XSF Discussion - 2021-05-31


  1. qrpnxz

    > no reason to do multiple ports multiple port is certainly easier, i ain't gonna multiplex for no reason

  2. qrpnxz

    larma, http/2 https requires alpn btw

  3. moparisthebest

    larma: the why is because the web is bad and 443 is most likely to work

  4. larma

    moparisthebest, we're talking about server-to-server, you won't expect weird firewalls there anyway

  5. larma

    also, the more we multiplex everything on 443, the more likely it is that future firewalls will block based on alpn

  6. moparisthebest

    I do, increasingly more hosting services are https only too

  7. moparisthebest

    I'll be proposing some s2s over websockets shortly as well

  8. qrpnxz

    larma, mo's mux doesn't use alpn afaik

  9. qrpnxz

    > s2s over websocket ew why

  10. moparisthebest

    > increasingly more hosting services are https only too

  11. qrpnxz

    ah :P

  12. qrpnxz

    but then you can... just not use that crappy hosting service :)

  13. moparisthebest

    Or like, just run a matrix server I guess :)

  14. moparisthebest

    I'm trying to avoid that being people's conclusion

  15. larma

    Easing deployment by doing everything via web sockets is actually an interesting idea

  16. mathieui

    What hosting services that aren't "managed php/mysql with limited control over the webserver" only allow http/https ?

  17. Menel

    That would mean by by audio and video calls anyway.

  18. MattJ

    It's a common thing for what people refer to as "PaaS", such services are relatively common, cheap/free and assume what you deploy will run over HTTPS only

  19. MattJ

    Also as we discovered with mimi89999 recently, DigitalOcean have a 1-click deploy thing that apparently only works with HTTPS apps

  20. mimi89999

    Not that recently

  21. mimi89999

    The other option is to have preconfigured images. That could work on DO and Linode

  22. MattJ

    General notice from iteam: we just moved our CI stuff around a bit - the service that automatically builds repository updates (website, XEPs, etc.) when changes or PRs are pushed. Hopefully everything still works, but if anyone sees anything broken next time you push a change, please shout :)

  23. Zash

    Those https-only PaaS things, would they let you have end-to-end TLS in those?

  24. MattJ

    Generally not, and that's why they're HTTPS-only because they generally have some kind of reverse proxy/load balancer thing going on with automatic certificates

  25. Zash

    So even if you could do s2s over websockets, you'd have to do dialback or something.

  26. jonas’

    also I wonder how long they’ll let those connections live

  27. Zash

    Myeah.

  28. Zash

    Inb4 s2s over BOSH

  29. mathieui

    Zash, enough awfulness for one day

  30. Zash

    Well it _is_ Monday...

  31. moparisthebest

    Did travis-ci say we are eligible for the free tier? curl isn't https://twitter.com/bagder/status/1399113361653178368

  32. jonas’

    moparisthebest, we’re going to find out

  33. moparisthebest

    By asking? Seems like you have to ask

  34. MattJ

    Yes, by asking

  35. MattJ

    But with a week's worth of build time, there's no immediate rush

  36. Zash

    Whops, where'd the week go!

  37. jonas’

    wish it was over already ;)

  38. MattJ

    That would have to be a week of continuous builds :)

  39. MattJ

    In reality I imagine it will last us months (but I don't have stats)

  40. Zash

    Have you seen how long those builds take?

  41. moparisthebest

    Wait they charge by wall clock minutes?

  42. moparisthebest

    Seems like that'd give them an incentive to make them as slow as possible

  43. MattJ

    They deal in "credits", from deep in their docs it appears that 1 credit = 1 minute

  44. Sam

    sourcehut might give us free builds if we ask nicely. Drew *hates* xmpp but in theory we meet his requirements for free service.

  45. Zash

    Let's ask Board to ask someone to draft an email that Board can rubber-stamp!

  46. mdosch

    Afaik Drew hates every chat thing that's not IRC.

  47. şişio

    Where does WhatsApp use XMPP

  48. mdosch

    Their protocol is based on XMPP, but no idea how much they diverged now as their implementation is not open.

  49. şişio

    But uses XMPP, exact

  50. şişio

    Right?

  51. Zash

    They were running (modified) ejabberd at some point, with a custom compression layer, and custom authentication, and custom all the things.

  52. emus

    şişio: The server implementation seems to still have elements from XMPP, shown in a Medium article some time ago. But as said, it used to be. nowadays one cannot tell exaclty

  53. şişio

    I understand, so push notification?

  54. Zash

    At what point does the Prototol of Theseus stop being XMPP? 🙂

  55. şişio

    🤐

  56. şişio

    > I wrote: > I understand, so push notification? This is same ı think

  57. şişio

    > I wrote: > I understand, so push notification? This is same too ı think

  58. şişio

    The use of XMPP is very wide, which made me happy

  59. mdosch

    > Prototol of Theseus The what?

  60. Zash

    mdosch, https://en.wikipedia.org/wiki/Ship_of_Theseus

  61. mdosch

    Ah like a band where after some years 0 of the founding members are left. ^^

  62. emus

    şişio: where are you located that you want to use XMPP?

  63. şişio

    Turkey

  64. mdosch

    emus: Why does the location matter?

  65. emus

    It doesn't matter, I am just interested from where people are reaching out

  66. Menel

    > mdosch, https://en.wikipedia.org/wiki/Ship_of_Theseus Thats in reality true for aircrafts. There are aircrafts where nearly every part was replaced that still fly. And the human body of course.

  67. şişio

    Most of the 85k servers are private, I think.

  68. şişio

    Hidden

  69. emus

    Where you got that number from again?

  70. Zash

    https://blog.prosody.im/2020-retrospective/ ?

  71. şişio

    > Zash wrote: > https://blog.prosody.im/2020-retrospective/ ? Yes, this.

  72. emus

    thanks

  73. emus

    maybe we should link that on the website?

  74. şişio

    > emus wrote: > maybe we should link that on the website? That'd be nice

  75. Zash

    Wasn't that in the newsletter already?

  76. mdosch

    I'm sure it was.

  77. emus

    Zash: yes, Im sorry. Sometimes I dont have time to fully read the articles. I remeber this though

  78. şişio

    :)

  79. jjrh

    Does XMPP have a concept of proxies similar to sip where you indicate that in order to reach test.server you need to hop through proxyserver.example?

  80. Zash

    No, and that's why it's great!

  81. Zash

    Unless SRV indirection qualifies for what you want

  82. jjrh

    I didn't think so - just ran into a situation with a vendor who appears to be doing something weird that looks a bit like this.

  83. Zash

    Weird how?

  84. jonas’

    many clients support bypassing SRV lookups to achieve something like that, but that’s always manually configured. and there’s no such thing for s2s.

  85. jjrh

    yeah this was a case of getting a s2s for a totally invalid domain.

  86. jjrh

    You can do stuff like this in SIP so I was wondering if there was a thing like this for XMPP I didn't know about :)

  87. Kev

    You can do this in XMPP, kinda, yes.

  88. Kev

    I’m not aware of anyone doing it on the Internet, though.

  89. Kev

    https://www.isode.com/whitepapers/xmpp-trunking.html type stuff.

  90. Kev

    It’s not exactly what you describe, though.

  91. eta

    what ended up happening to the IETF XMPP trial

  92. eta

    ?*

  93. Zash

    it's still up

  94. moparisthebest

    no such thing as going through a proxy for s2s you say? https://www.moparisthebest.com/mod_s2s_outgoing_proxy.lua

  95. moparisthebest

    which is just a hacked up https://modules.prosody.im/mod_s2soutinjection.html by the way

  96. Zash

    I'm not sure I have any idea what any of you are talking about.

  97. Zash

    I imagined multi-jump email paths.

  98. moparisthebest

    I was responding to: > many clients support bypassing SRV lookups to achieve something like that, but that’s always manually configured. and there’s no such thing for s2s.

  99. Zash

    The kind of thing that makes you happy that XMPP is normally point-to-point and nothing else.

  100. eta

    Zash: the blog post says the trial should have concluded in January

  101. Zash

    https://mailarchive.ietf.org/arch/msg/ietf-announce/-1vxilB-zNAvIdDcF_lPq_BQmIA/

  102. Zash

    eta: https://mailarchive.ietf.org/arch/msg/ietf-announce/-1vxilB-zNAvIdDcF_lPq_BQmIA/ mentions taking them down after ietf 110, which was in march

  103. eta

    Zash: ack

  104. eta hopes they don't end up matrixing

  105. Zash

    I got the impression tha the loudest praise was for Zulip

  106. eta

    makes sense

  107. eta

    zulip is basically email but made better

  108. qrpnxz

    lol no

  109. jjrh

    To me it's kinda strange for the IETF to choose a protocol that isn't a IETF standard.

  110. Zash

    Something something protocols vs products.

  111. jjrh

    Other places take that stance and that's fair but I don't think there are examples of the IETF choosing a non ietf protocol when a ietf one exists.

  112. jjrh

    It'

  113. jjrh

    *It's extra strange to me there aren't more people arguing this exact point

  114. Zash

    HTTP is an iETF protocol...

  115. jjrh

    I don't follow.

  116. Zash

    therefore Zulip and Matrix are okay. Or something. I'm not sure if that's something from a nightmare or a mailing list.

  117. jjrh

    I sure hope no ones making that argument because TCP is a ietf protocol too

  118. Zash comes across a post using "XMPP is almost dead" as argument