XSF Discussion - 2020-05-09


  1. krauq has left
  2. krauq has joined
  3. arc has left
  4. arc has joined
  5. arc has left
  6. arc has joined
  7. govanify has left
  8. govanify has joined
  9. Neustradamus has left
  10. Neustradamus has joined
  11. pdurbin has joined
  12. govanify has left
  13. govanify has joined
  14. arc has left
  15. arc has joined
  16. pdurbin has left
  17. Neustradamus has left
  18. Neustradamus_ has left
  19. Neustradamus has joined
  20. Neustradamus has left
  21. Neustradamus has joined
  22. Neustradamus_ has joined
  23. Neustradamus_ I am not sure but SCRAM-SHA-256(-PLUS) is prefered than SCRAM-SHA-1(-PLUS) no? -> https://xmpp.org/extensions/xep-0438.html
  24. Neustradamus_ RFC 8600 is not listed -> https://tools.ietf.org/html/rfc8600 "When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802])"
  25. govanify has left
  26. govanify has joined
  27. alexis has left
  28. govanify has left
  29. govanify has joined
  30. LNJ has left
  31. govanify has left
  32. Neustradamus_ -> https://github.com/xsf/xeps/issues/944
  33. govanify has joined
  34. karoshi has left
  35. alexis has joined
  36. Wojtek has left
  37. pep. Neustradamus_, I'm not sure you understand what you just changed. All the SCRAM-*-PLUS are on the same level, they have the same priority
  38. pep. Also github is not the venue to discuss specifications
  39. pep. The RFC8600 thing seems like a valid concern though (not for me to judge, I'm no crypto-specialist). You should raise this on the standards list
  40. Neustradamus_ pep.: Thanks for your reply
  41. Neustradamus_ Prefered is not same
  42. Neustradamus_ -> "When using the SASL SCRAM mechanism, the SCRAM-SHA-256-PLUS variant SHOULD be preferred over the SCRAM-SHA-256 variant, and SHA-256 variants [RFC7677] SHOULD be preferred over SHA-1 variants [RFC5802])"
  43. pep. I'm sorry I don't understand what you're trying to say
  44. pep. (and I'm also not the one to be convinced by the way)
  45. Daniel has left
  46. Neustradamus_ SCRAM-SHA-256-PLUS > SCRAM-SHA-256 > SCRAM-SHA-1-PLUS > SCRAM-SHA-1
  47. Daniel has joined
  48. pep. I invite you to raise this issue on the standards list then if you think it's important.
  49. stpeter has joined
  50. pep. I'm going to close the github issue you opened though as it's not what we use github for
  51. Neustradamus_ pep.: no no no
  52. pep. no?
  53. Neustradamus_ It is important to keep open, the problem is not solved.
  54. pep. This is not the place to open it
  55. pep. The place is the standards mailing list
  56. Neustradamus_ I think you can close all opened issues
  57. Neustradamus_ Look here: https://github.com/xsf/xeps/issues
  58. pep. No, opened issues are editorial issues, not issues about standards
  59. pep. That is, something not being properly displayed, or broken links etc.
  60. debacle has left
  61. pep. Is that ok?
  62. Neustradamus_ There is an editorial problem here
  63. pep. No there isn't.
  64. pep. You're trying to change the meaning of a standard
  65. Daniel has left
  66. pep. Again if you want this to change, it may be a very valid concern, we have processes in place (sometimes annoying I give you that, but there are there nonetheless for reasons)
  67. pep. Are you fine with me closing the issue now? :)
  68. Neustradamus_ No.
  69. Daniel has joined
  70. pep. Well I'm sorry I tried the peaceful way.. but I'm going to close it anyway
  71. pep. If it happens I'm wrong I am very sorry but I really don't think this is an editorial issue.
  72. Neustradamus_ A ticket is here for a trace, we do not close a not solved ticket...
  73. pep. So if you open a ticket on my XMPP client tracker saying "There is hunger in the world", should I keep it open forever?
  74. pep. Even if it's unrelated
  75. pep. (well somewhat..)
  76. pep. Does this make sense?
  77. Neustradamus_ I can create a new ticket for explain missing RFC 8600 in XEP-0438 :)
  78. arc has left
  79. arc has joined
  80. pep. Github is not the place for this.
  81. pep. Period.
  82. Neustradamus_ I can create a new ticket to explain missing RFC 8600 in XEP-0438 :)
  83. arc has left
  84. arc has joined
  85. pep. If you want to change standards, send an email to the standards list, please.
  86. Neustradamus_ Please re-add the tracker.xmpp.org ^^
  87. pep. Raise that to board if that's an issue for you, I'll be happy to raise it
  88. pep. (Unfortunately I have an idea of the answer)
  89. Neustradamus_ We will see the return of stpeter about it.
  90. arc has left
  91. arc has joined
  92. arc has left
  93. arc has joined
  94. Neustradamus_ I know that some people think that SCRAM-SHA-256(-PLUS) is not needed.
  95. pep. I hope you understand this is not what I am discussing here
  96. Neustradamus_ It is the official XSF MUC Room :) Maybe we must talk on jdev?
  97. pep. That is not what I mean
  98. stpeter has left
  99. pep. I'll do it in french quickly: Le fait que SCRAM-SHA-256* soit important ou pas n'est pas la question pour moi ici. La question c'est que Github n'est pas un endroit où on souhaite avoir des discussions concernant les spécifications. Les discussions sur le tracker sont uniquement déstinées à la forme (formattage, liens cassés, etc.). Les discussions sur les spécifications se passent sur la liste « standards »
  100. pep. (And that's it for baguette)
  101. Yagiza has joined
  102. pep. And I'm going to sleep now :x night
  103. neshtaxmpp has left
  104. neshtaxmpp has joined
  105. govanify has left
  106. govanify has joined
  107. govanify has left
  108. govanify has joined
  109. aj has joined
  110. govanify has left
  111. govanify has joined
  112. pdurbin has joined
  113. govanify has left
  114. govanify has joined
  115. pdurbin has left
  116. aj has left
  117. govanify has left
  118. govanify has joined
  119. govanify has left
  120. govanify has joined
  121. pdurbin has joined
  122. andrey.g has joined
  123. govanify has left
  124. govanify has joined
  125. stpeter has joined
  126. govanify has left
  127. govanify has joined
  128. arc has left
  129. arc has joined
  130. contrapunctus has left
  131. stpeter has left
  132. govanify has left
  133. govanify has joined
  134. krauq has left
  135. krauq has joined
  136. govanify has left
  137. govanify has joined
  138. DebXWoody has joined
  139. govanify has left
  140. govanify has joined
  141. contrapunctus has joined
  142. govanify has left
  143. govanify has joined
  144. govanify has left
  145. govanify has joined
  146. gav has left
  147. lovetox has joined
  148. DebXWoody has left
  149. pdurbin has left
  150. DebXWoody has joined
  151. pdurbin has joined
  152. neshtaxmpp has left
  153. neshtaxmpp has joined
  154. sonny has left
  155. sonny has joined
  156. lovetox has left
  157. sonny has left
  158. neshtaxmpp has left
  159. sonny has joined
  160. waqas has left
  161. Yagiza has left
  162. Yagiza has joined
  163. lorddavidiii has joined
  164. stpeter has joined
  165. adiaholic_ has joined
  166. lovetox has joined
  167. stpeter has left
  168. govanify has left
  169. govanify has joined
  170. Daniel Fwiw the benefits PLUS offers definitely outweigh the downsides of Sha1 over over sha2
  171. Nekit has joined
  172. govanify has left
  173. govanify has joined
  174. govanify has left
  175. govanify has joined
  176. lovetox has left
  177. adiaholic_ has left
  178. adiaholic_ has joined
  179. lskdjf has joined
  180. Shell has joined
  181. lskdjf has left
  182. krauq has left
  183. krauq has joined
  184. mukt2 has joined
  185. lskdjf has joined
  186. govanify has left
  187. govanify has joined
  188. mukt2 has left
  189. Dele Olajide has joined
  190. lovetox has joined
  191. Shell has left
  192. Daniel has left
  193. Daniel has joined
  194. arc has left
  195. arc has joined
  196. Shell has joined
  197. matkor has left
  198. matkor has joined
  199. adiaholic_ has left
  200. adiaholic_ has joined
  201. Daniel has left
  202. Daniel has joined
  203. Daniel has left
  204. Daniel has joined
  205. mimi89999 has left
  206. mimi89999 has joined
  207. goffi has joined
  208. goffi has left
  209. goffi has joined
  210. adiaholic_ has left
  211. adiaholic_ has joined
  212. Daniel has left
  213. Daniel has joined
  214. Daniel has left
  215. Daniel has joined
  216. Daniel has left
  217. Daniel has joined
  218. Mikaela has joined
  219. Daniel has left
  220. Daniel has joined
  221. stpeter has joined
  222. Neustradamus has left
  223. Neustradamus has joined
  224. Daniel has left
  225. Daniel has joined
  226. xecks has joined
  227. Daniel has left
  228. Daniel has joined
  229. Tobias has joined
  230. robertooo has joined
  231. stpeter has left
  232. arc has left
  233. arc has joined
  234. arc has left
  235. arc has joined
  236. karoshi has joined
  237. neshtaxmpp has joined
  238. adiaholic_ has left
  239. adiaholic_ has joined
  240. andy has joined
  241. adiaholic_ has left
  242. adiaholic_ has joined
  243. bear has left
  244. Daniel has left
  245. Daniel has joined
  246. Daniel has left
  247. Daniel has joined
  248. Daniel has left
  249. Daniel has joined
  250. Daniel has left
  251. Daniel has joined
  252. Daniel has left
  253. Daniel has joined
  254. arc has left
  255. arc has joined
  256. matkor has left
  257. matkor has joined
  258. sonny has left
  259. sonny has joined
  260. sonny has left
  261. sonny has joined
  262. mimi89999 has left
  263. LNJ has joined
  264. arc has left
  265. arc has joined
  266. j.r has joined
  267. Daniel has left
  268. arc has left
  269. arc has joined
  270. bear has joined
  271. adiaholic_ has left
  272. adiaholic_ has joined
  273. debacle has joined
  274. Daniel has joined
  275. aj has joined
  276. debacle has left
  277. neshtaxmpp has left
  278. mimi89999 has joined
  279. aj has left
  280. neshtaxmpp has joined
  281. sonny has left
  282. sonny has joined
  283. sonny has left
  284. sonny has joined
  285. Jeybe has joined
  286. karoshi has left
  287. karoshi has joined
  288. karoshi has left
  289. stpeter has joined
  290. lovetox has left
  291. Jeybe has left
  292. Jeybe has joined
  293. mukt2 has joined
  294. mukt2 has left
  295. stpeter has left
  296. adiaholic_ has left
  297. adiaholic_ has joined
  298. Yagiza has left
  299. southerntofu has joined
  300. debacle has joined
  301. debacle has left
  302. debacle has joined
  303. karoshi has joined
  304. Yagiza has joined
  305. govanify has left
  306. govanify has joined
  307. govanify has left
  308. govanify has joined
  309. govanify has left
  310. govanify has joined
  311. govanify has left
  312. govanify has joined
  313. govanify has left
  314. govanify has joined
  315. andrey.g has left
  316. contrapunctus has left
  317. sonny has left
  318. sonny has joined
  319. sonny has left
  320. sonny has joined
  321. emus has left
  322. emus has joined
  323. xsf has left
  324. xsf has joined
  325. stpeter has joined
  326. mukt2 has joined
  327. adiaholic_ has left
  328. adiaholic_ has joined
  329. mukt2 has left
  330. stpeter has left
  331. adiaholic_ has left
  332. adiaholic_ has joined
  333. xsf has left
  334. lovetox has joined
  335. andrey.g has joined
  336. Zash has left
  337. Zash has joined
  338. karoshi has left
  339. karoshi has joined
  340. lovetox has left
  341. adiaholic_ has left
  342. adiaholic_ has joined
  343. contrapunctus has joined
  344. lovetox has joined
  345. alexis has left
  346. mukt2 has joined
  347. govanify has left
  348. govanify has joined
  349. mukt2 has left
  350. govanify has left
  351. govanify has joined
  352. govanify has left
  353. govanify has joined
  354. govanify has left
  355. govanify has joined
  356. govanify has left
  357. govanify has joined
  358. govanify has left
  359. govanify has joined
  360. govanify has left
  361. govanify has joined
  362. Jeybe has left
  363. pdurbin has left
  364. flow I have the same feeling, but that it's crypto territory, so I'd really like if someone could provide some arguments in either direction ;)
  365. flow I can 't find anything in my notes, but wasn't there something like tls-server-end-point being broken (or "broken")? it's been a loooong time since I looked deeply into the various channel binding types and TLS.
  366. govanify has left
  367. govanify has joined
  368. govanify has left
  369. govanify has joined
  370. govanify has left
  371. govanify has joined
  372. govanify has left
  373. govanify has joined
  374. flow hmm sam writes that tls-server-end-point is not specified(/avaialble?) in TLS 1.3? I'd assume that is the cb type that would also work, since IIRC it's simply the hash of the server certificate
  375. flow hmm sam writes that tls-server-end-point is not specified(/avaialble?) in TLS 1.3? I'd assume that is the cb type that would always work, since IIRC it's simply the hash of the server certificate
  376. Zash The TLS 1.3 RFC says in an appendix that channel bindings are not defined.
  377. Jeybe has joined
  378. Zash In a (oh btw those aren't defined), in the cellar behind a locked door marked "beware the otter"
  379. adiaholic_ has left
  380. flow Zash, thanks. But does this mean it is impossible for technical reasons to use tls-server-end-point with TLS 1.3?
  381. LNJ has left
  382. Zash The only reason I know of is the parenthesis in https://tools.ietf.org/html/rfc8446#appendix-C.5
  383. Neustradamus_ Zash: maybe but software can add it
  384. Neustradamus_ I will show you examples
  385. LNJ has joined
  386. Zash flow: the main implementation issue for me is that you need to know the signature algorithm used in the cert and I don't know it because all I have is a cert object with very limited introspection
  387. Zash tho 99% of the time it'll be SHA-256, so you could just guess that
  388. Zash because of how anything less than that should use SHA-256, but if someone somewhere has a cert with SHA-512 signatures then it'll break
  389. stpeter has joined
  390. debacle has left
  391. Zash and according to OpenSSL tls-unique works just fine in TLS 1.3 and I hadn't even noticed that it wasn't supposed to
  392. gav has joined
  393. mukt2 has joined
  394. Neustradamus_ A lot of RFC has been done before TLS 1.3 but it is not a problem to add support.
  395. Neustradamus_ Example: http://w1.fi/cgit/hostap/plain/hostapd/ChangeLog - added experimental support for EAP-TLS server with TLS v1.3 EAP-TLS in not normally with TLS v1.3.
  396. karoshi has left
  397. karoshi has joined
  398. govanify has left
  399. govanify has joined
  400. govanify has left
  401. govanify has joined
  402. karoshi has left
  403. karoshi has joined
  404. mukt2 has left
  405. stpeter has left
  406. adiaholic_ has joined
  407. calvin has joined
  408. adiaholic_ has left
  409. adiaholic_ has joined
  410. sonny has left
  411. sonny has joined
  412. sonny has left
  413. sonny has joined
  414. adiaholic_ has left
  415. adiaholic_ has joined
  416. karoshi has left
  417. karoshi has joined
  418. adiaholic_ has left
  419. sonny has left
  420. adiaholic_ has joined
  421. stpeter has joined
  422. lovetox has left
  423. sonny has joined
  424. sonny has left
  425. sonny has joined
  426. Nekit has left
  427. calvin has left
  428. pdurbin has joined
  429. pdurbin has left
  430. emus has left
  431. adiaholic_ has left
  432. adiaholic_ has joined
  433. govanify has left
  434. govanify has joined
  435. govanify has left
  436. govanify has joined
  437. arc has left
  438. arc has joined
  439. karoshi has left
  440. stpeter has left
  441. govanify has left
  442. govanify has joined
  443. andy has left
  444. andy has joined
  445. govanify has left
  446. govanify has joined
  447. karoshi has joined
  448. Zash has left
  449. Zash has joined
  450. calvin has joined
  451. krauq has left
  452. krauq has joined
  453. jonas’ Daniel, Ge0rG, please reply to my message on standards@ re message routing sprint
  454. jonas’ Daniel, Ge0rG, I sent the announcement for the sprint just now and you’re welcome to join in :)
  455. Zash jonas’, do you have a *huge* whiteboard?
  456. jonas’ Zash, I hear there are online whiteboard things
  457. jonas’ I think they even have "infinite" scroll :)
  458. Zash on .. line? but I want 2d, not 1d! :P
  459. Zash infinite zoom too?
  460. jonas’ not sure
  461. Ge0rG A Turing board?
  462. jonas’ if only we had networked Inkscape already :)
  463. Ge0rG jonas’: thanks, I'll look into it
  464. Zash Yeah, that, be great, eh, Link Mauve?
  465. calvin has left
  466. andy has left
  467. matkor has left
  468. matkor has joined
  469. arc has left
  470. arc has joined
  471. adiaholic_ has left
  472. adiaholic_ has joined
  473. arc has left
  474. arc has joined
  475. Yagiza has left
  476. Yagiza has joined
  477. pdurbin has joined
  478. karoshi has left
  479. karoshi has joined
  480. andrey.g has left
  481. govanify has left
  482. govanify has joined
  483. govanify has left
  484. govanify has joined
  485. waqas has joined
  486. govanify has left
  487. govanify has joined
  488. govanify has left
  489. govanify has joined
  490. larma flow, > Actually the schema is irrelevant when it comes to RFC compliance. Schemas are non-normative. This is explicitly noted in the RFC. true, but the fact that this is described explicitly in the non-normative part thus very much clarifies that the lack of explicit prohibition is intentional and not by accident. Thus it's still relevant, even if non-normative. After all, the non-normative part isn't there just for fun. That's one thing I learned in law classes 😉
  491. jonas’ good that you two agree (I read flows email saying essentially the same)
  492. moparisthebest Do any other protocols do TLS channel binding?
  493. Link Mauve Zash, if only I didn’t lose an important part of it from svn being terrible.
  494. arc has left
  495. arc has joined
  496. Link Mauve I’m not done rewriting it yet. :/
  497. Zash moparisthebest: Yes. Probably LDAP and protocols like that.
  498. Zash moparisthebest: But HTTPS doesn't so who cares, right?
  499. Jeybe has left
  500. moparisthebest Pretty much yes :)
  501. Jeybe has joined
  502. moparisthebest People: XMPP is too complicated XSF: hold my beer *writes more complicated authentication mechanisms with no real benefit*
  503. Zash I'd feel real special if the IETF & co invented channel bindings just for us :)
  504. pdurbin has left
  505. jonas’ As if HTTP was simple
  506. jonas’ That’s a lie people can tell themselves because of widespread library support for their *simple* usecases.
  507. Zash It's so simple you just GET and POST and wait what's this section about caching and content negotiation?
  508. govanify has left
  509. govanify has joined
  510. govanify has left
  511. govanify has joined
  512. andrey.g has joined
  513. andy has joined
  514. govanify has left
  515. govanify has joined
  516. govanify has left
  517. govanify has joined
  518. Daniel has left
  519. Daniel has joined
  520. krauq has left
  521. krauq has joined
  522. stpeter has joined
  523. calvin has joined
  524. calvin has left
  525. Daniel has left
  526. Daniel has joined
  527. Shell has left
  528. Shell has joined
  529. debacle has joined
  530. Shell has left
  531. Shell has joined
  532. stpeter has left
  533. andy has left
  534. govanify has left
  535. govanify has joined
  536. govanify has left
  537. govanify has joined
  538. govanify has left
  539. govanify has joined
  540. Dele Olajide has left
  541. andy has joined
  542. Daniel has left
  543. Daniel has joined
  544. LNJ has left
  545. LNJ has joined
  546. govanify has left
  547. govanify has joined
  548. govanify has left
  549. govanify has joined
  550. govanify has left
  551. govanify has joined
  552. govanify has left
  553. govanify has joined
  554. LNJ has left
  555. Yagiza has left
  556. debacle has left
  557. Daniel has left
  558. Daniel has joined
  559. LNJ has joined
  560. Daniel has left
  561. Daniel has joined
  562. debacle has joined
  563. moparisthebest has left
  564. Daniel has left
  565. Daniel has joined
  566. mukt2 has joined
  567. moparisthebest has joined
  568. karoshi has left
  569. Daniel has left
  570. Daniel has joined
  571. mukt2 has left
  572. adiaholic_ has left
  573. adiaholic_ has joined
  574. eta has left
  575. eta has joined
  576. Daniel has left
  577. Daniel has joined
  578. LNJ has left
  579. LNJ has joined
  580. moparisthebest has left
  581. Daniel has left
  582. Daniel has joined
  583. karoshi has joined
  584. Daniel has left
  585. Daniel has joined
  586. Daniel has left
  587. Daniel has joined
  588. Daniel has left
  589. Daniel has joined
  590. stpeter has joined
  591. adiaholic_ has left
  592. adiaholic_ has joined
  593. Shell has left
  594. Shell has joined
  595. stpeter has left
  596. Daniel has left
  597. Daniel has joined
  598. Daniel has left
  599. Daniel has joined
  600. Daniel has left
  601. Daniel has joined
  602. LNJ has left
  603. LNJ has joined
  604. sonny has left
  605. sonny has joined
  606. sonny has left
  607. sonny has joined
  608. lovetox has joined
  609. Carlito has joined
  610. Carlito Hello
  611. Zash Hi
  612. DebXWoody has left
  613. Nekit has joined
  614. Zash has left
  615. Zash has joined
  616. karoshi has left
  617. lorddavidiii has left
  618. xsf has joined
  619. lorddavidiii has joined
  620. Shell has left
  621. Shell has joined
  622. eta has left
  623. eta has joined
  624. karoshi has joined
  625. Jeybe has left
  626. Jeybe has joined
  627. Shell has left
  628. Shell has joined
  629. pdurbin has joined
  630. Neustradamus has left
  631. Neustradamus_ has left
  632. Shell has left
  633. Shell has joined
  634. Neustradamus_ has joined
  635. Neustradamus has joined
  636. arc has left
  637. arc has joined
  638. arc has left
  639. arc has joined
  640. pdurbin has left
  641. Neustradamus has left
  642. Neustradamus_ has left
  643. Neustradamus has joined
  644. Neustradamus_ has joined
  645. Carlito has left
  646. Shell has left
  647. Shell has joined
  648. mukt2 has joined
  649. goffi has left
  650. stpeter has joined
  651. robertooo has left
  652. robertooo has joined
  653. Tobias has left
  654. lovetox has left
  655. stpeter has left
  656. eta has left
  657. eta has joined
  658. mukt2 has left
  659. xsf has left
  660. Jeybe has left
  661. Jeybe has joined
  662. xsf has joined
  663. karoshi has left
  664. karoshi has joined
  665. sonny has left
  666. sonny has joined
  667. lskdjf has left
  668. Shell has left
  669. xecks has left
  670. xecks has joined
  671. Jeybe has left
  672. LNJ has left
  673. andy has left
  674. andy has joined
  675. govanify has left
  676. govanify has joined
  677. pdurbin has joined
  678. arc has left
  679. arc has joined
  680. andy has left
  681. govanify has left
  682. govanify has joined
  683. pdurbin has left
  684. xecks has left
  685. Mikaela has left
  686. govanify has left
  687. govanify has joined
  688. Nekit has left
  689. mukt2 has joined
  690. moparisthebest has joined
  691. stpeter has joined
  692. debacle has left
  693. debacle has joined
  694. karoshi has left
  695. j.r has left
  696. j.r has joined