-
DebXWoody
If the Server / Client doesn't support XEP-0313 and not XEP-0280. What will happen when Account 1 send a message to Account 2 while Account 2 is offline?
-
pep.
"It depends"
-
pep.
0280 is not actually for offline support
-
pep.
look at 0198
-
Zash
Offline message storage, delivered when they come back online.
-
pep.
Some implementations will return an error saying the recipient is not available also
-
Zash
Unless offline storage has been disabled,
-
DebXWoody
Where is the offline storage defined RFC / XEP?
-
pep.
0013 ?
-
Zash
No
-
Zash
https://xmpp.org/extensions/xep-0160.xml
-
Zash
Altho it's actually not a protocol, it's just a server implementation detail
-
DebXWoody
Ok,.. thanks.
-
lovetox
jonas’, your last email regarding char counting
-
jonas’
holy smokes that thread blew up
-
lovetox
maybe i dont get it, but i dont think it says what you want to say
-
jonas’
why?
-
jonas’
(I also only sent one mail, or is my MUA confused?)
-
lovetox
I think marvin, ralph and all other want to count *before* escaping, for the reasons detailed in this thread
-
jonas’
depends on the direction you’re looking at
-
jonas’
on the receiving side it’s after (un-)escaping
-
jonas’
I totally agree with ralph and marivn
-
jonas’
I can’t find my own mail tho
-
jonas’
ah, there it is
-
lovetox
yeah if you mean that its ok i guess, just saying i dont think many people will read this from your email
-
jonas’
okay, I’ll send a follow-up to clarify
-
lovetox
that (un-) is essential
-
jonas’
thanks for pointing it out
-
jonas’
I sent a clarification which should make more sense
-
lovetox
looks good !
-
lovetox
what are you all thinking about a XEP that lets you manage your uploaded files
-
lovetox
getting the list of files currently uploaded, and maybe their expiration date
-
lovetox
and having a option to delete them
-
pep.
Link Mauve had plans(tm) to integrate something like that into his account management client thingy, if/when that becomes a thing
-
pep.
iirc
-
pep.
And yeah that'd be great.
-
Link Mauve
I already have it in there I think.
-
pep.
There were mentions of that during the GDPR paranoia period but nobody did anything about did
-
Link Mauve
Only listing and deletion so far.
-
pep.
Link Mauve, what standard?
-
Link Mauve
XEP-0050.
-
pep.
lovetox, maybe if you look on standards@
-
pep.
Link Mauve, what standard on top of 0050?
-
pep.
:x
-
Link Mauve
Not written yet.
-
lovetox
adhoc is fine for that
-
lovetox
actually there is no need for a standard or? adhoc just returns dataforms
-
lovetox
if you can process one adhoc workflow you can process all
-
lovetox
though it probably would be good to have a well known command name for that functionality
-
lovetox
so we dont have to discover it
-
pep.
yes
-
lovetox
on the other hand this could be added to the httpupload disco result
-
lovetox
the adhoc command name i mean
-
lovetox
but probably easier to just define one name
-
Link Mauve
Yup, just like XEP-0133.
-
Link Mauve
Maybe we could just extend XEP-0133 with that.
-
lovetox
also another thing i thought aboujt
-
lovetox
some way to discover if a file is already on the server
-
lovetox
maybe with sending a hash
-
lovetox
and you get back the uri and the expiration date
-
moparisthebest
What about encrypted files
-
lovetox
depends on the encryption
-
lovetox
if the encryption is always the same you could still check the hash
-
lovetox
but thats not so likely
-
lovetox
but yeah that would not work for encrypted files, but thats no reason to not do it for unencrypted
-
Zash
If a hash is part of the upload slot request then the server could do integrity verification after the upload is completed, which seems like a nice thing.
-
lovetox
hm yeah but is this really a problem worth solving
-
lovetox
hm with http does the server know the difference between end of file
-
Zash
Almost every file upload thing I made before HTTP upload was a thing would base the URL on the hash of the content. Would have been nice to use those, but couldn't because the current scheme.
-
lovetox
and cancelled transfer?
-
Zash
It knows the size
-
lovetox
ah ..
-
lovetox
so yeah, i guess this never happens
-
lovetox
a full size transfered file where some bytes are what flipped to something else?
-
Zash
TLS (via HTTPS) also does a bunch for integrity
-
moparisthebest
It'd be nice if the rejected http upload encryption xep that every client currently implements anyway was accepted
-
Zash
moparisthebest, the aesgcm:// thing?
-
Zash
meh
-
moparisthebest
What would it take process wise to reboot that? Yep that's it
-
Zash
Yak number one: Fix the encryption scheme to allow encrypting more than just the body.
-
lovetox
on what grounds was it rejected, and how would a proper http upload encryption look if not that way?
-
lovetox
actually it has nothing to do with httpupload
-
Zash
https+vnd.something.omemo.aesgcm:// at the very least
-
lovetox
its just a way to communicate a key and url to another user
-
Zash
or register aesgcm with iana
-
moparisthebest
It was originally just https:// until someone complained I think
-
lovetox
i guess all info could be put into the fragment
-
lovetox
url#omemo-key=123123123123123
-
lovetox
then it does not matter what the scheme is in front
-
MattJ
Non-OMEMO clients would just download garbage
-
lovetox
MattJ, non omemo clients can not see that message
-
Zash
MattJ, they wouldn't get the URL in the first place tho
-
moparisthebest
No they wouldn't get the link
-
moparisthebest
Yep
-
MattJ
Ah right
-
Zash
because it'd be omemo-encrypted <body>
-
Zash
in
-
lovetox
but yeah its all a ugly workaround for not having full stanza encryption
-
moparisthebest
Full stanza encryption would be great but that's a separate concern, you'd still need to encrypt the http upload
-
lovetox
but even if its ugly, it just works and is easy to implement
-
lovetox
so not really a top priority to fix in my opinion
-
lovetox
moparisthebest, but you dont need a XEP to encrypt a httpupload
-
lovetox
you just need a XEP to communicate to another party, how you encrypted content
-
Zash
Doesn't Jingle have stuff for this?
-
lovetox
yes, but we talk about http upload
-
lovetox
ahh
-
Zash
Why does it need to matter what transport method you used?
-
lovetox
it doesnt
-
lovetox
you are right
-
lovetox
jingle does it, it sends a key transport omemo message
-
lovetox
which is an encrypted message that has a key in it
-
lovetox
this is not an encrypted body
-
lovetox
its something in the signal protocol layer
-
lovetox
then it starts jingle, and you know that keytransport message is the decryption key
-
lovetox
or something like that
-
lovetox
but you can do this with jingle because you are in some kind of session, and you know where this key transport message belongs to
-
lovetox
hard to do with just sending a url
-
lovetox
hm its doable ..
-
lovetox
you could put 2 encrypted omemo elements into one message
-
lovetox
one encrypts the body like always
-
lovetox
and the other is inside some <security> element
-
lovetox
and is the decryption key transport message
-
lovetox
then you just have to write a xep that tells you to look for it and to decrpyt it in the right order