-
marc
https://share.zapb.de/0e13a6d6e89e55a5708adf142c700a6b2c084b73/EXp7m5I4zMnUVV5jNHjExgpvbqPNGulS7G1JYZty/xep389_invite_and_recovery.webm
-
marc
XEP-389 at work
-
flow
marc, +1`
-
flow
not really related, but Dino(?) uses the term "XMPP ID"?
-
marc
AFAIK XMPP ID is the term that should be used according to modern XMPP
-
Link Mauve
Dino doesn’t, I went through all the strings recently. :)
-
lovetox
We use XMPP Address
-
lovetox
But i guess XMPP ID would also be fine
-
lovetox
looks good marc the password reset makes me bit uneasy
-
lovetox
setting new password without typing it a second time or at least have the possibility to not hide it, is a game of luck
-
lovetox
but this is a client UI thing, not related to 389
-
marc
Oh wait, that XMPP ID comes from the dataform
-
lovetox
then ID is probably good
-
marc
> setting new password without typing it a second time or at least have the possibility to not hide it, is a game of luck To hide it?
-
lovetox
because something like Address needs to be translated
-
lovetox
and not all servers support translation
-
lovetox
marc, "to *not* hide" it
-
lovetox
or better "to show" :)
-
marc
And it's not about changing password but recovering, you don't know your password in that case
-
lovetox
marc, in your video you set a new password
-
lovetox
what if i mistype my new password, i have to reset it all again
-
marc
You mean something like two pw fields that check if both are equal?
-
Link Mauve
marc, the correct term for the dataform would be JID.
-
Link Mauve
Clients can then translate it how they want.
-
Link Mauve
Changing JID in the protocols would be an extremely bad idea.
-
arne
anonbox offers instant accounts?
-
marc
Link Mauve, it's all about 389 not about "I did a perfect UI"
-
arne
Isn't that an invitation for spammers?
-
marc
arc, you cannot send email but receive
-
marc
arne
-
arne
ah ok, thanks for informing
-
Link Mauve
Spammers often need to receive emails but not send, for instance to create an account on most websites.
-
marc
Link Mauve, I'm not a spammer and I need to create account on some websites ;)
-
marc
+s
-
marc
Link Mauve, lovetox I did the token and email recovery implementation to spot problems of my implementation and the spec
-
Link Mauve
That’s cool!
-
marc
Turns out that once you have the basic 389 implementation, extension are quite easy to implement
-
flow
marc, no, modern xmpp states bascically to use "XMPP address" → https://docs.modernxmpp.org/meetings/2019-01-brussels/#naming-things
-
flow
"XMPP ID" would add a third term for the same thingy, we probably want to avoid that
-
marc
At the moment everything is done via dataforms, for some use cases it would be beneficial to have some dedicated challenges defined
-
marc
flow, as I said, forget about the UI ;)
-
marc
But TBH I find it not too bad :)
-
Ge0rG
marc: good work!
-
jonas’
marc, if the UI is all they complain about, it’s probably OK ;)
-
jonas’
UI is the last thing (floss) devs complain about ;D
-
Ge0rG
I complain about UI. Also about UX.
-
Ge0rG
I had to 🤐 to not complain about having to enter the JID twice and about the visible password 😉
-
marc
Ge0rG, thanks
-
marc
I also consider UI/UX as important
-
marc
but that was not the main exercise here
-
marc
Ge0rG, yes, the reason is that the ui renders all data form challenges directly
-
marc
in the main version I would check if the challenge is for the jid and directly send it to the server and do not render it
-
marc
also at the moment I used data forms only, as said before in some cases a dedicated challenge type would be beneficial
-
marc
But it took me like 20 minutes to build an invite token challenge on top of the existing code
-
Ge0rG
Yeah, specifying the exact form fields or using a dedicated challenge should allow the client to make proper UI
-
marc
Ge0rG, exactly
-
flow
marc, IIRC data forms provide a field type for passwords
-
marc
flow, yes, they do. what's the context?
-
flow
marc, not sure, it sounded like you didn't knew about that
-
marc
flow: I do but I didn't care for this poc
-
marc
flow: btw, do you have a good howto for smack on desktop?
-
marc
I failed with all the Java Gradle shit
-
flow
marc: happy to help, not sure which issues you ran into. gradle is smack build system, but you don't need to use it in order to consume smack. maybe ask in smack@conference.igniterealtime.org✎ -
flow
marc: happy to help, not sure which issues you ran into. gradle is smack's build system, but you don't need to use it in order to consume smack. maybe ask in smack@conference.igniterealtime.org ✏
-
mdosch
Gradle of filth?
-
Zash
Gah, I opened XEP-0060 to a random section and found something I've never heard of before. Why?
-
edhelas
Zash I actually saw that exact message opening 0060 randomly last time I checked
-
edhelas
Is it some kind of malediction ?