-
emus
==== Reminder to add your news 📝 If you have somethibg to say for February Newsletter now is the perfect time! Newsletter draft on Github: https://github.com/xsf/xmpp.org/milestone/3 Or drop your news text to our online pad: https://yopad.eu/p/xmpp-newsletter-365days We are always happy for supporters at the end of the month to finalize the draft! 🎛 ============✎ -
emus
==== Reminder to add your news 📝 If you have something to say for February Newsletter now is the perfect time! Newsletter draft on Github: https://github.com/xsf/xmpp.org/milestone/3 Or drop your news text to our online pad: https://yopad.eu/p/xmpp-newsletter-365days We are always happy for supporters at the end of the month to finalize the draft! 🎛 ============ ✏
-
moparisthebest
this is finally available, update on SRV2 and encrypted client hello (replaces encrypted SNI and ALPN) https://www.ripe.net/participate/ripe/wg/active-wg/dns/remote-sessions/svcb_https_-ripe-2020.pdf
-
Zash
> The page you requested is undergoing maintenance and is temporarily unavailable.
-
Zash
What‽
-
Zash
Can't serve a PDF without Javascript???
-
moparisthebest
works for me in firefox and wget
-
Zash
It worked after enabling JS
-
moparisthebest
I think firefox's built-in pdf viewer needs JS
-
Zash
I doubt that
-
Zash
I mean, it's written in JS, but I don't think that would have caused RIPE to send me an error page
-
moparisthebest
yea that doesn't make sense I agree
-
L29Ah
worksforme
-
L29Ah
i guess Zash enabling JS in his browser coincided with ripe fixing their crap
-
Zash
Still screams "the web stubbornly refused to go with SRV records and now NIHed an overcomplicated hack for it" to me
-
moparisthebest
SRV records don't support "use key X for host Y but key B for host A"
-
Zash
But you can publish full keys with DANE
-
moparisthebest
well it's not *only* keys either
-
Zash
Hence "overcomplicated"
-
moparisthebest
it can also say "use http2 with host Y but http1.1 with host X"
-
L29Ah
moparisthebest: don't they? _foo.bar.baz and _foo.rab.baz are different contents for different hosts
-
moparisthebest
which will actually be very helpful for XMPP too
-
moparisthebest
L29Ah, right, but for 1 domain, not 2
-
L29Ah
1 domain = 1 host
-
Zash
As a cynic, I have to say that I doubt it will be of any use for anyhing but https.
-
Zash
Since HTTPS gets a special record of its own, I'm counting on that being the only thing supported
-
moparisthebest
L29Ah, no, google.com is not hosted on 1 server/host
-
SamWhited
I don't think 1 domain = 1 host has been true for any multi-host service that I've ever run or helped work on :)
-
L29Ah
ahh
-
L29Ah
and sharing a key is not an option; what about sharing a CA though?
-
L29Ah
though X.509 stuff is an abomination anyway
-
moparisthebest
the key used to encrypt the client hello isn't shared across hosts, necessarily anyway
-
SamWhited
oh hey, one of my coworkers is an author on this; I should ask him to give me the rundown
- L29Ah leaves mumbing about roots of trust
-
SamWhited
*former coworkers
-
moparisthebest
but roughly, XMPP-wise, we can replace RFC SRV, xep-368 SRV, and xep-0156 TXT, with a much better single-SRV2 lookup
-
moparisthebest
then get encrypted client hello for free, and future QUIC support is easily implemented the same way
-
moparisthebest
the main thing I'm not understanding is everything seems to say SVCB and HTTPS record types are identical, except for the record type code
-
Zash
yes
-
moparisthebest
anyway it might make sense for XMPP to use the HTTPS record specifically for the reasons Zash mentioned above :D
-
Zash
so shose shitty consumer router vendors will do what, you think?
-
Zash
you know, those that don't support SRV records. at all.
-
moparisthebest
right but that'll be fixed quickly when people have a degraded facebook/gmail experience
-
Zash
tho it would be good to do deeper investigation into those ~10% of users behaving as if no SRV exists
-
mathieui
There is nothing preventing available presences to come from bare JIDs, right?
-
mathieui
(looking at https://dev.gajim.org/gajim/gajim/-/issues/10461)
-
mathieui
The RFC does not disallow it (and it makes sense for components), but it explicitly allows unavailable presence
-
Daniel
i think we've discussed this recently and the vibe in the room was that this is not ok
-
Daniel
i have seen gateways do this though and Conversations has support for this
-
Daniel
but i'm really unsure that this is correct behaviour
-
Daniel
unavailable from bare means all resources though
-
mathieui
Yes
-
Daniel
so the fact that this is allowed doesn’t mean available should be allowed
-
Daniel
on the contrary this might be an argument to not allow it
-
mathieui
XEP-0100 makes use of this though
-
mathieui
https://xmpp.org/extensions/xep-0100.html#usecases-jabber-addcontact-pri at step 4
-
lovetox
so gateway users have no resource Oo
-
mathieui
lovetox, well, lots of networks have no concept of "resource"
-
lovetox
yeah and others have
-
mathieui
in which case the gateways can reflect that
-
Daniel
well the fact that some gateways might decide to omit the resource doesn’t mean all gateways have to
-
Daniel
but of course they could also decide to go for a static resource
-
mathieui
Of course, if that is relevant to the gateway, I don’t think anything forbids sending gatewayed presence from full-jids
-
eta
hey, I write a gateway
- eta checks what they do here
-
lovetox
i really dont like that
-
lovetox
this is again something i need to special case
-
eta
answer: using no resource
-
eta
I didn't know that was bad
-
Daniel
well we don’t know if that's bad :-)
-
Daniel
it's certainly unusual
-
lovetox
i find this is the job of the bridge, like i dont care some other chat network has no concept of resource
-
eta
I send presence subscription requests from the barejid too fwiw
-
Daniel
and creates weird corner cases like: can you have a resource from bare and one from a full
-
Daniel
aehm presence i mean
- eta uses bare JIDs as much as possible
-
mathieui
eta, that does not matter as much, afaik
-
eta
although I think messages do come from a resource
-
mathieui
because subscription requests are expected to be resource-less
-
mathieui
but available presences are used to display things in UI, generally
-
Daniel
foo@bar.tld type=available, foo@bar.tld/something type=available foo@bar.tld type=unavailable is foo@bar.tld online or offline now?
-
mathieui
Daniel, offline, per 6121 :p
-
mathieui
though an entity sending both resourced and bare presences would have a weird thing going on