined
  449. zach has left
  450. zach has joined
  451. LNJ has left
  452. zach has left
  453. zach has joined
  454. winfried has left
  455. andrey.g has left
  456. winfried has joined
  457. zach has left
  458. zach has joined
  459. goffi has left
  460. mukt2 has left
  461. mukt2 has joined
  462. andy has left
  463. mukt2 has left
  464. mukt2 has joined
  465. zach has left
  466. zach has joined
  467. andrey.g has joined
  468. eevvoor has left
  469. Tobias has left
  470. mukt2 has left
  471. mukt2 has joined
  472. mukt2 has left
  473. debacle has joined
  474. Nekit has joined
  475. mukt2 has joined
  476. lovetox has left
  477. marc_ has left
  478. Mikaela has left
  479. waqas has joined
  480. mukt2 has left
  481. karoshi has left
  482. UsL has left
  483. UsL has joined
  484. zach has left
  485. zach has joined
  486. debacle has left
  487. waqas has left
  488. Nekit has left