XSF Discussion - 2021-05-18

  1. marc has left

  2. marc has joined

  3. marc has left

  4. marc has joined

  5. marc has left

  6. marc has joined

  7. marc has left

  8. marc has joined

  9. marc has left

  10. marc has joined

  11. marc has left

  12. marc has joined

  13. marc has left

  14. marc has joined

  15. marc has left

  16. marc has joined

  17. marc has left

  18. marc has joined

  19. marc has left

  20. marc has joined

  21. marc has left

  22. marc has joined

  23. Seve has left

  24. marc has left

  25. marc has joined

  26. marc has left

  27. marc has joined

  28. marc has left

  29. Calvin has joined

  30. marc has joined

  31. marc has left

  32. marc has joined

  33. marc has left

  34. marc has joined

  35. marc has left

  36. marc has joined

  37. marc has left

  38. marc has joined

  39. marc has left

  40. marc has joined

  41. marc has left

  42. marc has joined

  43. marc has left

  44. marc has joined

  45. marc has left

  46. marc has joined

  47. marc has left

  48. marc has joined

  49. marc has left

  50. marc has joined

  51. marc has left

  52. marc has joined

  53. marc has left

  54. marc has joined

  55. marc has left

  56. BASSGOD has left

  57. marc has joined

  58. marc has left

  59. marc has joined

  60. marc has left

  61. marc has joined

  62. marc has left

  63. arc has left

  64. arc has joined

  65. marc has joined

  66. marc has left

  67. marc has joined

  68. arc has left

  69. arc has joined

  70. marc has left

  71. marc has joined

  72. marc has left

  73. marc has joined

  74. marc has left

  75. marc has joined

  76. marc has left

  77. BASSGOD has joined

  78. marc has joined

  79. marc has left

  80. marc has joined

  81. marc has left

  82. marc has joined

  83. marc has left

  84. marc has joined

  85. marc has left

  86. marc has joined

  87. BASSGOD has left

  88. marc has left

  89. marc has joined

  90. marc has left

  91. marc has joined

  92. marc has left

  93. moparisthebest

    qrpnxz: yes

  94. marc has joined

  95. marc has left

  96. qrpnxz

    I am severly confused by s2s comm. After a lot of reading, I think I'm close to understanding. RFC-6120 states that "foregoing considerations imply" that while completing STARTTLS and SASL negotiation two servers would use one TCP connection. Good. Therefore, bidi (XEP-0288) can be agreed upon during this period. The question is then how to do two connections. After negotiating the first connection, am I supposed to end the receiving server's stream, dial the initiator (with the same `id`?? seems illegal), and negotiate that connection, after which the initiator ends their stream on the second connection, and then we can talk to each other?

  97. qrpnxz

    Because that kind of seems insane.

  98. BASSGOD has joined

  99. Kev has left

  100. Kev has joined

  101. marc has joined

  102. marc has left

  103. marc has joined

  104. marc has left

  105. qrpnxz

    or i guess that the two streams are supposed to have different IDs and the second stream can reply to <iq/> from the first on the other connection without any problem just by having the id of that request?

  106. Kev has left

  107. Kev has joined

  108. BASSGOD has left

  109. sonny has left

  110. sonny has joined

  111. marc has joined

  112. marc has left

  113. marc has joined

  114. marc has left

  115. marc has joined

  116. marc has left

  117. marc has joined

  118. marc has left

  119. marc has joined

  120. Kev has left

  121. Kev has joined

  122. marc has left

  123. marc has joined

  124. qrpnxz

    ok so it looks like after SASL streams must be restarted. I suppose what you do is that the initiator starts a new stream, but the receiver instead goes and creates the second TCP conn?

  125. marc has left

  126. marc has joined

  127. marc has left

  128. marc has joined

  129. deuill has left

  130. marc has left

  131. marc has joined

  132. marc has left

  133. pjn has left

  134. marc has joined

  135. marc has left

  136. marc has joined

  137. marc has left

  138. Zash

    When you said bidi I thought of https://xmpp.org/extensions/xep-0288.html where there's no second connection.

  139. Kev has left

  140. Kev has joined

  141. BASSGOD has joined

  142. marc has joined

  143. marc has left

  144. Zash

    In standard xmpp without that, the other server creates their connection back whenever they want, usually when there's a reply or something to deliver. it's completely independent of any prior connection.

  145. marc has joined

  146. BASSGOD has left

  147. marc has left

  148. marc has joined

  149. Zash

    Unless you use Dialback, then there's a bunch of connections in every direction and everything is confusing and backwards.

  150. marc has left

  151. marc has joined

  152. qrpnxz

    Ok i think it should be as i now understand it then. Good.

  153. qrpnxz


  154. marc has left

  155. marc has joined

  156. marc has left

  157. Zash

    Dialback being https://xmpp.org/extensions/xep-0220.html

  158. marc has joined

  159. marc has left

  160. marc has joined

  161. marc has left

  162. marc has joined

  163. marc has left

  164. Kev has left

  165. Kev has joined

  166. marc has joined

  167. marc has left

  168. marc has joined

  169. marc has left

  170. marc has joined

  171. pjn has joined

  172. qrpnxz

    dialback looks like something i never wanna implement

  173. marc has left

  174. marc has joined

  175. marc has left

  176. marc has joined

  177. adiaholic has joined

  178. marc has left

  179. BASSGOD has joined

  180. alexbay218 has joined

  181. marc has joined

  182. marc has left

  183. marc has joined

  184. marc has left

  185. arc has left

  186. arc has joined

  187. arc has left

  188. arc has joined

  189. marc has joined

  190. marc has left

  191. marc has joined

  192. adiaholic has left

  193. marc has left

  194. marc has joined

  195. marc has left

  196. adiaholic has joined

  197. marc has joined

  198. marc has left

  199. marc has joined

  200. marc has left

  201. marc has joined

  202. marc has left

  203. adiaholic has left

  204. marc has joined

  205. marc has left

  206. marc has joined

  207. BASSGOD has left

  208. stp has left

  209. marc has left

  210. marc has joined

  211. marc has left

  212. adiaholic has joined

  213. marc has joined

  214. marc has left

  215. marc has joined

  216. marc has left

  217. marc has joined

  218. marc has left

  219. marc has joined

  220. BASSGOD has joined

  221. marc has left

  222. marc has joined

  223. marc has left

  224. marc has joined

  225. marc has left

  226. marc has joined

  227. marc has left

  228. marc has joined

  229. makoto has left

  230. marc has left

  231. marc has joined

  232. marc has left

  233. marc has joined

  234. marc has left

  235. marc has joined

  236. marc has left

  237. marc has joined

  238. marc has left

  239. marc has joined

  240. marc has left

  241. adiaholic has left

  242. marc has joined

  243. marc has left

  244. marc has joined

  245. marc has left

  246. marc has joined

  247. marc has left

  248. marc has joined

  249. marc has left

  250. marc has joined

  251. marc has left

  252. marc has joined

  253. marc has left

  254. arc has left

  255. arc has joined

  256. marc has joined

  257. marc has left

  258. marc has joined

  259. marc has left

  260. marc has joined

  261. arc has left

  262. arc has joined

  263. marc has left

  264. marc has joined

  265. marc has left

  266. adiaholic has joined

  267. marc has joined

  268. marc has left

  269. arc has left

  270. arc has joined

  271. arc has left

  272. marc has joined

  273. BASSGOD has left

  274. arc has joined

  275. marc has left

  276. arc has left

  277. arc has joined

  278. marc has joined

  279. marc has left

  280. arc has left

  281. arc has joined

  282. marc has joined

  283. marc has left

  284. marc has joined

  285. arc has left

  286. arc has joined

  287. marc has left

  288. marc has joined

  289. marc has left

  290. marc has joined

  291. marc has left

  292. marc has joined

  293. marc has left

  294. marc has joined

  295. marc has left

  296. BASSGOD has joined

  297. marc has joined

  298. marc has left

  299. Calvin has left

  300. BASSGOD has left

  301. marc has joined

  302. marc has left

  303. marc has joined

  304. marc has left

  305. marc has joined

  306. marc has left

  307. adiaholic has left

  308. marc has joined

  309. marc has left

  310. adiaholic has joined

  311. marc has joined

  312. marc has left

  313. BASSGOD has joined

  314. marc has joined

  315. marc has left

  316. marc has joined

  317. marc has left

  318. Sam

    We should consider obsoleting dialback again.

  319. marc has joined

  320. marc has left

  321. moparisthebest

    Why? DNSSEC adoption keeps going up

  322. BASSGOD has left

  323. marc has joined

  324. moparisthebest

    And does anyone validate TLS certificates when doing dialback? That seems to work fine

  325. marc has left

  326. marc has joined

  327. marc has left

  328. qrpnxz

    it's the other way around mate, who'd wanna do dialback after validating TLS

  329. marc has joined

  330. arc has left

  331. marc has left

  332. arc has joined

  333. moparisthebest

    I mean when you connect to bob.com's server, you validate it has a valid cert for bob.com before sending anything

  334. marc has joined

  335. marc has left

  336. marc has joined

  337. arc has left

  338. arc has joined

  339. qrpnxz

    Right, with TLS

  340. marc has left

  341. arc has left

  342. arc has joined

  343. marc has joined

  344. marc has left

  345. moparisthebest

    Yes, dialback is still needed for validation the other direction, to prove to bob.com who you are

  346. marc has joined

  347. marc has left

  348. arc has left

  349. arc has joined

  350. qrpnxz

    That's also with TLS

  351. BASSGOD has joined

  352. arc has left

  353. arc has joined

  354. moparisthebest

    With sasl external it is, but dialback also works fine in the absence of that I guess

  355. marc has joined

  356. marc has left

  357. marc has joined

  358. marc has left

  359. marc has joined

  360. marc has left

  361. marc has joined

  362. marc has left

  363. marc has joined

  364. marc has left

  365. BASSGOD has left

  366. marc has joined

  367. marc has left

  368. marc has joined

  369. marc has left

  370. marc has joined

  371. marc has left

  372. marc has joined

  373. marc has left

  374. marc has joined

  375. marc has left

  376. marc has joined

  377. BASSGOD has joined

  378. marc has left

  379. arc has left

  380. arc has joined

  381. marc has joined

  382. marc has left

  383. marc has joined

  384. marc has left

  385. marc has joined

  386. marc has left

  387. marc has joined

  388. marc has left

  389. marc has joined

  390. meetpal_sangra has joined

  391. marc has left

  392. marc has joined

  393. marc has left

  394. marc has joined

  395. marc has left

  396. marc has joined

  397. marc has left

  398. marc has joined

  399. marc has left

  400. adiaholic has left

  401. marc has joined

  402. marc has left

  403. marc has joined

  404. arc has left

  405. arc has joined

  406. marc has left

  407. marc has joined

  408. marc has left

  409. marc has joined

  410. marc has left

  411. adiaholic has joined

  412. marc has joined

  413. marc has left

  414. marc has joined

  415. marc has left

  416. arc has left

  417. arc has joined

  418. marc has joined

  419. Kev has left

  420. Kev has joined

  421. marc has left

  422. marc has joined

  423. marc has left

  424. marc has joined

  425. marc has left

  426. qrpnxz has left

  427. marc has joined

  428. marc has left

  429. marc has joined

  430. marc has left

  431. marc has joined

  432. marc has left

  433. marc has joined

  434. marc has left

  435. marc has joined

  436. marc has left

  437. Yagiza has joined

  438. marc has joined

  439. marc has left

  440. marc has joined

  441. marc has left

  442. marc has joined

  443. marc has left

  444. marc has joined

  445. marc has left

  446. marc has joined

  447. marc has left

  448. marc has joined

  449. marc has left

  450. marc has joined

  451. marc has left

  452. marc has joined

  453. marc has left

  454. marc has joined

  455. marc has left

  456. marc has joined

  457. marc has left

  458. marc has joined

  459. marc has left

  460. marc has joined

  461. marc has left

  462. marc has joined

  463. marc has left

  464. marc has joined

  465. marc has left

  466. marc has joined

  467. marc has left

  468. marc has joined

  469. marc has left

  470. marc has joined

  471. marc has left

  472. marc has joined

  473. marc has left

  474. marc has joined

  475. marc has left

  476. marc has joined

  477. Seve has joined

  478. marc has left

  479. marc has joined

  480. marc has left

  481. marc has joined

  482. marc has left

  483. marc has joined

  484. marc has left

  485. marc has joined

  486. marc has left

  487. marc has joined

  488. marc has left

  489. marc has joined

  490. marc has left

  491. marc has joined

  492. marc has left

  493. marc has joined

  494. marc has left

  495. marc has joined

  496. marc has left

  497. marc has joined

  498. marc has left

  499. marc has joined

  500. marc has left

  501. marc has joined

  502. marc has left

  503. marc has joined

  504. marc has left

  505. marc has joined

  506. marc has left

  507. marc has joined

  508. marc has left

  509. marc has joined

  510. marc has left

  511. marc has joined

  512. marc has left

  513. marc has joined

  514. marc has left

  515. marc has joined

  516. marc has left

  517. marc has joined

  518. winfried has left

  519. marc has left

  520. marc has joined

  521. winfried has joined

  522. winfried has left

  523. winfried has joined

  524. marc has left

  525. adiaholic has left

  526. marc has joined

  527. lorddavidiii has joined

  528. marc has left

  529. marc has joined

  530. Andrzej has joined

  531. marc has left

  532. marc has joined

  533. marc has left

  534. marc has joined

  535. marc has left

  536. marc has joined

  537. marc has left

  538. marc has joined

  539. marc has left

  540. marc has joined

  541. marc has left

  542. marc has joined

  543. marc has left

  544. marc has joined

  545. marc has left

  546. marc has joined

  547. marc has left

  548. marc has joined

  549. marc has left

  550. marc has joined

  551. marc has left

  552. marc has joined

  553. marc has left

  554. marc has joined

  555. andy has joined

  556. marc has left

  557. marc has joined

  558. marc has left

  559. marc has joined

  560. marc has left

  561. marc has joined

  562. marc has left

  563. marc has joined

  564. marc has left

  565. marc has joined

  566. marc has left

  567. menel has joined

  568. moparisthebest has left

  569. Andrzej has left

  570. marc has joined

  571. marc has left

  572. marc0s has left

  573. marc0s has joined

  574. marc has joined

  575. marc has left

  576. arcxi has left

  577. marc has joined

  578. marc has left

  579. marc has joined

  580. marc has left

  581. marc has joined

  582. marc has left

  583. adiaholic has joined

  584. marc has joined

  585. marc has left

  586. marc has joined

  587. marc has left

  588. mimi89999 has left

  589. mimi89999 has joined

  590. marc has joined

  591. marc has left

  592. adiaholic has left

  593. chronosx88 has left

  594. chronosx88 has joined

  595. adiaholic has joined

  596. marc has joined

  597. marc has left

  598. alacer has left

  599. alacer has joined

  600. marc has joined

  601. marc has left

  602. marc has joined

  603. Adi has left

  604. marc has left

  605. Kev has left

  606. Kev has joined

  607. Adi has joined

  608. marc has joined

  609. marc has left

  610. marc has joined

  611. marc has left

  612. marc has joined

  613. marc has left

  614. marc has joined

  615. marc has left

  616. marc has joined

  617. marc has left

  618. marc has joined

  619. marc has left

  620. marc has joined

  621. byan has joined

  622. marc has left

  623. marc has joined

  624. marc has left

  625. arc has left

  626. arc has joined

  627. marc has joined

  628. marc has left

  629. paul has joined

  630. marc has joined

  631. marc has left

  632. marc has joined

  633. arc has left

  634. arc has joined

  635. marc has left

  636. marc has joined

  637. marc has left

  638. marc has joined

  639. marc has left

  640. marc has joined

  641. marc has left

  642. marc has joined

  643. marc has left

  644. marc has joined

  645. marc has left

  646. marc has joined

  647. marc has left

  648. marc has joined

  649. marc has left

  650. marc has joined

  651. marc has left

  652. alexbay218 has left

  653. marc has joined

  654. lskdjf has joined

  655. marc has left

  656. marc has joined

  657. marc has left

  658. marc has joined

  659. marc has left

  660. marc has joined

  661. byan has left

  662. Kev has left

  663. marc has left

  664. Kev has joined

  665. marc has joined

  666. marc has left

  667. marc has joined

  668. marc has left

  669. marc has joined

  670. marc has left

  671. marc has joined

  672. marc has left

  673. marc has joined

  674. marc has left

  675. marc has joined

  676. marc has left

  677. marc has joined

  678. marc has left

  679. marc has joined

  680. marc has left

  681. marc has joined

  682. marc has left

  683. marc has joined

  684. marc has left

  685. marc has joined

  686. marc has left

  687. marc has joined

  688. deuill has joined

  689. marc has left

  690. marc has joined

  691. marc has left

  692. marc has joined

  693. marc has left

  694. marc has joined

  695. marc has left

  696. wendy has left

  697. marc has joined

  698. marc has left

  699. marc has joined

  700. marc has left

  701. marc has joined

  702. marc has left

  703. marc has joined

  704. marc has left

  705. marc has joined

  706. marc has left

  707. marc has joined

  708. marc has left

  709. marc has joined

  710. wurstsalat has joined

  711. marc has left

  712. marc has joined

  713. marc has left

  714. marc has joined

  715. marc has left

  716. marc has joined

  717. marc has left

  718. marc has joined

  719. marc has left

  720. marc has joined

  721. ti_gj06 has joined

  722. marc has left

  723. marc has joined

  724. marc has left

  725. marc has joined

  726. marc has left

  727. marc has joined

  728. marc has left

  729. marc has joined

  730. marc has left

  731. marc has joined

  732. marc has left

  733. marc has joined

  734. Kev has left

  735. Kev has joined

  736. marc has left

  737. marc has joined

  738. marc has left

  739. marc0s has left

  740. marc0s has joined

  741. nyco has joined

  742. adiaholic has left

  743. adiaholic has joined

  744. qrpnxz has joined

  745. nyco has left

  746. adiaholic has left

  747. marc has joined

  748. marc has left

  749. marc has joined

  750. marc has left

  751. adiaholic has joined

  752. marc has joined

  753. marc has left

  754. marc has joined

  755. marc has left

  756. marc has joined

  757. marc has left

  758. marc has joined

  759. marc has left

  760. marc has joined

  761. marc has left

  762. marc has joined

  763. marc has left

  764. marc has joined

  765. marc has left

  766. marc has joined

  767. marc has left

  768. menel has left

  769. marc has joined

  770. marc has left

  771. adiaholic has left

  772. marc has joined

  773. marc has left

  774. marc has joined

  775. menel has joined

  776. adiaholic has joined

  777. marc has left

  778. mathijs has left

  779. marc has joined

  780. marc has left

  781. marc has joined

  782. marc has left

  783. arc has left

  784. arc has joined

  785. arc has left

  786. arc has joined

  787. marc has joined

  788. marc has left

  789. marc has joined

  790. marc has left

  791. marc has joined

  792. marc has left

  793. marc has joined

  794. marc has left

  795. marc has joined

  796. marc has left

  797. marc has joined

  798. marc has left

  799. marc has joined

  800. marc has left

  801. marc has joined

  802. winfried has left

  803. winfried has joined

  804. marc has left

  805. marc has joined

  806. nyco has joined

  807. marc has left

  808. marc has joined

  809. marc has left

  810. marc has joined

  811. marc has left

  812. marc has joined

  813. marc has left

  814. marc has joined

  815. marc has left

  816. marc has joined

  817. emus has joined

  818. marc has left

  819. marc has joined

  820. LNJ has joined

  821. Andrzej has joined

  822. chronosx88 has left

  823. marc has left

  824. chronosx88 has joined

  825. marc has joined

  826. marc has left

  827. marc has joined

  828. marc has left

  829. marc has joined

  830. marc has left

  831. marc has joined

  832. marc has left

  833. marc has joined

  834. marc has left

  835. marc has joined

  836. marc has left

  837. marc has joined

  838. marc has left

  839. marc has joined

  840. marc has left

  841. marc has joined

  842. marc has left

  843. marc has joined

  844. marc has left

  845. marc has joined

  846. marc has left

  847. chronosx88 has left

  848. chronosx88 has joined

  849. marc has joined

  850. marc has left

  851. marc has joined

  852. menel has left

  853. marc has left

  854. marc has joined

  855. adiaholic has left

  856. marc has left

  857. adiaholic has joined

  858. chronosx88 has left

  859. chronosx88 has joined

  860. marc has joined

  861. marc has left

  862. croax has joined

  863. marc has joined

  864. marc has left

  865. marc has joined

  866. marc has left

  867. goffi has joined

  868. marc has joined

  869. marc has left

  870. adiaholic has left

  871. menel has joined

  872. marc has joined

  873. marc has left

  874. menel has left

  875. adiaholic has joined

  876. menel has joined

  877. marc has joined

  878. marc has left

  879. marc has joined

  880. marc has left

  881. marc has joined

  882. marc has left

  883. marc has joined

  884. marc has left

  885. marc has joined

  886. marc has left

  887. marc has joined

  888. marc has left

  889. Tobias has joined

  890. marc has joined

  891. debacle has joined

  892. marc has left

  893. marc has joined

  894. menel has left

  895. marc has left

  896. menel has joined

  897. marc has joined

  898. marc has left

  899. marc has joined

  900. marc has left

  901. karoshi has joined

  902. marc has joined

  903. marc has left

  904. marc has joined

  905. marc has left

  906. marc has joined

  907. adiaholic has left

  908. marc has left

  909. marc has joined

  910. marc has left

  911. mukt2 has joined

  912. marc has joined

  913. marc has left

  914. marc has joined

  915. marc0s has left

  916. marc0s has joined

  917. marc has left

  918. marc has joined

  919. Andrzej has left

  920. adiaholic has joined

  921. marc has left

  922. jcbrand has joined

  923. marc has joined

  924. marc0s has left

  925. marc0s has joined

  926. marc has left

  927. marc has joined

  928. marc has left

  929. marc has joined

  930. marc has left

  931. marc has joined

  932. marc has left

  933. marc has joined

  934. marc has left

  935. marc has joined

  936. marc has left

  937. marc has joined

  938. marc has left

  939. marc has joined

  940. marc has left

  941. marc has joined

  942. marc has left

  943. marc has joined

  944. marc has left

  945. marc has joined

  946. marc has left

  947. marc has joined

  948. marc has left

  949. marc has joined

  950. xecks has joined

  951. qrpnxz

    TLS and SASL support is required, and SASL EXTERNAL is also required for servers. So there's just about zero reason to do dialback afaict

  952. meetpal_sangra has left

  953. mathijs has joined

  954. Sam has left

  955. floretta has left

  956. Sam has joined

  957. marc0s has left

  958. marc0s has joined

  959. Zash

    There's some servers that run with self-signed certs, some with expired certs...

  960. chronosx88 has left

  961. chronosx88 has joined

  962. bean has joined

  963. mukt2 has left

  964. marc0s has left

  965. marc0s has joined

  966. marc0s has left

  967. marc0s has joined

  968. qrpnxz

    cron to the rescue

  969. MattJ

    I would strongly urge anyone implementing s2s today to just not implement dialback

  970. marc has left

  971. BASSGOD has left

  972. marc has joined

  973. mdosch

    > There's some servers that run with self-signed certs, some with expired certs... Expired certs are probably just caused by mistakes, but why would you use self signed certs nowadays?

  974. stp has joined

  975. qrpnxz

    In case the domain is irrelevant.

  976. qrpnxz

    and you don't need hierarchy

  977. marc has left

  978. adiaholic has left

  979. marc has joined

  980. adiaholic has joined

  981. mdosch

    What do you mean by irrelevant?

  982. marc has left

  983. marc has joined

  984. qrpnxz

    not applicable or pertinent

  985. mdosch

    If you want to do s2s with others I think it's relevant.

  986. marc has left

  987. qrpnxz

    yes for s2s it's very relevant

  988. marc has joined

  989. qrpnxz

    thought you were asking in general

  990. qrpnxz

    for things using tls

  991. marc has left

  992. mdosch

    It was about s2s afaiu.

  993. marc has joined

  994. marc has left

  995. marc has joined

  996. marc has left

  997. marc has joined

  998. marc has left

  999. marc has joined

  1000. marc has left

  1001. marc has joined

  1002. marc has left

  1003. marc has joined

  1004. marc has left

  1005. marc has joined

  1006. marc has left

  1007. babacb has left

  1008. babacb has joined

  1009. menel has left

  1010. menel has joined

  1011. marc has joined

  1012. marc has left

  1013. wendy has joined

  1014. Kev

    Dialback’s pretty convenient for testing, mind.

  1015. qrpnxz

    for testing what

  1016. Kev

    For quickly running up a bunch of servers without having to generate a root, trust it in all the configs, issue certs etc.

  1017. Kev

    For testing the server.

  1018. qrpnxz

    sounds like you can also just whitelist these

  1019. marc has joined

  1020. Zash

    I found it easier to get certs for my testing servers.

  1021. marc has left

  1022. marc has joined

  1023. marc has left

  1024. flow

    plus, at some point you may want to test the code involving certs anyway :)

  1025. Kev

    You *can* do it by generating a CA, committing configs with that trusted and issued certs in etc., but...

  1026. Kev

    flow: Are you genuinely going to suggest that we don’t test our EXTERNAL paths?

  1027. flow


  1028. menel has left

  1029. flow

    anyhow, all that talk about dialback being so complex actually makes me want to implement it

  1030. flow

    of course, I first would need to implement an XMPP server

  1031. flow

    not sure if I am up to that challenge, I like my life as client library dev very much

  1032. Kev

    But tests involving TLS are desperately slow, so being able to test with dialback is quite desirable (or you can use null cyphers in TLS or something, but we compile with those disabled).

  1033. marc has joined

  1034. marc has left

  1035. qrpnxz

    i want to implement a server and client rn. So far I've not been discouraged. XMPP is rather straightforward for the most part.

  1036. marc has joined

  1037. flow


  1038. qrpnxz

    right now

  1039. Kev

    So our S2S tests don’t do TLS except those that test TLS.

  1040. marc has left

  1041. adiaholic has left

  1042. Kev

    (Well, our in-process tests. Our integration test suite uses TLS)

  1043. flow

    qrpnxz, implementing client *and* server is a huge task, fwiw

  1044. qrpnxz

    i'm starting with server

  1045. flow

    I was suggesting to start with the client side of things

  1046. menel has joined

  1047. flow

    I was about to suggest to start with the client side of things

  1048. flow

    but go for it, you can only learn from it

  1049. qrpnxz

    so XMPP: Core AND XMPP: IM AND i have to learn GUI? no way lol

  1050. qrpnxz

    how about just XMPP: Core server and done

  1051. flow

    sure, that's the nice thing about XMPP, you can implement a very basic server

  1052. marc has joined

  1053. marc has left

  1054. marc has joined

  1055. qrpnxz

    Clients not even required really. You can just make the server if you don't plan on having other users LOL

  1056. qrpnxz

    Client's not even required really. You can just make the server if you don't plan on having other users LOL

  1057. qrpnxz

    hmm, i don't see a way to make TLS optional without having a dummy feature...

  1058. adiaholic has joined

  1059. Kev

    In what sense?

  1060. Kev

    You just don’t mark it as required.

  1061. Kev

    Or if you mean optional to have configured, rather than optional to negotiate, you don’t advertise when it’s not configured.

  1062. arcxi has joined

  1063. MattJ

    Basic messaging between clients in Prosody was working in just a few days. It's everything after that that's the difficult part :)

  1064. qrpnxz

    > You just don’t mark it as required. Kev: Core says that if it's by itself then it's mandatory by default

  1065. dwd

    flow, I've implemented dialback from scratch once, and fixed it at least twice. Don't recommend... it's simple enough to start with, then gets horrendously complex as you add in TLS, BiDi, etc.

  1066. MattJ

    I also think I discovered a bug in the XEP the other day

  1067. MattJ

    But I haven't reported it because I can't even be sure it's a bug in the XEP, or my understanding of it

  1068. qrpnxz

    dwd, basically anything that touches DNS makes me sad

  1069. dwd

    qrpnxz, Yes, you have to implement, and negotiate, TLS to be standards compliant. But you can deliberately choose not to.

  1070. dwd

    qrpnxz, Actually DNS is the easy bit. Unless you're talking DNSSEC, which then becomes complicated again.

  1071. qrpnxz

    MattJ, i'm writing something about a problem in XEP-0288 as well, but first i'm making sure it's actually a problem and/or proposing solution ;)

  1072. qrpnxz

    dwd, i see, ew

  1073. dwd

    qrpnxz, Especially when deriving candidate subject names.

  1074. dwd

    qrpnxz, And most interested in fixes for XEP-0288, of course.

  1075. qrpnxz

    > implement, and negotiate, TLS to be standards compliant serveral places in the standard hint at situation in which you get to, for example SASL, and tls is not negotiated yet. And indeed if you you have both tls feature and something else, tls is optional.

  1076. adiaholic has left

  1077. qrpnxz

    but i don't see a way to only have tls feature, and have it be optional, yet you have to show tls feature, so... a pickle

  1078. qrpnxz

    well, i do see a way: a dummy feature. But kind of ugly

  1079. MattJ

    If you don't have any other features how is it optional?

  1080. MattJ

    The stream wouldn't be able to proceed

  1081. dwd

    qrpnxz, You just don't advertise TLS, and do advertise SASL.

  1082. qrpnxz

    i just specifically said that if it's the only one std says that it's mandatory by default so idk where you are getting i said that

  1083. qrpnxz

    not advertising tls is not the same as optional tls, also you cannot NOT advertise tls

  1084. qrpnxz

    you must advertize tls if you support it, which you must support because of the std as well

  1085. MattJ

    You're saying you want a scenario where you advertise only TLS, but you want it to be optional

  1086. dwd

    qrpnxz, You really can. You're no longer standards compliant, because we think you should do TLS. But if you have a compelling reason not to be standards compliant, then go for it.

  1087. qrpnxz

    mattj, it's not necessary that i want such a scenario, but that it's kind of ugly the way you have to do it (dummy feature)

  1088. dwd

    qrpnxz, I don't get where you're coming from with this "dummy feature".

  1089. Kev

    It’s not a dummy feature.

  1090. qrpnxz

    if i have tls feature, and another feature that is not tls, and tls does not have <require/>, then tls is optional

  1091. Kev

    It’s an alternative mechanism.

  1092. qrpnxz

    hence if i wanted to make tls optional, and i didn't have a legitimate feature to advertize alongside tls, then i'd have to create a dummy feature that doesn't exist to put along with tls, and then not mask tls as <require/>

  1093. dwd

    qrpnxz, If a server doesn't advertise TLS at all - and structurally, it need not - then a compliant client might refuse to continue. But a client that *also* doesn't mandate TLS (which is most of them with non-default configuration) will happily continue without. If you have an alternate stream encryption (or similar), then a client which understands that might negotiate it in preference to TLS.

  1094. wladmis has left

  1095. wladmis has joined

  1096. qrpnxz

    A server that doesn't advertize tls is not compliant, to start. A client that does mandate tls simply doesn't use the feature *if it's voluntary-to-negotiate*.

  1097. qrpnxz

    A server that doesn't advertize tls is not compliant, to start. A client that doesn't mandate tls simply doesn't use the feature *if it's voluntary-to-negotiate*.

  1098. adiaholic has joined

  1099. dwd

    qrpnxz, Have you noted the last bit of https://datatracker.ietf.org/doc/html/rfc6120#section-5.4.1

  1100. dwd

    qrpnxz, So if the server doesn't consider TLS to be mandatory but does support it, just don't include <required/> in the stream feature.

  1101. qrpnxz

    right, that adds to the brainfuck. That means that there should never be the case that TLS is the only feature and it doesn't have <require/>

  1102. dwd

    qrpnxz, I don't understand why this is confusing. And yes, you're right (though <required/> would be redudant in that case).

  1103. andrey.g has joined

  1104. qrpnxz

    it's redundant, but it's required. They should have just writ it so that without required it's optional to be consistent

  1105. dwd

    qrpnxz, Well, sure, and it is. But if the only thing the stream is offering is to negotiate TLS, and you choose not to, then you can't do anything else.

  1106. qrpnxz

    it's not optional in that case.

  1107. Sam has left

  1108. dwd

    qrpnxz, What difference does it make?

  1109. adiaholic has left

  1110. flow

    MattJ> But I haven't reported it because I can't even be sure it's a bug in the XEP, or my understanding of it

  1111. flow

    standards@ it maybe?

  1112. dwd

    qrpnxz, I mean, sure, if TLS is the only thing offered, it follows that it *is* mandatory to negotiate, and therefore the server MUST include <required/>. But in practice, what cases fail to interoperate if it's not included?

  1113. Kev

    required only really matters so you know why you can’t continue, rather than aiding interop.

  1114. qrpnxz

    none, yet the server is not compliant ;) And if you want to make it optional you have to add a dummy. Not a helpful special case.

  1115. Zash

    I don't understand where you got 'dummy' from?

  1116. qrpnxz

    do you know what a dummy is

  1117. Zash


  1118. Kev

    Because no-one who wants to do tls is going to decide they’re not going to do it because it’s not marked as required. And similarly if it’s required you’re not going to be able to continue without it. It’s just useful for debug when things don’t work.

  1119. Zash

    Maybe the missing piece is that if you are only offered TLS, the only way to not do TLS would be to do Dialback, which is advertised differently because hysterical raisins.

  1120. qrpnxz

    perhaps you missed my message where i explain i copy here: ``` hence if i wanted to make tls optional, and i didn't have a legitimate feature to advertize alongside tls, then i'd have to create a dummy feature that doesn't exist to put along with tls, and then not mark tls as <require/> ```

  1121. dwd

    qrpnxz, Why do you think you need this dummy feature?

  1122. qrpnxz

    you need it to mark tls as optional if tls is the only legitimate feature

  1123. dwd

    qrpnxz, Why do you think that?

  1124. qrpnxz

    because that's what the standard says. If it's on it's own, it's required. Period. So if it's gonna be optional, there needs to be another feature.

  1125. dwd

    qrpnxz, Ah, I see. So you want a client to go straight to SASL?

  1126. Zash

    But how would you SASL without TLS?

  1127. dwd

    qrpnxz, If so... advertise SASL.

  1128. Zash

    And that's where in practice you'd do Dialback.

  1129. qrpnxz

    Not personally, but i'm just saying that's what you'd have to do. You can't advertize SASL before TLS, and you have to advertise TLS

  1130. dwd

    qrpnxz, And why do you think you can't advertise SASL alongside TLS?

  1131. flow

    Why can't I advertize SASL before TLS?

  1132. menel has left

  1133. qrpnxz

    standard says so

  1134. flow

    ref or it didn't say so ;)

  1135. qrpnxz

    i will look :)

  1136. Daniel has left

  1137. menel has joined

  1138. flow

    we should take notes how different people interpret the standard text and see if we can clarify this in a future revision of the text

  1139. qrpnxz

    you are right you can do them at the same time, thought if you didn't do SASL either then you'd need a dummy again

  1140. dwd

    qrpnxz, So you want to not do SASL *or* Dialback *or* TLS? What is it that you *do* want to do?

  1141. qrpnxz

    you are right you can do them at the same time, though if you didn't do SASL either then you'd need a dummy again

  1142. dwd

    qrpnxz, And shouldn't you advertise *that*?

  1143. qrpnxz

    I don't want to do anything like I said. Just commenting on the standard.

  1144. menel has left

  1145. Zash

    And then?

  1146. Daniel has joined

  1147. qrpnxz

    one min

  1148. menel has joined

  1149. qrpnxz

    and nothing

  1150. Zash

    I'm lost.

  1151. qrpnxz

    how can i help

  1152. dwd

    qrpnxz, So you're saying that a thing you don't want to do can't be done? And this annoys you because?

  1153. Sam has joined

  1154. qrpnxz

    no, it can be done. Just you have to use a dummy maybe.

  1155. qrpnxz

    the annoying part is that there's an unnecessary special case of tls being required if it's the only thing.

  1156. adiaholic has joined

  1157. qrpnxz

    whereas it could just be required if you put <required/>, which you must do if you consider it required anyway

  1158. flow

    I think you maybe reading to much into "TLS required" in the standards text

  1159. flow

    it basically says that an implementation can only claim standards compliance if it implements TLS

  1160. flow

    not that you have to jump through loops in the protocol, not offering TLS is perfectly fine from a protocol perspective

  1161. qrpnxz

    it says a lot of things

  1162. dwd

    qrpnxz, OK. So you want the client to negotiate something which is unadvertised?

  1163. qrpnxz


  1164. dwd

    qrpnxz, So what do you want the client to do?

  1165. qrpnxz

    > not offering TLS is perfectly fine from a protocol perspective no, std requires you offer tls

  1166. qrpnxz

    i don't want the client to do anything dwd

  1167. dwd

    qrpnxz, Then what on earth is the problem?

  1168. qrpnxz

    i've already said to you multiple times idk what you want from me

  1169. dwd

    qrpnxz, Give me an example of the thing you don't want to do but think is impossible.

  1170. qrpnxz

    i already told you multiple times there is no impossible thing

  1171. dwd

    qrpnxz, So why do you thinka dummy feature is needed?

  1172. flow

    maybe slow down a bit and see if we can steer this into a productive and helpful direction

  1173. qrpnxz

    i will tell you one more time: because if it's by itself and it doesn't say required it is still required, if you want to make it not required and there's no other legitimate feature, you must have a dummy feature

  1174. dwd

    qrpnxz, OK. And what would the client do at this point?

  1175. qrpnxz

    if it were optional? idk, w/e the client wanna do, or negotiate a mandatory feature.

  1176. flow

    that would be SASL or dialback at this point, right?

  1177. qrpnxz

    sure, if that were a feature

  1178. flow

    so why not, instead of a dummy feature, announce SASL and/or dialback?

  1179. adiaholic has left

  1180. dwd

    qrpnxz, OK, so there'd be another, non-dummy, feature for it to negotiate then. Where does the dummy feature come in?

  1181. qrpnxz

    yes we already established this is also an option. That's why i said "if there's no other legitimate feature"

  1182. qrpnxz

    yes we already established this is also an option. That's why i said *"if there's no other legitimate feature"*

  1183. flow

    ok, we are going circles :)

  1184. qrpnxz

    If there is another feature, then TLS feature comes back to the world of mortals and behaves normally. Only if it would otherwise be the only feature, do you need a dummy to make it optional.

  1185. qrpnxz

    If there is another feature, then TLS feature comes back to the world of mortals and behaves normally. Only if it would otherwise be the only feature, then you need a dummy to make it optional.

  1186. dwd

    Why would it be the only feature?

  1187. dwd

    Because if you want the client to do "something else", then the server needs to advertise the feature is available at that point.

  1188. qrpnxz

    it's almost always the only feature. I don't know all the XEPs though.

  1189. Andrzej has joined

  1190. floretta has joined

  1191. qrpnxz

    the dummy is not for when you want to do something else, it's for when you want to do nothing.

  1192. MattJ

    If you want to do nothing the stream can't proceed, that's the point

  1193. qrpnxz

    it can if it's optional

  1194. MattJ

    It can't, there's nothing else to do

  1195. qrpnxz

    there is, if they are optional it's stanza time

  1196. dwd

    MattJ, Maybe it's the equivalent of just holding hands.

  1197. MattJ

    It's not stanza time until it's authenticated, which requires SASL

  1198. MattJ

    (let's put dialback aside...)

  1199. qrpnxz

    sasl is not required afaict

  1200. MattJ

    You can't send stanzas without authentication

  1201. qrpnxz

    but if it is then you put sasl next to tls, which like i said, is ofc not a situation in which you need the dummy

  1202. dwd

    qrpnxz, RFC 6120 says SASL is both required and mandatory-to-negotiate.

  1203. qrpnxz

    required to support, and mandatory-to-negotiate when advertized

  1204. Zash

    It is a bit awkward that there's no explicit "you're done, feel free to send stanzas now"

  1205. menel has left

  1206. Zash

    Also awkward that an empty `<stream:features/>` means exactly that...

  1207. dwd

    Zash, Well, for C2S you could advertise <bind/>.

  1208. qrpnxz

    if all features are optional and there's nothing you want to negotiate, you just go ahead. I think it's for the best. Saves a message

  1209. Zash

    dwd, thought we were mostly discussing s2s

  1210. Zash

    but yeah

  1211. dwd

    But there *is* XEP-0361 for the oddball cases where you need that.

  1212. qrpnxz


  1213. qrpnxz

    it's def expensive to start xmpp conn with all those stream restarts and feature lists

  1214. menel has joined

  1215. qrpnxz

    for contrained environments. Desktops no problem ofc

  1216. flow

    that negotiation ping-pong is also old-fashioned when it comes to protocol design. these days you want to just send all the stuff you want to do in a single step, e.g. bind2

  1217. flow

    but I guess the negotation ping-pong is less of an issue in s2s

  1218. Kev

    Depends on the environment. But yes, generally.

  1219. ti_gj06 has left

  1220. adiaholic has joined

  1221. qrpnxz

    On a related note, I may have found a problem in XEP-0288. XMPP: Core states: ``` A <features/> element that contains both mandatory-to-negotiate and voluntary-to-negotiate features indicates that the negotiation is not complete but that the initiating entity MAY complete the voluntary- to-negotiate feature(s) before it attempts to negotiate the mandatory-to-negotiate feature(s). ``` However, XEP-0288 states: ``` If a server supports bidirectional server-to-server streams, it should inform the connecting entity when returning stream features during the stream negotiation process (both before and after TLS negotiation). [...] If the initiating entity chooses to use TLS, STARTTLS negotiation MUST be completed before enabling bidirectionality. ``` Now consider I serve the following: ``` <stream:features> <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'> <required/> </starttls> <bidi xmlns='urn:xmpp:features:bidi'/> </stream:features> ``` Core says that I MAY negotiate bidi first, but 0288 says that I MUST do STARTTLS first. 0288 should allow you to enable bidi before TLS to defuse this situation. I can't think of why that should be disallowed.

  1222. Kev

    Central to a lot of how XEPs work is that any behaviour can be overriden by negotiation.

  1223. Kev

    Central to a lot of how XEPs work is that any behaviour can be overridden by negotiation.

  1224. Kev

    So if core says something and 288 says “But when doing 288 you should do this instead”, that is fine.

  1225. Kev

    E.g. core says “There’s just <message/> <presence/> and <iq/>” and 198 says “but if you’re doing 198 there’s <a/> and <r/> too”, and that’s fine.

  1226. dwd

    What Kev says, but also bidi is predicated on mutual authentication, so it'd be a bit weird to negotiate that before you decide if the other side is who it says it is.

  1227. qrpnxz

    I see yeah cool np

  1228. dwd

    But maybe weird is OK.

  1229. qrpnxz

    i don't see how bidi is predicated on authentication, it just means says "dont' bother with another conn"

  1230. qrpnxz

    in fact, it's perfectly ok to do bidi but not TLS in the XEP

  1231. dwd

    Sending stanzas in general is predicated on mutual authentication. Even XEP-0361 uses out of band authentication.

  1232. neshtaxmpp has left

  1233. Kev

    And if you do TLS, pre-TLS state is tainted.

  1234. Kev

    So you couldn’t negotiate bidi before doing TLS and continue using it afterwards.

  1235. dwd

    Kev, That's a good point.

  1236. qrpnxz

    i don't see such predicate in 0361, it merely recommends it

  1237. Kev

    361 definitely only works bilaterally :)

  1238. qrpnxz

    oh i think ik what you are talking about kev, gonna look up the quote in the std

  1239. Andrzej has left

  1240. adiaholic has left

  1241. qrpnxz

    here: ``` The initiating entity MUST discard any information transmitted in layers above TCP that it obtained from the receiving entity in an insecure manner before TLS took effect (e.g., the receiving entity's 'from' address or the stream ID and stream features received from the receiving entity). ```

  1242. qrpnxz

    bidi would be such an information

  1243. qrpnxz

    therefore if you do bidi first, no more tls

  1244. Zash

    You'd get another set of stream features after TLS and the stream restart

  1245. qrpnxz

    and contraversly, if you do tls, it must be first

  1246. qrpnxz


  1247. qrpnxz

    *contrapositively lol

  1248. adiaholic has joined

  1249. dwd

    However, you may have a point - it's useful for the receiving entity to know if bidi is intended as early as possible, ebcause otherwise it'll start to open connections. (Or might do; Metre certainly will).

  1250. Zash

    I think in Prosody bidi is not even advertised until after TLS and certificates have been verified and such

  1251. qrpnxz

    0288 doesn't require it do advertise before tls, only recommends it

  1252. Kev

    dwd: But if you’re making such decisions, they have to be reversible, right?

  1253. Kev

    Because the bidi before TLS is tainted.

  1254. dwd

    Kev, Yes, but you could at least hold off on opening return sessions.

  1255. Kev

    Although I’m not sure what decision you’d make based on an *outbound* session having bidi advertised.

  1256. qrpnxz

    but you really gotta do it before sasl, because after sasl it's assumed you aren't gonna send anything else on that conn

  1257. Kev

    As on an outgoing session it’s the other end that can elide the second stream because of bidi, not you.

  1258. Zash

    What's all this about opening return sessions early?

  1259. Zash

    That sounds like a Dialback thing

  1260. qrpnxz

    uhh, not sure

  1261. dwd

    Zash, It's a non-bidi-thing.

  1262. Zash

    Hm, without dialback, something to verify that bidirectional connectivity is possible would be good...

  1263. qrpnxz

    that's what XEP-0288 does

  1264. Zash

    One-way s2s is a bit annoying when it happens

  1265. dwd

    Kev, Yes. So, you're a server. You get an inbound session claiming to be from example.org. You're advertising bidi. Until the inbound session has negotiated bidi, then you can save some time by initiating an outbound session to example,org. This is safe (in terms of auth, etc) even if the inbound session cannot authenticate.

  1266. Zash

    XEP-0288 isn't all that widely deployed

  1267. dwd

    Kev, But, if the inbound session then negotiates bidi, it was a waste of effort.

  1268. qrpnxz

    no way i personally waste time on outbound connection before auth, and bidi has to happen before auth, so problem solved for me lol

  1269. adiaholic has left

  1270. Kev

    dwd: Yes, but I don’t know what advertising bidi does here. Because it’s you that’s advertising it on the inbound session, so you don’t know if the other end is going to use it later to determine whether to open the return session or not.

  1271. andrey.g has left

  1272. dwd

    Kev, Right, because we don't negotiate until later. If, as qrpnxz says, we negotiate early, then this changes.

  1273. dwd

    Kev, Even if we'd *later* have to renegotiate...

  1274. dwd

    qrpnxz, It's very rarely a waste of time, and often makes things significantly faster to get to stanza exchange.

  1275. qrpnxz

    if you advertise bidi with tls, you can do bidi and no tls (unless TLS is required, then you must do TLS first). If you advertise bidi with SASL, then you can enable bidi, and after SASL you will have a bidi connection. Or if you don't enable it and then do SASL, then it's one way

  1276. qrpnxz

    dwd, yeah it's a tradeoff of waste of resources on non-auth and time save for successful auth. I choose not letting people waste my time without auth every time tho

  1277. stp has left

  1278. adiaholic has joined

  1279. eevvoor has left

  1280. adiaholic has left

  1281. adiaholic has joined

  1282. adiaholic has left

  1283. menel has left

  1284. adiaholic has joined

  1285. menel has joined

  1286. eevvoor has joined

  1287. chronosx88 has left

  1288. chronosx88 has joined

  1289. marc0s has left

  1290. marc0s has joined

  1291. marc0s has left

  1292. marc0s has joined

  1293. adiaholic has left

  1294. adiaholic has joined

  1295. moparisthebest has joined

  1296. Wojtek has joined

  1297. floretta has left

  1298. menel has left

  1299. wendy has left

  1300. menel has joined

  1301. moparisthebest

    .onion domains are a widely deployed reason to still support dialback I think

  1302. MattJ

    Prosody's mod_onions just accepts any *.onion certificate

  1303. qrpnxz

    onion does touch dns though, and i cant think of you you wouldmt trust that conn

  1304. qrpnxz


  1305. qrpnxz

    jesus i rly messed up that msg

  1306. qrpnxz

    h8 typing on phone

  1307. Andrzej has joined

  1308. qrpnxz

    ok on computer now. Onion addr is based on pub key crypto iirc, so if you connected to it, I think you are fine, but not sure tbh will have to look into it.

  1309. adiaholic has left

  1310. qrpnxz

    rly need to go to bed rn tho

  1311. adiaholic has joined

  1312. adiaholic has left

  1313. moparisthebest

    qrpnxz, right, but then how do you validate the connection coming *from* something claiming to be a .onion ?

  1314. adiaholic has joined

  1315. Andrzej has left

  1316. millesimus has left

  1317. millesimus has joined

  1318. moparisthebest

    MattJ, wait for incoming SASL auth too? or how do you validate incoming .onion streams ?

  1319. menel has left

  1320. Zash

    It accepts any certificate, in that it doesn't reject them. But it doesn't use certs for authentication either. Still need to do Dialback.

  1321. menel has joined

  1322. moparisthebest

    ah ok, good

  1323. moparisthebest

    I suppose the dreaded "raw IP" requires dialback too

  1324. Zash

    You can get certs for IP addresses actually...

  1325. mukt2 has joined

  1326. Zash

    Prosody can't federate with bare IPs tho, so glhf

  1327. Zash

    (depending on version and whether it's the future yet)

  1328. hamish has joined

  1329. dib has joined

  1330. alacer has left

  1331. alacer has joined

  1332. mukt2 has left

  1333. chronosx88 has left

  1334. chronosx88 has joined

  1335. larma has left

  1336. ti_gj06 has joined

  1337. adiaholic has left

  1338. adiaholic has joined

  1339. Kev has left

  1340. Kev has joined

  1341. Calvin has joined

  1342. Kev has left

  1343. Kev has joined

  1344. floretta has joined

  1345. nyco has left

  1346. nyco has joined

  1347. stp has joined

  1348. Kev

    It wasn’t then, but it is now.

  1349. Zash

    IP address SAN is newer than XMPP?

  1350. marc0s has left

  1351. marc0s has joined

  1352. dib has left

  1353. dwd

    The SAN existed, it's part of X.509v3, IIRC. But whether any CA would sign such a cert is another matter.

  1354. lskdjf has left

  1355. Zash

    Will any now?

  1356. Zash has one

  1357. dwd

    I have this vision of you deciding to work through all the IP addresses and being lucky the first one hit.

  1358. eta

    please federate with 2a0d:1a40:7553:beef:5054:ff:fe62:dd16, kthxbai

  1359. Andrzej has joined

  1360. Zash

    Next up, can haz raw public keys?

  1361. Zash

    Raw all the things

  1362. Zash

    And like ... in-addr.arpa DANE something something

  1363. dwd

    I'd never suggest "raw public keys", because the logistics are a pain, but Metre does allow preconfigured self-signed certs.

  1364. eta

    also see https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/JFwqZx7RLL0

  1365. mdosch has left

  1366. Zash

    DANE + raw public keys would be nice tho

  1367. mdosch has joined

  1368. stp has left

  1369. stp has joined

  1370. dib has joined

  1371. paul has left

  1372. Andrzej has left

  1373. mukt2 has joined

  1374. x51 has joined

  1375. wendy has joined

  1376. mukt2 has left

  1377. papatutuwawa has joined

  1378. wladmis has left

  1379. arc has left

  1380. arc has joined

  1381. wladmis has joined

  1382. arc has left

  1383. arc has joined

  1384. wladmis has left

  1385. wladmis has joined

  1386. wladmis has left

  1387. Andrzej has joined

  1388. papatutuwawa has left

  1389. hamish has left

  1390. Andrzej has left

  1391. dib has left

  1392. babacb has left

  1393. babacb has joined

  1394. wladmis has joined

  1395. Andrzej has joined

  1396. Andrzej has left

  1397. mukt2 has joined

  1398. Andrzej has joined

  1399. arc has left

  1400. arc has joined

  1401. arc has left

  1402. arc has joined

  1403. arc has left

  1404. arc has joined

  1405. wurstsalat has left

  1406. mukt2 has left

  1407. paul has joined

  1408. hamish has joined

  1409. ti_gj06 has left

  1410. adiaholic has left

  1411. wurstsalat has joined

  1412. adiaholic has joined

  1413. Chan Shen has joined

  1414. arc has left

  1415. arc has joined

  1416. Chan Shen

    is it possible to add voice chat to xmpp ??

  1417. Zash

    Yes, commonly called Jingle

  1418. Zash

    https://xmpp.org/uses/webrtc.html might be enlightening

  1419. arc has left

  1420. Zash

    or https://xmpp.org/about/technology-overview.html#jingle

  1421. Zash

    or both

  1422. arc has joined

  1423. Chan Shen

    >Yes, commonly called Jingle is it something like group chat of telegram ??

  1424. Chan Shen

    >Yes, commonly called Jingle is it something like group voice chat of telegram ??

  1425. Zash

    Never used Telegram, can't answer that.

  1426. emus has left

  1427. Chan Shen

    >Never used Telegram, can't answer that. i mean is it possible to have a voice chat (up to 100 person) with group members in xmpp ?

  1428. Zash

    Daniel, distinct lack of mention of calls on https://conversations.im/ 🙂

  1429. Zash

    Mostly 1-to-1 calls at this time, altho things like Jitsi Meet does video conferencing with some XMPP behind the scenes.

  1430. pjn has left

  1431. mathijs has left

  1432. LNJ has left

  1433. adiaholic has left

  1434. Chan Shen

    i think it is called multiparty jingle (muji). https://xmpp.org/extensions/xep-0272.html

  1435. andrey.g has joined

  1436. floretta has left

  1437. floretta has joined

  1438. stp has left

  1439. pjn has joined

  1440. APach has left

  1441. emus has joined

  1442. adiaholic has joined

  1443. ti_gj06 has joined

  1444. LNJ has joined

  1445. Freddy has left

  1446. APach has joined

  1447. Kev has left

  1448. adiaholic has left

  1449. Kev has joined

  1450. arc has left

  1451. arc has joined

  1452. arc has left

  1453. arc has joined

  1454. arc has left

  1455. arc has joined

  1456. adiaholic has joined

  1457. adiaholic has left

  1458. Daniel has left

  1459. Daniel has joined

  1460. L29Ah has left

  1461. arc has left

  1462. arc has joined

  1463. arc has left

  1464. arc has joined

  1465. arc has left

  1466. arc has joined

  1467. emus has left

  1468. emus has joined

  1469. BASSGOD has joined

  1470. pjn has left

  1471. Kev has left

  1472. Kev has joined

  1473. Kev has left

  1474. Kev has joined

  1475. Freddy has joined

  1476. Kev has left

  1477. Kev has joined

  1478. marc0s has left

  1479. marc0s has joined

  1480. L29Ah has joined

  1481. mathijs has joined

  1482. pasdesushi has joined

  1483. wladmis has left

  1484. Kev has left

  1485. Kev has joined

  1486. pasdesushi has left

  1487. Kev has left

  1488. Kev has joined

  1489. Tobias has left

  1490. Tobias has joined

  1491. Kev has left

  1492. Kev has joined

  1493. Kev has left

  1494. Kev has joined

  1495. marc has left

  1496. marc has joined

  1497. adiaholic has joined

  1498. arc has left

  1499. arc has joined

  1500. arc has left

  1501. arc has joined

  1502. pjn has joined

  1503. marc has left

  1504. marc has joined

  1505. marc has left

  1506. marc has joined

  1507. marc has left

  1508. marc has joined

  1509. marc has left

  1510. marc has joined

  1511. marc has left

  1512. marc has joined

  1513. marc has left

  1514. marc has joined

  1515. Wojtek has left

  1516. Wojtek has joined

  1517. Wojtek has left

  1518. arc has left

  1519. arc has joined

  1520. arc has left

  1521. arc has joined

  1522. arc has left

  1523. arc has joined

  1524. arc has left

  1525. arc has joined

  1526. wladmis has joined

  1527. Wojtek has joined

  1528. Wojtek has left

  1529. adiaholic has left

  1530. adiaholic has joined

  1531. jonas’

    https://github.com/xsf/xeps/pull/1059 flow, don’t you think this has privacy implications?

  1532. Chan Shen has left

  1533. Chan Shen has joined

  1534. pasdesushi has joined

  1535. adiaholic has left

  1536. mukt2 has joined

  1537. andrey.g has left

  1538. arc has left

  1539. arcxi has left

  1540. adiaholic has joined

  1541. papatutuwawa has joined

  1542. mathijs has left

  1543. mathijs has joined

  1544. papatutuwawa has left

  1545. Seve has left

  1546. Seve has joined

  1547. papatutuwawa has joined

  1548. Daniel has left

  1549. mathijs has left

  1550. adiaholic has left

  1551. wladmis has left

  1552. Daniel has joined

  1553. mukt2 has left

  1554. flow

    jonas’, well yes, I still would recommend that. that said, if someoe would write a disclaimer, then this would be fine by me

  1555. adiaholic has joined

  1556. ti_gj06 has left

  1557. stpeter has joined

  1558. stpeter has left

  1559. stp has joined

  1560. adiaholic has left

  1561. pjn has left

  1562. arcxi has joined

  1563. adiaholic has joined

  1564. stp has left

  1565. pasdesushi has left

  1566. Andrzej has left

  1567. adiaholic has left

  1568. pjn has joined

  1569. Wojtek has joined

  1570. Wojtek has left

  1571. Wojtek has joined

  1572. Wojtek has left

  1573. lorddavidiii has left

  1574. mathijs has joined

  1575. chronosx88 has left

  1576. dwd

    Chan Shen, Unfortunately the Jitsi Meet people haven't put their solution through standardisation, which is a shame. I should have a chat with Emil and co about that. But there are a number of solutions for video conferencing based on XMPP as the signalling layer, including Jitsi Meet, and also Zoom and possibly still Google Meet.

  1577. Chan Shen

    > dwd wrote: > Chan Shen, Unfortunately the Jitsi Meet people haven't put their solution through standardisation, which is a shame. I should have a chat with Emil and co about that. But there are a number of solutions for video conferencing based on XMPP as the signalling layer, including Jitsi Meet, and also Zoom and possibly still Google Meet. Jitsi is the best choice for me right now , i dont like Telegram nor Google Meet.

  1578. chronosx88 has joined

  1579. dwd

    Chan Shen, There is also Openfire Meetings and Padmé as well, on the open source front, but I don't know how well those scale.

  1580. dwd

    Chan Shen, You did stipulate voice only - most recent work has been around video, which may or may not mean some interesting large-scale voice stuff has gone unnoticed by me.

  1581. Zash

    Does anyone know any details about how Mumble works?

  1582. moparisthebest

    also https://bigbluebutton.org/ which I don't think is XMPP but at least open source and supposedly works pretty well

  1583. pasdesushi has joined

  1584. dwd

    Zash, Oh, yeah, Mumble.

  1585. jonas’

    Zash, barely

  1586. dwd

    Zash, Voice go in one end. Voice come out the other.

  1587. jonas’

    with mixing on the server

  1588. jonas’

    I think anyway

  1589. Yagiza has left

  1590. Chan Shen

    I just dont like facebook , whatsapp , telegram. I tried to invite my friends to xmpp & matrix , but they say telegram is 100% secure and its features are not implemented in other IM apps.

  1591. emus

    Hello everyone, as I just wrote an email to members@ - I would also point you from here to the work I am doing here: https://github.com/xsf/xmpp.org/issues/920 It is an overview of the XSF, its organization and resources, as a organizational chart or organigram. I am convinced this can be a really helpful tool for overview purposes, especially to newcomers or people who are interested in the XSF and XMPP. Let me know you feedback and if you think something is missing! @board, @council (just imaging I ping you guys 😛)

  1592. deuill has left

  1593. deuill has joined

  1594. dib has joined

  1595. LNJ has left

  1596. adiaholic has joined

  1597. Andrzej has joined

  1598. BASSGOD has left

  1599. deuill has left

  1600. pasdesushi has left

  1601. adiaholic has left

  1602. deuill has joined

  1603. adiaholic has joined

  1604. BASSGOD has joined

  1605. x51 has left

  1606. adiaholic has left

  1607. Andrzej has left

  1608. werdan has joined

  1609. debacle has left

  1610. debacle has joined

  1611. mukt2 has joined

  1612. pasdesushi has joined

  1613. alacer has left

  1614. alacer has joined

  1615. stp has joined

  1616. LNJ has joined

  1617. adiaholic has joined

  1618. bean has left

  1619. adiaholic has left

  1620. adiaholic has joined

  1621. bean has joined

  1622. mukt2 has left

  1623. chronosx88 has left

  1624. adiaholic has left

  1625. chronosx88 has joined

  1626. pasdesushi has left

  1627. pjn has left

  1628. pasdesushi has joined

  1629. pasdesushi has left

  1630. pjn has joined

  1631. papatutuwawa has left

  1632. pasdesushi has joined

  1633. pasdesushi has left

  1634. goffi has left

  1635. pasdesushi has joined

  1636. Calvin has left

  1637. pasdesushi has left

  1638. pasdesushi has joined

  1639. Zash has left

  1640. marc has left

  1641. marc has joined

  1642. marc has left

  1643. marc has joined

  1644. marc has left

  1645. adiaholic has joined

  1646. marc has joined

  1647. marc has left

  1648. Calvin has joined

  1649. Zash has joined

  1650. marc has joined

  1651. marc has left

  1652. andy has left

  1653. marc has joined

  1654. marc has left

  1655. marc has joined

  1656. wendy has left

  1657. marc has left

  1658. pasdesushi has left

  1659. marc has joined

  1660. marc has left

  1661. mathijs has left

  1662. marc has joined

  1663. marc has left

  1664. marc has joined

  1665. marc has left

  1666. marc has joined

  1667. adiaholic has left

  1668. marc has left

  1669. marc has joined

  1670. marc has left

  1671. marc has joined

  1672. marc has left

  1673. marc has joined

  1674. marc has left

  1675. marc has joined

  1676. marc has left

  1677. marc has joined

  1678. marc has left

  1679. wgreenhouse

    what is the software behind logs.xmpp.org?

  1680. bean has left

  1681. Chan Shen has left

  1682. marc has joined

  1683. mathijs has joined

  1684. marc has left

  1685. marc has joined

  1686. marc has left

  1687. marc has joined

  1688. marc has left

  1689. BASSGOD has left

  1690. marc has joined

  1691. marc has left

  1692. marc has joined

  1693. marc has left

  1694. marc has joined

  1695. marc has left

  1696. marc has joined

  1697. marc has left

  1698. marc has joined

  1699. marc has left

  1700. marc has joined

  1701. marc has left

  1702. menel

    I think this: https://modules.prosody.im/mod_http_muc_log.html

  1703. BASSGOD has joined

  1704. Tobias has left

  1705. moparisthebest has left

  1706. marc has joined

  1707. marc has left

  1708. Kev has left

  1709. marc has joined

  1710. Kev has joined

  1711. marc has left

  1712. marc has joined

  1713. marc has left

  1714. wgreenhouse

    menel: looks like it, thank you

  1715. marc has joined

  1716. marc has left

  1717. marc has joined

  1718. marc has left

  1719. Kev has left

  1720. Kev has joined

  1721. marc has joined

  1722. marc has left

  1723. jcbrand has left

  1724. marc has joined

  1725. marc has left

  1726. marc has joined

  1727. marc0s has left

  1728. marc0s has joined

  1729. marc has left

  1730. wendy has joined

  1731. marc has joined

  1732. marc has left

  1733. marc has joined

  1734. marc has left

  1735. marc has joined

  1736. marc has left

  1737. marc has joined

  1738. marc has left

  1739. marc has joined

  1740. marc has left

  1741. marc has joined

  1742. marc has left

  1743. marc has joined

  1744. marc has left

  1745. Kev has left

  1746. marc has joined

  1747. Kev has joined

  1748. marc has left

  1749. alameyo has left

  1750. marc has joined

  1751. marc has left

  1752. marc has joined

  1753. marc has left

  1754. alameyo has joined

  1755. marc has joined

  1756. adiaholic has joined

  1757. marc has left

  1758. marc has joined

  1759. marc has left

  1760. marc has joined

  1761. marc has left

  1762. marc has joined

  1763. deuill has left

  1764. marc has left

  1765. marc has joined

  1766. marc has left

  1767. marc has joined

  1768. marc has left

  1769. marc has joined

  1770. marc has left

  1771. marc has joined

  1772. marc has left

  1773. marc has joined

  1774. wurstsalat has left

  1775. marc has left

  1776. marc has joined

  1777. marc has left

  1778. marc has joined

  1779. marc has left

  1780. marc has joined

  1781. marc has left

  1782. marc has joined

  1783. adiaholic has left

  1784. marc has left

  1785. marc has joined

  1786. marc has left

  1787. marc has joined

  1788. marc has left

  1789. deuill has joined

  1790. marc has joined

  1791. karoshi has left

  1792. marc has left

  1793. marc has joined

  1794. marc has left

  1795. marc has joined

  1796. Sam has left

  1797. marc has left

  1798. marc has joined

  1799. marc has left

  1800. marc has joined

  1801. marc has left

  1802. menel has left

  1803. marc has joined

  1804. marc has left

  1805. Sam has joined

  1806. marc has joined

  1807. marc has left

  1808. marc has joined

  1809. marc has left

  1810. marc has joined

  1811. marc has left

  1812. marc has joined

  1813. marc has left

  1814. marc has joined

  1815. marc has left

  1816. marc has joined

  1817. marc has left

  1818. marc has joined

  1819. marc has left

  1820. marc has joined

  1821. marc has left

  1822. marc has joined

  1823. marc has left

  1824. marc has joined

  1825. marc has left

  1826. adiaholic has joined

  1827. marc has joined

  1828. marc has left

  1829. marc has joined

  1830. croax has left

  1831. marc has left

  1832. marc has joined

  1833. marc has left

  1834. marc has joined

  1835. marc has left

  1836. marc has joined

  1837. marc has left

  1838. marc has joined

  1839. marc has left

  1840. marc has joined

  1841. marc has left

  1842. marc has joined

  1843. adiaholic has left

  1844. marc has left

  1845. marc has joined

  1846. marc has left

  1847. marc has joined

  1848. marc0s has left

  1849. marc0s has joined

  1850. marc has left

  1851. marc has joined

  1852. marc has left

  1853. marc has joined

  1854. marc has left

  1855. marc has joined

  1856. marc has left

  1857. marc has joined

  1858. wladmis has joined

  1859. marc has left

  1860. stp has left

  1861. marc has joined

  1862. marc has left

  1863. adiaholic has joined

  1864. marc has joined

  1865. marc has left

  1866. marc has joined

  1867. marc has left

  1868. marc has joined

  1869. marc has left

  1870. marc has joined

  1871. marc has left

  1872. LNJ has left

  1873. marc has joined

  1874. marc has left

  1875. marc has joined

  1876. marc has left

  1877. marc has joined

  1878. marc has left

  1879. adiaholic has left

  1880. arcxi has left

  1881. werdan has left

  1882. marc has joined

  1883. marc has left

  1884. marc has joined

  1885. marc has left

  1886. marc has joined

  1887. marc has left

  1888. marc has joined

  1889. lovetox has left

  1890. marc has left

  1891. marc has joined

  1892. marc has left

  1893. adiaholic has joined

  1894. marc has joined

  1895. lorddavidiii has joined

  1896. marc has left

  1897. marc has joined

  1898. marc has left

  1899. marc has joined

  1900. marc has left

  1901. marc has joined

  1902. marc has left

  1903. marc has joined

  1904. marc has left

  1905. marc has joined

  1906. marc has left

  1907. marc has joined

  1908. marc has left

  1909. elliot020 has joined

  1910. marc has joined

  1911. marc has left

  1912. marc has joined

  1913. marc has left

  1914. adiaholic has left

  1915. marc has joined

  1916. marc has left

  1917. marc has joined

  1918. marc has left

  1919. marc has joined

  1920. marc has left

  1921. marc has joined

  1922. marc has left

  1923. marc has joined

  1924. marc has left

  1925. marc has joined

  1926. marc has left

  1927. marc has joined

  1928. marc has left

  1929. marc has joined

  1930. marc has left

  1931. BASSGOD has left

  1932. marc has joined

  1933. marc has left

  1934. marc has joined

  1935. marc has left

  1936. marc has joined

  1937. marc has left

  1938. marc has joined

  1939. marc has left

  1940. marc has joined

  1941. marc has left

  1942. winfried has left

  1943. marc has joined

  1944. paul has left

  1945. Calvin has left

  1946. marc has left

  1947. marc has joined

  1948. marc has left

  1949. marc has joined

  1950. BASSGOD has joined

  1951. marc has left

  1952. marc has joined

  1953. adiaholic has joined

  1954. marc has left

  1955. marc has joined

  1956. marc has left

  1957. marc has joined

  1958. marc has left

  1959. marc has joined

  1960. marc has left

  1961. marc has joined

  1962. marc has left

  1963. marc has joined

  1964. winfried has joined

  1965. marc has left

  1966. marc has joined

  1967. marc has left

  1968. xecks has left

  1969. marc has joined

  1970. adiaholic has left

  1971. marc has left

  1972. marc has joined

  1973. marc has left

  1974. Calvin has joined

  1975. marc has joined

  1976. moparisthebest has joined

  1977. marc has left

  1978. marc has joined

  1979. marc has left

  1980. marc has joined

  1981. marc has left

  1982. govanify has left

  1983. govanify has joined

  1984. marc has joined

  1985. marc has left

  1986. marc has joined

  1987. lorddavidiii has left

  1988. marc has left

  1989. marc has joined

  1990. marc has left

  1991. marc has joined

  1992. marc has left

  1993. marc has joined

  1994. wendy has left

  1995. marc has left

  1996. marc has joined

  1997. marc has left

  1998. marc has joined

  1999. marc has left

  2000. marc has joined

  2001. marc has left

  2002. winfried has left

  2003. winfried has joined

  2004. marc has joined

  2005. marc has left

  2006. marc has joined

  2007. marc has left

  2008. marc has joined

  2009. marc has left

  2010. marc has joined

  2011. marc has left

  2012. winfried has left

  2013. winfried has joined

  2014. winfried has left

  2015. winfried has joined

  2016. marc has joined

  2017. marc has left

  2018. marc has joined

  2019. marc has left

  2020. marc has joined

  2021. marc has left

  2022. Kev has left

  2023. Kev has joined

  2024. marc has joined

  2025. marc has left

  2026. marc has joined

  2027. marc has left

  2028. marc has joined

  2029. marc has left

  2030. marc has joined

  2031. marc has left

  2032. marc has joined

  2033. marc has left

  2034. marc has joined

  2035. marc has left

  2036. marc has joined

  2037. marc has left

  2038. marc has joined

  2039. marc has left

  2040. marc has joined

  2041. marc has left

  2042. marc has joined

  2043. marc has left

  2044. marc has joined

  2045. marc has left

  2046. marc has joined

  2047. marc has left

  2048. marc has joined

  2049. marc has left

  2050. marc has joined

  2051. marc has left

  2052. marc has joined

  2053. marc has left

  2054. marc has joined

  2055. marc has left

  2056. marc has joined

  2057. marc has left

  2058. marc has joined

  2059. marc has left

  2060. marc has joined

  2061. marc has left

  2062. marc has joined

  2063. marc has left

  2064. marc has joined

  2065. marc has left

  2066. marc has joined

  2067. lovetox has joined

  2068. marc has left

  2069. marc has joined

  2070. marc has left

  2071. marc has joined

  2072. marc has left

  2073. marc has joined

  2074. marc has left

  2075. marc has joined

  2076. marc has left

  2077. marc has joined

  2078. marc has left

  2079. marc has joined

  2080. marc has left

  2081. marc has joined

  2082. marc has left

  2083. marc has joined

  2084. marc has left

  2085. BASSGOD has left

  2086. marc has joined

  2087. marc has left

  2088. marc has joined

  2089. marc has left

  2090. BASSGOD has joined

  2091. marc has joined

  2092. marc has left

  2093. marc has joined

  2094. marc has left

  2095. marc has joined

  2096. marc has left

  2097. marc has joined

  2098. debacle has left

  2099. marc has left

  2100. marc has joined

  2101. marc has left

  2102. marc has joined

  2103. marc has left

  2104. marc has joined

  2105. Kev has left

  2106. adiaholic has joined

  2107. marc has left

  2108. marc has joined

  2109. marc has left

  2110. marc has joined

  2111. marc has left

  2112. emus has left