-
lovetox
flow, role and affiliation has to be in all presences
-
lovetox
as these elements can only be in a muc#user extension, the answer is yes
-
DebXWoody
XEP-0373: OpenPGP for XMPP Is it ok to add a body stanza for XEP-0373? (e.g.: https://codeberg.org/xmpp-messenger/xmppc/src/branch/master/src/mode/openpgp.c#L74) It's not defined in the XEP.
-
lovetox
read XEP-0380 and follow it
-
DebXWoody
oh,... next XEP :-) I will check, thx
-
DebXWoody
I think the namespace for OMEMO is wrong in https://xmpp.org/extensions/xep-0380.html#protocols. Has been changed in XEP-0384 V 0.4.0?
-
lovetox
yes Link Mauve ^
-
pep.
it's not "wrong", it's still very much a thing
-
pep.
also https://github.com/xsf/xeps/pull/907
-
flow
jonas’, why doesn't https://xmpp.org/extensions/xep-0390.html#algorithm-input talk about sorting in the actual algorithm?
-
jonas’
uhh
-
jonas’
oversight I guess
-
jonas’
ah, it does
-
jonas’
> Join the resulting octet strings together, ordered from lesser to greater.
-
flow
ahh, i greped for sort
-
jonas’
yeah, me too :D
-
flow
and asumed the sorting happened before the "for each" loop
-
Mikaela
Hi, would you have any comments on PrivacyTools delisting XMPP due to E2EE-by-default not being required by any XEP currently? https://github.com/privacytoolsIO/privacytools.io/pull/1836 Personally I am unable to approve this PR in good conscience as I see federation more important to privacy than E2EE-by-default, but I have opened a tracking issue in case that will happen picking up promising looking XEPs from the future development of compliance suites https://github.com/privacytoolsIO/privacytools.io/issues/1838
-
pep.
ugh people really need to stop confusing spec and implementations
-
jonas’
Mikaela, there is no standards venue where requiring E2EE would be acceptable.
-
jonas’
XMPP is more than just instant messaging, and the XSF has to consider this.
-
jonas’
A specification which requires E2EE by default would be tricky at least. It could be on Informational track, it would stay controversial, and may or may not make it into IM-Core.
-
jonas’
there are also situations where high security demands of a group counter the E2EE interests of the individual, making E2EE impossible to use.
-
jonas’
so, no, it wouldn’t make it into IM-Core
-
jonas’
probably not IM-Advanced
-
jonas’
so yeah, it’s not going to happen.
-
jonas’
not under the XSF umbrella either way
-
Mikaela
I was wondering if some compliance suite would be a place for it, but that is in line with my thoughts
-
jonas’
(my personal judgement of the situation mostly)
-
pep.
I still think that basing the PrivacyTools decision on this is wrong though
-
jonas’
yes
-
jonas’
I agree
-
pep.
Conversations has it by default, they can list it there
-
jonas’
Snikket, too?
-
pep.
sure..
-
jonas’
Snikket would be a thing to place there
-
jonas’
more than XMPP itself anyways
-
pep.
snikket, and maybe things like Tigase things, Xabber things, (if they do e2ee by default, dunno)
-
jonas’
Xabber thinks E2EE is for drug dealers only
-
pep.
it's all good then, it's private :)
-
!XSF_Martin
But they would implement OMEMO for 2 bitcoins
-
pep.
Mikaela: thanks for keeping an eye on this btw :)
-
Mikaela
you're welcome 💜️, it's kind of my responsibility
-
Jeybe
I see compliance suite has added STUN & TURN discovery as informational result, is this due to the planned support of VoIP Calls in Conversations?
-
Daniel
Jeybe, not sure if this is the right channel for that question. but yes
-
flow
ahh the other compliance suites, not xep423
-
Zash
Did you mean the Conversations Compliance test tool?
-
!XSF_Martin
Zash: Yes, a STUN TURN test has been added to caas
-
flow
so xep128 is not really clear if there can be multiple forms. or am I wrong? xep115/390 algo however handles multiple forms. should this be clarified in xep128?
-
Zash
Clarification good.
-
jonas’
flow, disco#info uc.xmpp.zombofant.net for an example of multiple forms
-
jonas’
I suppose many http upload services have that because of differing versions
-
jonas’
(though I’m not sure if uc.xmpp.zombofant.net federates)
-
jonas’
here’s a textual representation: extensions: urn:xmpp:http:upload:0 var='max-file-size' values=['104857600'] urn:xmpp:http:upload var='max-file-size' values=['104857600']
-
Zash
> No certificate provided by uc.xmpp.zombofant.net
-
jonas’
right
-
jonas’
it’s not configured for federation for obvious reasons :)
-
jonas’
adding explicit wording in '128 is certainly not bad; it was quite obvious for me though that '128 allows multiple forms
-
Jeybe
>Did you mean the Conversations Compliance test tool? Zash, yes, meant the compliance checker, not the suite. pardon
-
Zash
Could someone remind me why XEP-0353 appears to be stuck in Proposed?
-
Daniel
we last called that a while ago; council rejected it
-
Daniel
and then editor fogot probably
-
jonas’
seems realistic
-
jumplkuter
hi
-
Jeybe
jumplkuter, hello
-
rion
.v
-
rion
wrong chat =)
-
MattJ
Mikaela: I feel that XMPP is unfairly demoted on privacytools.io. The Matrix section more or less assumes Riot and briefly mentions other clients may not (in my experience always are not) up to the same standard
-
MattJ
A fair comparison would be better against specific XMPP implementations, with a similar note
-
MattJ
A simple improvement (from a usability perspective also) would be to indicate which listed XMPP clients have default E2EE, instead of just bucketing them all as "inconsistent"
-
MattJ
That would help guide people to the more privacy-conscious implementations
-
Zash
If you value privacy (or really any single property) over all else with no compromises your choinces tend to be limited.
-
MattJ
Well I think it is good to give people informed choice