XSF Discussion - 2020-12-08


  1. antranigv has left
  2. wurstsalat has left
  3. strypey has joined
  4. strypey has left
  5. NosoyHacker404 has left
  6. NosoyHacker404 has joined
  7. antranigv has joined
  8. Ca_Gi has left
  9. Ca_Gi has joined
  10. govanify has left
  11. govanify has joined
  12. Ca_Gi has left
  13. Ca_Gi has joined
  14. lskdjf has left
  15. Ca_Gi has left
  16. Ca_Gi has joined
  17. Ca_Gi has left
  18. Ca_Gi has joined
  19. Ca_Gi has left
  20. Ca_Gi has joined
  21. Ca_Gi has left
  22. Ca_Gi has joined
  23. Ca_Gi has left
  24. Ca_Gi has joined
  25. Lance has left
  26. emus has left
  27. Ca_Gi has left
  28. Ca_Gi has joined
  29. arc has left
  30. arc has joined
  31. Lance has joined
  32. Zash has left
  33. Zash has joined
  34. Ca_Gi has left
  35. Ca_Gi has joined
  36. Ca_Gi has left
  37. Ca_Gi has joined
  38. dwd has left
  39. j.r has left
  40. LNJ has joined
  41. Ca_Gi has left
  42. Ca_Gi has joined
  43. alex-a-soto has left
  44. alex-a-soto has joined
  45. Ca_Gi has left
  46. Ca_Gi has joined
  47. Arne has left
  48. Arne has joined
  49. Ca_Gi has left
  50. Ca_Gi has joined
  51. peetah has left
  52. peetah has joined
  53. NosoyHacker404 has left
  54. Ca_Gi has left
  55. Ca_Gi has joined
  56. Ca_Gi has left
  57. Ca_Gi has joined
  58. NosoyHacker404 has joined
  59. Ca_Gi has left
  60. Ca_Gi has joined
  61. krauq has left
  62. krauq has joined
  63. Lance has left
  64. LNJ has left
  65. Ca_Gi has left
  66. Ca_Gi has joined
  67. Ca_Gi has left
  68. Ca_Gi has joined
  69. Lance has joined
  70. waqas has left
  71. Ca_Gi has left
  72. Ca_Gi has joined
  73. Ca_Gi has left
  74. Ca_Gi has joined
  75. Ca_Gi has left
  76. Ca_Gi has joined
  77. Ca_Gi has left
  78. Ca_Gi has joined
  79. chronosx88 has joined
  80. alex-a-soto has left
  81. alex-a-soto has joined
  82. Ca_Gi has left
  83. Ca_Gi has joined
  84. Ca_Gi has left
  85. Ca_Gi has joined
  86. Lance has left
  87. krauq has left
  88. krauq has joined
  89. Ca_Gi has left
  90. Ca_Gi has joined
  91. Yagiza has joined
  92. Ca_Gi has left
  93. Ca_Gi has joined
  94. Lance has joined
  95. wladmis has left
  96. wladmis has joined
  97. Ca_Gi has left
  98. Ca_Gi has joined
  99. Ca_Gi has left
  100. Ca_Gi has joined
  101. NosoyHacker404 has left
  102. NosoyHacker404 has joined
  103. wladmis has left
  104. peetah has left
  105. peetah has joined
  106. Ca_Gi has left
  107. Ca_Gi has joined
  108. Ca_Gi has left
  109. Ca_Gi has joined
  110. Ca_Gi has left
  111. Ca_Gi has joined
  112. Ca_Gi has left
  113. Ca_Gi has joined
  114. krauq has left
  115. krauq has joined
  116. krauq has left
  117. krauq has joined
  118. Ca_Gi has left
  119. Ca_Gi has joined
  120. krauq has left
  121. krauq has joined
  122. Ca_Gi has left
  123. Ca_Gi has joined
  124. Daniel has left
  125. Daniel has joined
  126. Ca_Gi has left
  127. Ca_Gi has joined
  128. Adi has left
  129. Tobias has joined
  130. DebXWoody has joined
  131. lorddavidiii has joined
  132. Ca_Gi has left
  133. Ca_Gi has joined
  134. alex-a-soto has left
  135. alex-a-soto has joined
  136. Ca_Gi has left
  137. Ca_Gi has joined
  138. Lance has left
  139. antranigv has left
  140. Andrzej has joined
  141. Mikaela has joined
  142. speedball has joined
  143. antranigv has joined
  144. Ca_Gi has left
  145. Ca_Gi has joined
  146. lovetox has joined
  147. Lance has joined
  148. Andrzej has left
  149. krauq has left
  150. antranigv has left
  151. Ca_Gi has left
  152. Ca_Gi has joined
  153. antranigv has joined
  154. krauq has joined
  155. SnowCode has joined
  156. lovetox has left
  157. Ca_Gi has left
  158. Ca_Gi has joined
  159. dwd has joined
  160. wurstsalat has joined
  161. Ca_Gi has left
  162. Ca_Gi has joined
  163. Lance has left
  164. Ca_Gi has left
  165. Ca_Gi has joined
  166. jcbrand has joined
  167. Ca_Gi has left
  168. Ca_Gi has joined
  169. Ca_Gi has left
  170. Ca_Gi has joined
  171. Lance has joined
  172. SnowCode has left
  173. SnowCode has joined
  174. SnowCode has left
  175. SnowCode has joined
  176. krauq has left
  177. krauq has joined
  178. Ca_Gi has left
  179. j.r has joined
  180. Ca_Gi has joined
  181. Ca_Gi has left
  182. Ca_Gi has joined
  183. krauq has left
  184. krauq has joined
  185. Ca_Gi has left
  186. lorddavidiii has left
  187. Ca_Gi has joined
  188. emus has joined
  189. lovetox has joined
  190. Ca_Gi has left
  191. Ca_Gi has joined
  192. Lance has left
  193. SnowCode has left
  194. SnowCode has joined
  195. moparisthebest has left
  196. Ca_Gi has left
  197. Ca_Gi has joined
  198. lorddavidiii has joined
  199. moparisthebest has joined
  200. Ca_Gi has left
  201. Ca_Gi has joined
  202. goffi has joined
  203. Ca_Gi has left
  204. Ca_Gi has joined
  205. Andrzej has joined
  206. Andrzej has left
  207. Andrzej has joined
  208. Ca_Gi has left
  209. Ca_Gi has joined
  210. Andrzej has left
  211. Andrzej has joined
  212. Andrzej has left
  213. Andrzej has joined
  214. Andrzej has left
  215. SnowCode has left
  216. Ca_Gi has left
  217. Ca_Gi has joined
  218. Ca_Gi has left
  219. Ca_Gi has joined
  220. debacle has joined
  221. Ca_Gi has left
  222. Ca_Gi has joined
  223. alameyo has left
  224. Ca_Gi has left
  225. Steve Kille has left
  226. Ca_Gi has joined
  227. Andrzej has joined
  228. Ca_Gi has left
  229. Ca_Gi has joined
  230. LNJ has joined
  231. j.r has left
  232. Ca_Gi has left
  233. Ca_Gi has joined
  234. j.r has joined
  235. Ca_Gi has left
  236. Ca_Gi has joined
  237. lorddavidiii has left
  238. Kev has joined
  239. lorddavidiii has joined
  240. Ca_Gi has left
  241. Ca_Gi has joined
  242. Ca_Gi has left
  243. Ca_Gi has joined
  244. Lance has joined
  245. SnowCode has joined
  246. Ca_Gi has left
  247. Ca_Gi has joined
  248. Kev has left
  249. Kev has joined
  250. alameyo has joined
  251. lovetox has left
  252. Ca_Gi has left
  253. Ca_Gi has joined
  254. lskdjf has joined
  255. chronosx88 has left
  256. chronosx88 has joined
  257. speedball has left
  258. chronosx88 has left
  259. chronosx88 has joined
  260. speedball has joined
  261. Andrzej has left
  262. Ca_Gi has left
  263. Ca_Gi has joined
  264. speedball has left
  265. Andrzej has joined
  266. Maranda has left
  267. alameyo has left
  268. lorddavidiii has left
  269. Andrzej has left
  270. Andrzej has joined
  271. neshtaxmpp has left
  272. neshtaxmpp has joined
  273. Ca_Gi has left
  274. Ca_Gi has joined
  275. govanify has left
  276. govanify has joined
  277. Ca_Gi has left
  278. alex-a-soto has left
  279. Maranda has joined
  280. alex-a-soto has joined
  281. Ca_Gi has joined
  282. Lance has left
  283. Andrzej has left
  284. Andrzej has joined
  285. alameyo has joined
  286. lorddavidiii has joined
  287. Ca_Gi has left
  288. Ca_Gi has joined
  289. Zash has left
  290. Zash has joined
  291. debacle has left
  292. Zash has left
  293. Zash has joined
  294. Ca_Gi has left
  295. Ca_Gi has joined
  296. Andrzej has left
  297. lorddavidiii has left
  298. Maranda has left
  299. Maranda has joined
  300. Arne has left
  301. Ca_Gi has left
  302. peetah has left
  303. peetah has joined
  304. Ca_Gi has joined
  305. Zash has left
  306. Zash has joined
  307. LNJ has left
  308. Kev has left
  309. Kev has joined
  310. Andrzej has joined
  311. Andrzej has left
  312. Andrzej has joined
  313. LNJ has joined
  314. lorddavidiii has joined
  315. Ca_Gi has left
  316. Ca_Gi has joined
  317. krauq has left
  318. krauq has joined
  319. krauq has left
  320. krauq has joined
  321. Andrzej has left
  322. Ca_Gi has left
  323. Ca_Gi has joined
  324. Andrzej has joined
  325. Lance has joined
  326. Ca_Gi has left
  327. Ca_Gi has joined
  328. Andrzej has left
  329. Andrzej has joined
  330. Ca_Gi has left
  331. Ca_Gi has joined
  332. Kev has left
  333. Kev has joined
  334. raghavgururajan has left
  335. Lance has left
  336. Ca_Gi has left
  337. Ca_Gi has joined
  338. lovetox has joined
  339. Andrzej has left
  340. Ca_Gi has left
  341. Ca_Gi has joined
  342. chronosx88 has left
  343. chronosx88 has joined
  344. SnowCode has left
  345. SnowCode has joined
  346. paul has left
  347. paul has joined
  348. Neustradamus has left
  349. Neustradamus has joined
  350. Andrzej has joined
  351. Ca_Gi has left
  352. Ca_Gi has joined
  353. Andrzej has left
  354. Andrzej has joined
  355. Neustradamus has left
  356. Neustradamus has joined
  357. Arne has joined
  358. Neustradamus has left
  359. Neustradamus has joined
  360. paul has left
  361. alameyo has left
  362. Ca_Gi has left
  363. Ca_Gi has joined
  364. paul has joined
  365. Maranda has left
  366. Maranda has joined
  367. serge90 has joined
  368. Andrzej has left
  369. Maranda has left
  370. Maranda has joined
  371. krauq has left
  372. krauq has joined
  373. Andrzej has joined
  374. Ca_Gi has left
  375. Kev has left
  376. Kev has joined
  377. Ca_Gi has joined
  378. Maranda has left
  379. Maranda has joined
  380. SnowCode has left
  381. SnowCode has joined
  382. SnowCode has left
  383. SnowCode has joined
  384. emus has left
  385. emus has joined
  386. SnowCode has left
  387. Ca_Gi has left
  388. Ca_Gi has joined
  389. Andrzej has left
  390. Andrzej has joined
  391. SnowCode has joined
  392. Ca_Gi has left
  393. Ca_Gi has joined
  394. xecks has left
  395. xecks has joined
  396. Tobias has left
  397. Tobias has joined
  398. Ca_Gi has left
  399. Ca_Gi has joined
  400. Kev has left
  401. Kev has joined
  402. Ca_Gi has left
  403. Ca_Gi has joined
  404. Andrzej has left
  405. Kev has left
  406. Kev has joined
  407. krauq has left
  408. krauq has joined
  409. Lance has joined
  410. Ca_Gi has left
  411. Ca_Gi has joined
  412. Ca_Gi has left
  413. Ca_Gi has joined
  414. Ca_Gi has left
  415. Ca_Gi has joined
  416. Kev has left
  417. Kev has joined
  418. Lance has left
  419. pasdesushi has joined
  420. Ca_Gi has left
  421. Ca_Gi has joined
  422. alameyo has joined
  423. Ca_Gi has left
  424. Ca_Gi has joined
  425. pasdesushi has left
  426. debacle has joined
  427. Kev has left
  428. Kev has joined
  429. pasdesushi has joined
  430. pasdesushi has left
  431. pasdesushi has joined
  432. Steve Kille has joined
  433. lovetox has left
  434. pasdesushi has left
  435. pasdesushi has joined
  436. pasdesushi has left
  437. pasdesushi has joined
  438. Holger SamWhited: I don't quite get the reasoning for prefering PLAIN over MD5 in <https://xmpp.org/extensions/xep-0438.html#pinning> (and in draft-ietf-kitten-password-storage-02).
  439. Zash RFC 6331 !
  440. Ca_Gi has left
  441. Ca_Gi has joined
  442. SamWhited Holger: MD5 can be broken in a few minutes on a normal laptop and if you use it you can't hash the password on the server. Plain doesn't protect the password in transit (just like MD5) but the server can hash and compare against bcrypt or something, so it does protect it at rest.
  443. pasdesushi has left
  444. pasdesushi has joined
  445. Holger All true of course, but this is about a client preference list, not about the question "should servers store clear-text", no?
  446. Holger I.e. are these reasonings relevant to the client in the situation where the server offers MD5 + PLAIN?
  447. SamWhited Yes. The client should prefer the thing that gives the server the flexibility to drop MD5 later.
  448. Holger That's the part I don't get, I guess :-)
  449. SamWhited Also it says not to support MD5 at all, so plain just wins by default
  450. Holger I half-get that part.
  451. SamWhited We're trying to make the upgrade path smooth. We can't necessarily guarantee that any given server is doing good things with our data, but we can at least encourage them not to do bad things by not supporting and using them ourselves.
  452. Holger Hm k, fair enough.
  453. SamWhited I should probably remove MD5 from that example ordering entirely; it's just there for the purpose of example while the actual normative text says not to use MD5 at all but it's probably confusing having it in a list
  454. jonas’ with that line of argument, you should always use PLAIN, even if SCRAM is offered
  455. Holger That reasoning sounds a bit twisted to my ears.
  456. SamWhited jonas’: for hash agility? I tend to agree with that, but I know most people won't.
  457. Holger I'm not sure I like such twists in documents that make security recommendations. Esp. if those twists aren't made very explicit.
  458. SamWhited I should make it more explicit then. I don't think it's a twist though: MD5 is broken and deprecated, there is another RFC by experts that says so seems like a pretty straight forward reason not to use it to me.
  459. Holger Right now the reasoning reads bogus to me and reduces the confidence I have into those documents.
  460. jonas’ then again, I also don’t understand why what a client uses (when faced with multiple choices) has any influence on what a server does
  461. jonas’ assuming that PLAIN is not supported by clients because they always pick DIGEST-MD5 when faced with PLAIN + DIGEST-MD5 is not quite realistic
  462. fuana has joined
  463. SamWhited It has an influence when the server admin wants to upgrade but they have a hundred customers still using MD5 that they'd have to migrate and they decide not to bother.
  464. SamWhited But I agree it's not likely to happen in real life, and also the text that ranks them is literally just an example. I'll just remove MD5 from it entirely.
  465. fuana has left
  466. fuana has joined
  467. Neustradamus SamWhited: We have already spoken about MD5 previously, I am very happy to see other people too :)
  468. Holger What I see in practice is effects such as: (1) Back in the days, people deemed MD5 more secure[tm] than PLAIN. So clients such as Psi disabled PLAIN by default, only allowing MD5. (2) Today, people read security docs such as yours and explicitly disable MD5 in ejabberd configs, PLAIN still being permitted. Result: Psi can no longer log in. Security win: Non-existent.
  469. Holger I'm all for security improvements. But only if they actually improve security.
  470. SamWhited Oh I see, that's where I disagree then. I think that is a good thing and we should be pushing for MD5 to be deprecated.
  471. SamWhited If it means ancient clients can't log in, so be it. Let's not let them hold us back from deprecating an actually broken mechanism.
  472. jonas’ it’s not more broken than PLAIN though
  473. pasdesushi has left
  474. pasdesushi has joined
  475. pasdesushi has left
  476. SamWhited It is more broken than plain because if servers support it they can't do any other sort of hashing.
  477. pasdesushi has joined
  478. Holger In my scenario the client doesn't hold us back from anything. We just break auth for no reason at all.
  479. SamWhited With DIGEST-MD5 your security is just entirely broken. With PLAIN you at least get the same level of transport security as the web if you're using TLS, and at rest you get good hash agility and strong hashing.
  480. Holger In my scenario the server has plain-text passwords.
  481. jonas’ SamWhited, ok, that’s not wrong, but that should go in server recommendations then, not client recommendations.
  482. Holger If the server only has hashes, MD5 will just not work anyway. That's fine and in that case there's nothing to discuss.
  483. Holger We're only talking about the scenario where the server has plain-text passwords.
  484. SamWhited That's a good idea, maybe it's in the wrong section. Client recommendations just say "Don't use MD5 and prefer SCRAM to plain" and server recommendations say "Don't support MD5, if you support plain use bcrypt" or something.
  485. rion has joined
  486. SamWhited Holger: why does the server have plain-text passwords at all?
  487. Holger SamWhited: That question is entirely unrelated to the client preference list.
  488. Holger There's reasons for having plain-text passwords. Other services needing them anyway or whatever. Unrelated.
  489. Holger I'm obviously all for suggesting server admins to prefer hashing passwords _if_ they don't need clear-text.
  490. SamWhited I disagree, in most environments I believe that's an unacceptable way to do things. There may of course be super specific niche use cases for it, but this document is meant to be a general security document which can't cater to every niche use case or it would have to say "It's good to use TLS, but you don't have to, and it's good to have authentication at all, but you can trust the network or just everybody, etc."
  491. SamWhited These are best practices, not overall global rules and I think that's the only practical way to write a document like this.
  492. rion SamWhited: 👍
  493. Holger I work for a university and we're running various commercial software that requires clear-text passwords. I don't think we're super-niche. But that's all completely besides the point.
  494. pasdesushi has left
  495. pasdesushi has joined
  496. SamWhited Again, that's fine, I just don't think a best practices document needs to cater to that
  497. Holger I disagree with documents having to be written like this, but whatever.
  498. SamWhited If it matters to you maybe it's worth bringing it up on the kitten list so the actual experts can weigh in?
  499. Holger Doesn't matter enough to me :-)
  500. Holger But thanks for your feedback, I might disagree but get your idea now.
  501. SamWhited For now based on this feedback I'm going to remove DIGEST-MD5/CRAM-MD5 from the example ordering because it seems to be confusing in general (some people didn't read the rest of the text and assumed that meant they should be supported, others just disagreed with the ordering somewhat like this even though it doesn't matter since they're just deprecated) and I'll re-evaluate what belongs in client/server best practices.
  502. SamWhited Thanks for bringing it up
  503. Holger 👍 Removing it altogether makes more sense to me.
  504. pasdesushi has left
  505. pasdesushi has joined
  506. adiaholic has left
  507. Zash SCRAM-SHA-1 has been MTI in XMPP, and DIGEST-MD5 has been deprecated since 2011. I'm all in favor of considering it dead.
  508. rion regarding Psi doesn't login anymore. with which sasl mechanisms?
  509. rion SCRAM-SHA-1 works for years there..
  510. pasdesushi has left
  511. pasdesushi has joined
  512. Holger rion: Yeah may well just be old versions affected.
  513. Holger And/or Tkabber?
  514. Holger Forgot.
  515. Holger I remember "allow plaintext auth: no" knobs in both, and in the past this meant "no PLAIN, just MD5".
  516. adiaholic has joined
  517. Andrzej has joined
  518. rion btw how to force ejabberd to offer other than scram-sha-1 scram mechs?
  519. wladmis has joined
  520. fuana has left
  521. fuana has joined
  522. rion > And/or Tkabber? I guess this one is really dead for years.
  523. Holger Other SCRAM mechanisms weren't supported until very recently (committed during the past few days).
  524. fuana has left
  525. pasdesushi has left
  526. SamWhited Holger: out of curiosity, how did you handle supporting multiple SCRAM mechanisms? Only allow the one negotiated by the client or do you store multiple sets of SCRAM bits?
  527. SamWhited Or force dropping back to plain text storage?
  528. rion I always use ejabberd for all my local tests. So this is somewhat important to me :)
  529. andy has left
  530. Ca_Gi has left
  531. Holger rion: Use the current Git code :-)
  532. Ca_Gi has joined
  533. andy has joined
  534. Holger SamWhited: So far we (the code isn't by me) only store a single hash.
  535. Zash Same in prosody
  536. Holger So the client can only use that mechanism. Unless the admin has plain-text storage of course (which is still the default).
  537. SamWhited Okay, thanks. I'd be really curious if you have issues with eg. people who use Conversations and Dino and Converations logs in with SCRAM-SHA-256 first so now Dino can never log in again because it doesn't support it (it might, I have no idea, just an example)
  538. jonas’ THE DEFAULT?
  539. jonas’ SamWhited, it’s not so much about logging in as much as about what happens during initial account provisioning
  540. Holger SamWhited: I'm sure we'll run into those. Which is the reason I wasn't looking all that much forward to SRAM-XXX support.
  541. SamWhited Yah, I'm not a huge fan of SCRAM for this reason among others.
  542. jonas’ and the problem with that is obviously that mechanisms are listed pre-auth, so there’s no way to do hash agility with scram without plain storage
  543. Zash jonas’, don't look at prosodys defaults
  544. jonas’ Zash, I was under the impression that internal_hashed is the default nowadays?
  545. Zash jonas’, you can store multiple sets of hashes
  546. jonas’ Zash, yeah, but you would’ve had to have those stored like 10 years ago
  547. Holger jonas': ejabberd support SIP by default, among other things :-)
  548. SamWhited I wrote eIBR with an aim to solve this somewhat, but it's still not great that we have to work around this with a separate protocol
  549. jonas’ Holger, how’s that an excuse for storing plaintext by default?
  550. Holger SIP needs it?
  551. jonas’ does it?
  552. Holger Yes.
  553. jonas’ I don’t know SIP really, but I fail to imagine a protocol which forces plain-text credential storage on the server side
  554. Holger And so does TURN if you don't do XEP-0215, for example.
  555. Zash jonas’, default/template config file doesn't necessarily match the built-in defaults...
  556. jonas’ Zash, ok, right, I judge by the default config file :)
  557. SamWhited Oof, both of these things hurt me.
  558. jonas’ Holger, then again, I’m super tired and exhausted and maybe my imagination is just lacking
  559. Zash SamWhited: Aha! Revenge for your anti-SCRAM propaganda!!!1! :P
  560. Holger jonas': Well any protocol which does MD5 auth or something like that.
  561. SamWhited hah, fair enough. Jokes aside though, this sort of basic configuration and policy thing is how security issues happen. It's almost never a directed malicious actor you have to worry about, it's things that confuse the user or don't actually do what they say on the tin that causes someone to configure something badly,or they don't configure it and it's insecure by default and their database gets stolen or whatever
  562. Zash Holger, how do you deal with FIPS mode or whatsitcalled where even thinking "md5" gets you SIGKILL'd?
  563. jonas’ Holger, right m(
  564. Holger jonas': I.e. "avoid transmitting plain-text password by transmitting a MAC/hash instead", which requires the clear-text password as input. A decade or two ago, everyone did that because security.
  565. Andrzej has left
  566. Alex has left
  567. Alex has joined
  568. Andrzej has joined
  569. Holger Zash: Er, there's something where leaving it to the admin isn't good enough?
  570. jonas’ Holger, yeah, right, makes sense
  571. jonas’ especially for stuff like SIP
  572. Zash Holger: Someone had trouble because Prosody uses md5 in a non-security thing and it would hit an assert or something in OpenSSL in FIPS mode because you're not allowed to touch it.
  573. Zash Much fun.
  574. Holger Ah eww.
  575. APach has left
  576. xsf has left
  577. xsf has joined
  578. Andrzej has left
  579. Ca_Gi has left
  580. Ca_Gi has joined
  581. Kev has left
  582. Kev has joined
  583. Алексей has joined
  584. serge90 has left
  585. Ca_Gi has left
  586. Ca_Gi has joined
  587. paul has left
  588. Lance has joined
  589. krauq has left
  590. krauq has joined
  591. Ca_Gi has left
  592. Ca_Gi has joined
  593. APach has joined
  594. Guus has left
  595. antranigv has left
  596. alameyo has left
  597. alameyo has joined
  598. alameyo has left
  599. Ca_Gi has left
  600. Ca_Gi has joined
  601. Adi has joined
  602. Andrzej has joined
  603. Lance has left
  604. Guus has joined
  605. alameyo has joined
  606. govanify has left
  607. govanify has joined
  608. Ca_Gi has left
  609. Ca_Gi has joined
  610. alex-a-soto has left
  611. alex-a-soto has joined
  612. Ca_Gi has left
  613. Ca_Gi has joined
  614. werdan has joined
  615. andrey.g has joined
  616. Ca_Gi has left
  617. Ca_Gi has joined
  618. Ca_Gi has left
  619. Ca_Gi has joined
  620. antranigv has joined
  621. LNJ has left
  622. Ca_Gi has left
  623. Ca_Gi has joined
  624. LNJ has joined
  625. Lance has joined
  626. Lance has left
  627. Lance has joined
  628. mdosch has left
  629. mdosch has joined
  630. Ca_Gi has left
  631. Ca_Gi has joined
  632. stpeter has joined
  633. stpeter has left
  634. SnowCode has left
  635. SnowCode has joined
  636. Andrzej has left
  637. krauq has left
  638. krauq has joined
  639. neshtaxmpp has left
  640. SnowCode has left
  641. SnowCode has joined
  642. paul has joined
  643. neshtaxmpp has joined
  644. Ca_Gi has left
  645. Ca_Gi has joined
  646. govanify has left
  647. govanify has joined
  648. lorddavidiii has left
  649. peetah has left
  650. peetah has joined
  651. lorddavidiii has joined
  652. xsf has left
  653. xsf has joined
  654. pasdesushi has joined
  655. Zash Does anyone happen to have machine-readable compliance suite data?
  656. waqas has joined
  657. pasdesushi has left
  658. SamWhited {"compliance_suites": "https://xmpp.org/extensions/xep-0443.html"}
  659. SamWhited *ducks as things are thrown*
  660. Ca_Gi has left
  661. Ca_Gi has joined
  662. Andrzej has joined
  663. SamWhited That would be nice to have.
  664. moparisthebest as we all know only XML is machine readable
  665. moparisthebest or... everything is machine readable given the right regex
  666. Zash define(brain, machine)
  667. SamWhited If "readable" is qualified by "given the right regex", pretty sure that makes XML unreadable.
  668. Zash Surely PCRE can do it
  669. Zash A thing that reads a DOAP and tells you what compliance level you're at would be nice
  670. SamWhited Fair. I'll move the goal posts and claim I always meant that "readable" includes "on a machine with finite memory" too then :)
  671. moparisthebest you can absolutely parse XML and even HTML with a regex
  672. wurstsalat Zash: Link Mauve worked on a DOAP parser afaik. For exactly that
  673. moparisthebest can != should though :)
  674. SamWhited moparisthebest: can you? Jokes aside, I think namespaces aren't regular and if you use PCRE you can define input that would result in very large expansions
  675. SamWhited But I dunno, haven't really thought about it, I think that's just an assumption I've had for a long time that I've never bothered to verify.
  676. SamWhited The internet suggets that I am wrong, but what does the internet know?
  677. moparisthebest I suspect you *could* fully support everything, you just wouldn't want to, but it works fine for simple cases
  678. SamWhited ahh, no, I know exactly why it's impossible: XML allows infinite nesting but the point of regular expressions it to be able to use finite automata ("finite" being the important part)
  679. SamWhited Anyways, sorry, stupid academic tangent that doesn't matter but is kind of interesting. Like you said: "don't do it"
  680. jonas’ XML itself, namespaces or not, is not regular.
  681. jonas’ many "regular expression" engines are also not regular though :)
  682. moparisthebest we need someone stubborn enough yet also well versed in sed enough to give it a go, if only we knew the guy who implemented an XMPP client in sed...
  683. jonas’ if only!
  684. jonas’ I do not interact with such crazyfolk!
  685. Yagiza has left
  686. Yagiza has joined
  687. SamWhited Zash: to your original question, the XEP source might not be the worst thing in the world to parse? I mean, it's not ideal, but it's probably not too difficult to get the data out
  688. SamWhited I think the table layout is consistent between the various suites
  689. jonas’ mostly, I think
  690. Andrzej has left
  691. Andrzej has joined
  692. Ca_Gi has left
  693. Ca_Gi has joined
  694. Ca_Gi has left
  695. Ca_Gi has joined
  696. alex-a-soto has left
  697. Maranda has left
  698. krauq has left
  699. krauq has joined
  700. Zash 5×2×2 CS sub-suites :|
  701. Ca_Gi has left
  702. Ca_Gi has joined
  703. Maranda has joined
  704. APach has left
  705. Andrzej has left
  706. Andrzej has joined
  707. govanify has left
  708. govanify has joined
  709. Ca_Gi has left
  710. intosi has left
  711. Ca_Gi has joined
  712. NosoyHacker404 has left
  713. NosoyHacker404 has joined
  714. stpeter has joined
  715. stpeter has left
  716. Ca_Gi has left
  717. Ca_Gi has joined
  718. Ca_Gi has left
  719. Ca_Gi has joined
  720. Ca_Gi has left
  721. Ca_Gi has joined
  722. intosi has joined
  723. Ca_Gi has left
  724. Ca_Gi has joined
  725. Kev has left
  726. Kev has joined
  727. alameyo has left
  728. APach has joined
  729. edhelas has left
  730. antranigv has left
  731. lorddavidiii has left
  732. lorddavidiii has joined
  733. Ca_Gi has left
  734. Ca_Gi has joined
  735. intosi has left
  736. lovetox has joined
  737. stpeter has joined
  738. stpeter has left
  739. lovetox has left
  740. lovetox has joined
  741. Алексей In regards to SCRAM support in SIP: I started looking at writing an IETF draft on this. (@Neustradamus was talking to me about this for quite some time now.) I can't say how much interest there would be in IETF for this.
  742. intosi has joined
  743. pasdesushi has joined
  744. edhelas has joined
  745. pasdesushi has left
  746. pasdesushi has joined
  747. pasdesushi has left
  748. pasdesushi has joined
  749. antranigv has joined
  750. pasdesushi has left
  751. pasdesushi has joined
  752. Алексей I really need to rename my nick. I am Alexey Melnikov
  753. Ca_Gi has left
  754. Ca_Gi has joined
  755. Kev has left
  756. SamWhited Алексей: I keep meaning to ask you, are you thinking about submitting your SCRAM-SASL-3 and SHA-512 drafts to the working group or are you going the self-publishing route with those?
  757. pasdesushi has left
  758. Kev has joined
  759. intosi has left
  760. antranigv has left
  761. Andrzej has left
  762. Ca_Gi has left
  763. Ca_Gi has joined
  764. Алексей has left
  765. floretta has left
  766. Kev has left
  767. pasdesushi has joined
  768. mukt2 has joined
  769. Ca_Gi has left
  770. Ca_Gi has joined
  771. lorddavidiii has left
  772. Ca_Gi has left
  773. Ca_Gi has joined
  774. mukt2 has left
  775. pasdesushi has left
  776. alameyo has joined
  777. Ca_Gi has left
  778. Ca_Gi has joined
  779. lorddavidiii has joined
  780. Yagiza has left
  781. pasdesushi has joined
  782. floretta has joined
  783. Andrzej has joined
  784. Andrzej has left
  785. Andrzej has joined
  786. Ca_Gi has left
  787. Ca_Gi has joined
  788. guus.der.kinderen has joined
  789. stpeter has joined
  790. stpeter has left
  791. Ca_Gi has left
  792. Ca_Gi has joined
  793. lorddavidiii has left
  794. Andrzej has left
  795. Ca_Gi has left
  796. Ca_Gi has joined
  797. Ca_Gi has left
  798. Ca_Gi has joined
  799. lorddavidiii has joined
  800. antranigv has joined
  801. APach has left
  802. APach has joined
  803. pasdesushi has left
  804. Ca_Gi has left
  805. guus.der.kinderen has left
  806. Ca_Gi has joined
  807. Ca_Gi has left
  808. Ca_Gi has joined
  809. pasdesushi has joined
  810. werdan has left
  811. pasdesushi has left
  812. guus.der.kinderen has joined
  813. guus.der.kinderen has left
  814. guus.der.kinderen has joined
  815. pasdesushi has joined
  816. Mikaela has left
  817. Ca_Gi has left
  818. intosi has joined
  819. Ca_Gi has joined
  820. chronosx88 has left
  821. chronosx88 has joined
  822. guus.der.kinderen has left
  823. Ca_Gi has left
  824. Ca_Gi has joined
  825. deuill has left
  826. DebXWoody has left
  827. deuill has joined
  828. pasdesushi has left
  829. pasdesushi has joined
  830. Ca_Gi has left
  831. Ca_Gi has joined
  832. intosi has left
  833. lorddavidiii has left
  834. krauq has left
  835. krauq has joined
  836. pasdesushi has left
  837. andrey.g has left
  838. Ca_Gi has left
  839. Ca_Gi has joined
  840. goffi has left
  841. Ca_Gi has left
  842. Ca_Gi has joined
  843. pasdesushi has joined
  844. Andrzej has joined
  845. Ca_Gi has left
  846. Ca_Gi has joined
  847. chronosx88 has left
  848. chronosx88 has joined
  849. pasdesushi has left
  850. pasdesushi has joined
  851. Ca_Gi has left
  852. Ca_Gi has joined
  853. waqas has left
  854. pasdesushi has left
  855. debacle has left
  856. Ca_Gi has left
  857. Ca_Gi has joined
  858. Andrzej has left
  859. Andrzej has joined
  860. stpeter has joined
  861. stpeter has left
  862. Ca_Gi has left
  863. Ca_Gi has joined
  864. pasdesushi has joined
  865. Tobias has left
  866. pasdesushi has left
  867. Andrzej has left
  868. Andrzej has joined
  869. Ca_Gi has left
  870. Ca_Gi has joined
  871. nyco has left
  872. pasdesushi has joined
  873. Ca_Gi has left
  874. Ca_Gi has joined
  875. pasdesushi has left
  876. pasdesushi has joined
  877. rion has left
  878. Ca_Gi has left
  879. Ca_Gi has joined
  880. Andrzej has left
  881. pasdesushi has left
  882. jcbrand has left
  883. Ca_Gi has left
  884. Ca_Gi has joined
  885. Andrzej has joined
  886. NosoyHacker404 has left
  887. stpeter has joined
  888. stpeter has left
  889. Ca_Gi has left
  890. Ca_Gi has joined
  891. serge90 has joined
  892. Andrzej has left
  893. Andrzej has joined
  894. pasdesushi has joined
  895. nyco has joined
  896. pasdesushi has left
  897. pasdesushi has joined
  898. Andrzej has left
  899. Andrzej has joined
  900. peetah has left
  901. peetah has joined
  902. pasdesushi has left
  903. Ca_Gi has left
  904. Ca_Gi has joined
  905. SnowCode has left
  906. mukt2 has joined
  907. chronosx88 has left
  908. chronosx88 has joined
  909. Kev has joined
  910. Kev I'm not 100% what trolling is, but I fear I may have just done it.
  911. Kev bimbles off to bed before anyone notices.
  912. Andrzej has left
  913. pasdesushi has joined
  914. chronosx88 has left
  915. chronosx88 has joined
  916. mukt2 has left
  917. adiaholic has left
  918. Ca_Gi has left
  919. Ca_Gi has joined
  920. pasdesushi has left
  921. pasdesushi has joined
  922. Andrzej has joined
  923. adiaholic has joined
  924. Ca_Gi has left
  925. Ca_Gi has joined
  926. NosoyHacker404 has joined
  927. chronosx88 has left
  928. pasdesushi has left
  929. j.r has left
  930. j.r has joined
  931. Ca_Gi has left
  932. Ca_Gi has joined
  933. alameyo has left
  934. Andrzej has left
  935. Seve has left
  936. Andrzej has joined
  937. lovetox has left
  938. Ca_Gi has left
  939. Ca_Gi has joined
  940. Ca_Gi has left
  941. Ca_Gi has joined
  942. j.r has left
  943. Ca_Gi has left
  944. Ca_Gi has joined
  945. Andrzej has left
  946. peetah has left
  947. peetah has joined
  948. Ca_Gi has left
  949. Ca_Gi has joined
  950. andy has left
  951. Vaulor has left
  952. Ca_Gi has left
  953. Ca_Gi has joined
  954. emus has left