XSF Discussion - 2022-02-10


  1. Maranda has left
  2. Mjolnir Archon has left
  3. daags has left
  4. floretta has left
  5. floretta has joined
  6. intosi has left
  7. adiaholic has left
  8. Andrzej has joined
  9. adiaholic has joined
  10. Neustradamus moparisthebest: Good job!
  11. djorz has joined
  12. djorz has left
  13. neshtaxmpp has left
  14. stp has left
  15. adiaholic has left
  16. Andrzej has left
  17. adiaholic has joined
  18. intosi has joined
  19. lskdjf has joined
  20. adiaholic has left
  21. Seve has left
  22. Titi has left
  23. adiaholic has joined
  24. Mjolnir Archon has joined
  25. Maranda has joined
  26. floretta has left
  27. Titi has joined
  28. intosi has left
  29. adiaholic has left
  30. floretta has joined
  31. adiaholic has joined
  32. Titi has left
  33. Titi has joined
  34. restive_monk has joined
  35. Andrzej has joined
  36. neshtaxmpp has joined
  37. adiaholic has left
  38. jcbrand has joined
  39. lskdjf has left
  40. floretta has left
  41. floretta has joined
  42. moparisthebest https://github.com/BombusMod/BombusMod/issues/130#issuecomment-1034360835 wins for fastest fix (that I know of)
  43. adiaholic has joined
  44. uhoreg has left
  45. homebeach has left
  46. Rixon 👁🗨 has left
  47. Matthew has left
  48. Half-Shot has left
  49. Half-Shot has joined
  50. Matthew has joined
  51. Rixon 👁🗨 has joined
  52. uhoreg has joined
  53. homebeach has joined
  54. jcbrand has left
  55. Link Mauve has left
  56. debacle has left
  57. intosi has joined
  58. Link Mauve has joined
  59. adiaholic has left
  60. adiaholic has joined
  61. millesimus has joined
  62. Andrzej has left
  63. intosi has left
  64. xnamed has left
  65. վարյա has left
  66. վարյա has joined
  67. adiaholic has left
  68. floretta has left
  69. adiaholic has joined
  70. Andrzej has joined
  71. marc0s has left
  72. marc0s has joined
  73. qwestion has left
  74. Andrzej has left
  75. kyemxden has left
  76. Maranda[x] has left
  77. adiaholic has left
  78. Steve Kille has left
  79. Kev has left
  80. Kev has joined
  81. Steve has joined
  82. adiaholic has joined
  83. Titi has left
  84. intosi has joined
  85. վարյա has left
  86. վարյա has joined
  87. Maranda[x] has joined
  88. Titi has joined
  89. Maranda[x] has left
  90. Maranda[x] has joined
  91. adiaholic has left
  92. intosi has left
  93. kyemxden has joined
  94. Maranda[x] has left
  95. adiaholic has joined
  96. david has left
  97. adiaholic has left
  98. david has joined
  99. gooya has left
  100. adiaholic has joined
  101. Titi has left
  102. Maranda[x] has joined
  103. Titi has joined
  104. adiaholic has left
  105. adiaholic has joined
  106. Andrzej has joined
  107. intosi has joined
  108. adiaholic has left
  109. adiaholic has joined
  110. Andrzej has left
  111. intosi has left
  112. kyemxden has left
  113. Calvin has joined
  114. govanify has left
  115. govanify has joined
  116. millesimus has left
  117. Yagiza has joined
  118. Calvin has left
  119. Thilo Molitor has left
  120. վարյա has left
  121. վարյա has joined
  122. qwestion has joined
  123. jgart has left
  124. intosi has joined
  125. intosi has left
  126. intosi has joined
  127. govanify has left
  128. neshtaxmpp has left
  129. govanify has joined
  130. neshtaxmpp has joined
  131. neshtaxmpp has left
  132. Menel has joined
  133. Andrzej has joined
  134. վարյա has left
  135. վարյա has joined
  136. intosi has left
  137. intosi has joined
  138. neshtaxmpp has joined
  139. վարյա has left
  140. վարյա has joined
  141. Thilo Molitor has joined
  142. վարյա has left
  143. վարյա has joined
  144. Andrzej has left
  145. վարյա has left
  146. վարյա has joined
  147. jcbrand has joined
  148. msavoritias has joined
  149. msavoritias has left
  150. msavoritias has joined
  151. stp has joined
  152. Menel has left
  153. Menel has joined
  154. ti_gj06 has joined
  155. marc0s has left
  156. marc0s has joined
  157. chronosx88 has left
  158. chronosx88 has joined
  159. Seve has joined
  160. jcbrand has left
  161. lovetox has left
  162. lovetox has joined
  163. intosi has left
  164. eevvoor has left
  165. eevvoor has joined
  166. adiaholic has left
  167. adiaholic has joined
  168. intosi has joined
  169. wladmis has left
  170. adiaholic has left
  171. Tobias has joined
  172. Andrzej has joined
  173. adiaholic has joined
  174. adiaholic has left
  175. intosi has left
  176. intosi has joined
  177. atomicwatch has joined
  178. adiaholic has joined
  179. Andrzej has left
  180. emus has joined
  181. վարյա has left
  182. վարյա has joined
  183. floretta has joined
  184. intosi has left
  185. adiaholic has left
  186. pasdesushi has joined
  187. վարյա has left
  188. վարյա has joined
  189. adiaholic has joined
  190. emus regarding CVEs, can this be reviewed? https://github.com/xsf/xmpp.org/pull/1007 Ge0rG?
  191. emus regarding CVEs, can this be reviewed? https://github.com/xsf/xmpp.org/pull/1001 Ge0rG?
  192. jcbrand has joined
  193. Titi has left
  194. Paganini has left
  195. restive_monk has left
  196. Titi has joined
  197. floretta has left
  198. restive_monk has joined
  199. floretta has joined
  200. dwd has joined
  201. Maranda[x] has left
  202. Maranda[x] has joined
  203. adiaholic has left
  204. wurstsalat has joined
  205. adiaholic has joined
  206. վարյա has left
  207. վարյա has joined
  208. dwd has left
  209. adiaholic has left
  210. tykayn has joined
  211. intosi has joined
  212. lovetox has left
  213. adiaholic has joined
  214. floretta has left
  215. floretta has joined
  216. intosi has left
  217. marc0s has left
  218. marc0s has joined
  219. lskdjf has joined
  220. marc0s has left
  221. marc0s has joined
  222. lovetox has joined
  223. Titi has left
  224. floretta has left
  225. druthid has left
  226. edhelas Movim is not using _xmppconnect and not connecting using BOSH or WS, just for you to know
  227. edhelas So I shoudn't be affected
  228. druthid has joined
  229. intosi has joined
  230. debacle has joined
  231. jonas’ moparisthebest, *raises hat* good find
  232. jonas’ I did not realize this despite looking into _xmppconnect more closely for xmppnetv2
  233. jonas’ I do not like that the result is more HTTP though.
  234. jonas’ but that's, for once, not your fault :)
  235. ti_gj06 has left
  236. lskdjf has left
  237. վարյա has left
  238. floretta has joined
  239. harry837374884 has left
  240. neshtaxmpp has left
  241. neshtaxmpp has joined
  242. harry837374884 has joined
  243. floretta has left
  244. dwd has joined
  245. Mikaela has joined
  246. adiaholic has left
  247. debacle has left
  248. debacle has joined
  249. dan.caseley has left
  250. dan.caseley has joined
  251. floretta has joined
  252. adiaholic has joined
  253. Menel has left
  254. adiaholic has left
  255. ti_gj06 has joined
  256. adiaholic has joined
  257. adiaholic has left
  258. Alex has joined
  259. Ge0rG has left
  260. junaid has left
  261. junaid has joined
  262. emus has left
  263. adiaholic has joined
  264. Andrzej has joined
  265. Ge0rG has joined
  266. adiaholic has left
  267. dwd has left
  268. adiaholic has joined
  269. Ge0rG has left
  270. Ge0rG has joined
  271. Alex has left
  272. Alex has joined
  273. goffi has joined
  274. adiaholic has left
  275. adiaholic has joined
  276. emus has joined
  277. debacle has left
  278. debacle has joined
  279. Dele Olajide has joined
  280. Dele Olajide has left
  281. Dele Olajide has joined
  282. debacle has left
  283. debacle has joined
  284. վարյա has joined
  285. ti_gj06 has left
  286. վարյա has left
  287. վարյա has joined
  288. Andrzej has left
  289. debacle has left
  290. debacle has joined
  291. Dele Olajide has left
  292. Dele Olajide has joined
  293. Titi has joined
  294. adiaholic has left
  295. marc0s has left
  296. marc0s has joined
  297. dan.caseley has left
  298. dan.caseley has joined
  299. kyemxden has joined
  300. Dele Olajide has left
  301. marc0s has left
  302. marc0s has joined
  303. վարյա has left
  304. վարյա has joined
  305. Guus has joined
  306. Dele Olajide has joined
  307. ti_gj06 has joined
  308. argentum has left
  309. Alex has left
  310. Alex has joined
  311. Steve has left
  312. Steve has joined
  313. Steve has left
  314. Steve has joined
  315. Dele Olajide has left
  316. վարյա has left
  317. huhn has joined
  318. Dele Olajide has joined
  319. Rixon 👁🗨 has left
  320. homebeach has left
  321. Matthew has left
  322. Half-Shot has left
  323. uhoreg has left
  324. Half-Shot has joined
  325. Matthew has joined
  326. Rixon 👁🗨 has joined
  327. uhoreg has joined
  328. homebeach has joined
  329. Dele Olajide has left
  330. Dele Olajide has joined
  331. lskdjf has joined
  332. վարյա has joined
  333. Andrzej has joined
  334. harry837374884 has left
  335. Dele Olajide has left
  336. adiaholic has joined
  337. Dele Olajide has joined
  338. Andrzej has left
  339. Andrzej has joined
  340. վարյա has left
  341. վարյա has joined
  342. Menel has joined
  343. harry837374884 has joined
  344. վարյա has left
  345. վարյա has joined
  346. Link Mauve emus, where is that 404 page used? I get the regular nginx page on unknown pages. :(
  347. emus https://github.com/xsf/xmpp.org/pull/1001
  348. emus dunno whats not working
  349. Link Mauve Yes, the 404 page from this PR.
  350. Link Mauve I didn’t even know we had one.
  351. emus can you review for pr 1001
  352. wurstsalat Link Mauve, it's a standard page from the default theme (not used atm)
  353. Link Mauve Oh, I see, thanks. :)
  354. marc0s has left
  355. marc0s has joined
  356. millesimus has joined
  357. pasdesushi has left
  358. pasdesushi has joined
  359. bean has joined
  360. Wojtek has joined
  361. adiaholic has left
  362. adiaholic has joined
  363. floretta has left
  364. floretta has joined
  365. adiaholic has left
  366. alacer has left
  367. qwestion has left
  368. qwestion has joined
  369. debacle has left
  370. debacle has joined
  371. adiaholic has joined
  372. karoshi has joined
  373. alacer has joined
  374. harry837374884 has left
  375. harry837374884 has joined
  376. restive_monk has left
  377. Neustradamus has left
  378. millesimus has left
  379. Neustradamus has joined
  380. debacle has left
  381. stp has left
  382. robertooo has left
  383. robertooo has joined
  384. millesimus has joined
  385. robertooo has left
  386. marc0s has left
  387. harry837374884 has left
  388. marc0s has joined
  389. restive_monk has joined
  390. stp has joined
  391. Andrzej has left
  392. Andrzej has joined
  393. alacer has left
  394. alacer has joined
  395. intosi has left
  396. intosi has joined
  397. Wojtek has left
  398. Wojtek has joined
  399. lskdjf has left
  400. lskdjf has joined
  401. intosi has left
  402. intosi has joined
  403. lskdjf has left
  404. lskdjf has joined
  405. lskdjf has left
  406. lskdjf has joined
  407. lskdjf has left
  408. lskdjf has joined
  409. djorz has joined
  410. harry837374884 has joined
  411. djorz has left
  412. adiaholic has left
  413. lskdjf has left
  414. lskdjf has joined
  415. adiaholic has joined
  416. floretta has left
  417. alacer has left
  418. ti_gj06 has left
  419. floretta has joined
  420. ti_gj06 has joined
  421. qwestion has left
  422. adiaholic has left
  423. adiaholic has joined
  424. rafasaurus has left
  425. rafasaurus has joined
  426. Link Mauve larma, in XEP-0446, why did you go for @dimensions (width"x"height) instead of the more common @width and @height?
  427. phryk has left
  428. ti_gj06 has left
  429. govanify has left
  430. govanify has joined
  431. Holger I'm late to the _xmppconnect party, and not into JavaScript. I was assuming the browser wouldn't even permit DNS queries (and that .well-known was invented for this reason). So that's not true?
  432. inky has joined
  433. Zash DoH to the "rescue" ?
  434. uhoreg has left
  435. homebeach has left
  436. Matthew has left
  437. Rixon 👁🗨 has left
  438. Half-Shot has left
  439. Half-Shot has joined
  440. Matthew has joined
  441. Rixon 👁🗨 has joined
  442. uhoreg has joined
  443. homebeach has joined
  444. Zash But you can use JavaScript outside of browsers, e.g. with FirefoxOS and such, which may have both raw TCP sockets and real DNS APIs
  445. uhoreg has left
  446. homebeach has left
  447. Matthew has left
  448. Rixon 👁🗨 has left
  449. Half-Shot has left
  450. Half-Shot has joined
  451. Matthew has joined
  452. Rixon 👁🗨 has joined
  453. uhoreg has joined
  454. homebeach has joined
  455. Holger Well sure, plus you can obviously use WebSocket outside of JavaScript, but then why wouldn't I be able to verify the certificate just as with plain TCP (non-WebSocket) access?
  456. MattJ Which certificate would you verify?
  457. MattJ JS is even more limited in this regard
  458. MattJ If you make a request to https://evil.com/http-bind, the browser will naturally just verify the cert is for evil.com
  459. Holger Ah. So the issue is about the combinartion "WebSocket with JavaScript outside the browser (i.e. Node.js)"?
  460. MattJ Javascript isn't relevant to the issue at all, really
  461. MattJ Any client that uses the DNS lookup to obtain this info is using an insecure protocol to obtain connection info
  462. Holger As I said my (mis?)understanding was that querying TXT records from within the browser wasn't even possible in the first place.
  463. Zash You're receiving a connection endpoint over an insecure channel, you must not allow it to alter the identifier you compare the certificate to.
  464. MattJ That's usually *not* JS stuff, because they use the HTTPS discovery alternative instead
  465. Holger Sure.
  466. MattJ So most/all JS clients are probably unaffected
  467. wgreenhouse has left
  468. Zash Unless they somehow do http:///.well-know ...
  469. MattJ That would be more work, and typically blocked by browsers these days afaik
  470. MattJ (if the script itself is loaded over https:// )
  471. Holger I'm definitely missing something :-)
  472. Zash Holger, this affects desktop clients doing _xmppconnect TXT lookups
  473. Zash e.g. Pidgin will automatically pick up on _xmppconnect and connect over BOSH
  474. alacer has joined
  475. MattJ Holger, '156 defines two methods of advertisement: DNS and HTTPS. Everything using DNS is insecure.
  476. Holger How's their situation different from desktop clients performing an SRV lookup?
  477. Zash (unless DNSSEC ... 😭️)
  478. Holger Well. Gajim uses DNS.
  479. MattJ Because when you do SRV lookup you verify the cert against the original domain
  480. Zash (also modulo DNSSEC)
  481. Holger Yes.
  482. MattJ You know you want to connect to "example.com", so when SRV tells you to connect to xmpp.evil.com, you verify you get a cert for 'example.com' still
  483. Holger My question remains, why can't the desktop client perform an _xmppconnect lookup, connect over BOSH, and verify the cert against the original domain.
  484. MattJ (for the purposes of this whole discussion, DNSSEC doesn't exist)
  485. MattJ It could
  486. MattJ So it could connect to https://evil.com/ and expect it to serve a cert for example.com instead?
  487. Holger That's what I would've assumed, sure.
  488. MattJ This is a very unusual configuration in the web world, and would require some hoops to jump through to set up
  489. Zash Probably tricky to convince every HTTPS library to do taht
  490. Zash Probably tricky to convince every HTTPS library to do that
  491. MattJ But yes, if you did it that way it would not be insecure
  492. Zash NSS supposedly made it impossible (which ruled out SRV records even)
  493. MattJ But everyone just grabs the URL and passes it to their HTTP stack
  494. Holger Oh so the issue is server-side. I hadn't thought of that.
  495. uhoreg has left
  496. homebeach has left
  497. Matthew has left
  498. Rixon 👁🗨 has left
  499. Half-Shot has left
  500. Half-Shot has joined
  501. Matthew has joined
  502. Rixon 👁🗨 has joined
  503. uhoreg has joined
  504. homebeach has joined
  505. Holger Ok yes plus maybe client-side HTTP library APIs. I see.
  506. MattJ I'm pretty sure if you serve a BOSH URL of https://evil.com/ with a cert of https://example.com/ 100% of everything is going to break trying to load that URL
  507. MattJ as it should, really
  508. MattJ In the past when implementing '156 for something, I did verify that the domain of the endpoint was the same as the XMPP domain, otherwise ignore it
  509. intosi has left
  510. intosi has joined
  511. Holger I see.
  512. Menel has left
  513. Menel has joined
  514. Zash MattJ, I would imagine that you were the only one
  515. Zash Oh, you mean for xmpp:example.com assert https://example.com/* ?
  516. MattJ Yes
  517. MattJ https://mail.jabber.org/pipermail/standards/2011-May/024460.html
  518. Zash That, or perhaps a subdomain, ought to be safe, yeah
  519. MattJ "This problem will go away in the distant future when DNSSEC is more readily available" -- 2011
  520. intosi has left
  521. intosi has joined
  522. inky has left
  523. dwd has joined
  524. gooya has joined
  525. Zash E.g. I'd expect https://xmpp.example.com/bosh for xmpp:example.com to be fairly common
  526. kyemxden has left
  527. MattJ https://logs.xmpp.org/xsf/2017-10-04#2017-10-04-f931006edc04c07d
  528. wgreenhouse has joined
  529. MattJ Kudos to moparisthebest for... actually doing something :P
  530. adiaholic has left
  531. kyemxden has joined
  532. rq77 has joined
  533. ti_gj06 has joined
  534. Calvin has joined
  535. adiaholic has joined
  536. millesimus has left
  537. adiaholic has left
  538. Calvin has left
  539. Dele Olajide has left
  540. adiaholic has joined
  541. leochiu has joined
  542. Paganini has joined
  543. alacer has left
  544. alacer has joined
  545. Menel has left
  546. dwd has left
  547. adiaholic has left
  548. Calvin has joined
  549. adiaholic has joined
  550. millesimus has joined
  551. Link Mauve larma, you mention “Hash the resulting string using the algorithm choosen for the sticker pack.” in XEP-0449, does it mean you want to allow only a single hash, instead of the usual hash agility thingy?
  552. Link Mauve Would XEP-0103 also be useful to distribute cid: URIs? I wouldn’t expect so.
  553. Link Mauve But if not, should we create another XEP for shipping stickers that way?
  554. adiaholic has left
  555. floretta has left
  556. bung has joined
  557. restive_monk has left
  558. adiaholic has joined
  559. ti_gj06 has left
  560. floretta has joined
  561. moparisthebest it mainly annoys me that I must have read '156 multiple dozens of times, and fully implemented and end-to-end tested websocket support, and only noticed it during some light refactoring before the final push https://github.com/moparisthebest/xmpp-proxy/blob/master/src/srv.rs#L77
  562. restive_monk has joined
  563. moparisthebest and it's surprisingly bad because even though a client does all *other* starttls/tls validation correctly, this is all it takes, an attacker can just block those and force a connection over websocket to gain mitm
  564. xnamed has joined
  565. marc0s has left
  566. marc0s has joined
  567. marc0s has left
  568. marc0s has joined
  569. pjn has joined
  570. Link Mauve The hashing algorithm in XEP-0449 isn’t clear, especially around hashes.
  571. Link Mauve Should I encode the bytes of the hash, or its base64 representation?
  572. Link Mauve I’d rather the former, as it is what gets out of my parser.
  573. Link Mauve Having a complete example like in XEP-0390 would be useful.
  574. matkor has left
  575. matkor has joined
  576. xnamed has left
  577. larma Link Mauve, - re dimensions: The reason was, originally, that the field shouldn't require exactly 2 dimensions, although the description indeed now reads like that. Maybe width and height would indeed be easier in practice. - re hash: the ID needs to be one ID. I guess if you put two hashes on the pack, you can pick any of the two as your hash for ID generation - re cid: I don't think 0103 is a good fit for cid uris. I also don't really see the need and future for cid URIs anyway. Instead just use Jingle with IBB which is effectively the same functionality just that the payload doesn't need to fit in one stanza.
  578. Link Mauve larma, other dimensions, such as for a 3D sticker for instance?
  579. larma 446 is for any kind of file, not just stickers. But yes, 3d stickers
  580. jonas’ what about non-spatial dimensions?
  581. Link Mauve Ah right, I forgot the part where the ID is also truncated and reused for the id.
  582. Link Mauve Why is it truncated btw?
  583. Link Mauve In XEP-0084 it isn’t for instance.
  584. larma jonas’, I think 3d is not far off reality. You could already want to transfer 3d object files which also have dimensions.
  585. Wojtek has left
  586. Andrzej has left
  587. Andrzej has joined
  588. Link Mauve larma, the idea about cid: was to be compatible with existing clients, like Movim.
  589. marc0s has left
  590. marc0s has joined
  591. Dele Olajide has joined
  592. Link Mauve larma, what about cube map textures?!
  593. Link Mauve How do you encode each of the six sides?
  594. marc0s has left
  595. marc0s has joined
  596. larma That's up for future specification 😉
  597. Link Mauve larma, I made https://github.com/xsf/xeps/pull/1160 and https://github.com/xsf/xeps/pull/1161 fyi.
  598. larma Does Movim not support http file uris or jingle ibb?
  599. Link Mauve Not for stickers AIUI.
  600. robertooo has joined
  601. Link Mauve edhelas, ↑
  602. Wojtek has joined
  603. xnamed has joined
  604. larma So... A sticker is an image file transferred via BoB where an image file transferred via http/jingle is not?
  605. larma So... A sticker is an image file transferred via BoB when an image file transferred via http/jingle is not?
  606. marc0s has left
  607. marc0s has joined
  608. marc0s has left
  609. marc0s has joined
  610. edhelas Movim stickers are cid:
  611. pjn has left
  612. marc0s has left
  613. pjn has joined
  614. marc0s has joined
  615. edhelas you can always send a link and Movim will resolve it
  616. edhelas but it's not a sticker "for me", just an image
  617. Dele Olajide has left
  618. edhelas I also support SIMS
  619. BASSGOD has left
  620. edhelas https://xmpp.org/extensions/xep-0385.html
  621. edhelas but also as an "'attached image"
  622. marc0s has left
  623. marc0s has joined
  624. larma So the only way to send a sticker to Movim is to send cid via <img> in deprecated XHTML-IM?
  625. adiaholic has left
  626. moparisthebest > "This problem will go away in the distant future when DNSSEC is more readily available" -- 2011 this is one of the saddest things I've ever read :'(
  627. Link Mauve Let’s undeprecate XHTML-IM.
  628. larma Or not use XHTML-IM for stickers?
  629. larma <sticker xmlns="custom" uri="cid:bla" /> would have worked as well, no?
  630. edhelas Movim doesn't support XHTML-IM, only the cid: :p
  631. Link Mauve Re 0446, it’s always been weird to me even back when it was called 0234 to have various metadata about specific file types.
  632. alacer has left
  633. Link Mauve Why dimensions and length, and not number of words in the epub, or target hardware for a video game?
  634. edhelas https://github.com/movim/movim/blob/master/app/Message.php#L273
  635. adiaholic has joined
  636. alacer has joined
  637. Matthew has left
  638. Rixon 👁🗨 has left
  639. uhoreg has left
  640. homebeach has left
  641. Half-Shot has left
  642. Half-Shot has joined
  643. Matthew has joined
  644. Rixon 👁🗨 has joined
  645. uhoreg has joined
  646. homebeach has joined
  647. Link Mauve Filesystems don’t usually provide this kind of information, so the sender would have to parse the file.
  648. Link Mauve That is optional, but it still seems like feature creep to me.
  649. edhelas Link Mauve yup, I don't trust the info :p
  650. Andrzej has left
  651. BASSGOD has joined
  652. Link Mauve It’s not about trust or not, it’s about whether or not it makes sense in file metadata.
  653. ti_gj06 has joined
  654. larma Link Mauve, the hashes and values in the example 1 of xep 0449 are actual real values, and apparently I took the file hash as base64 string. You can't use bytes directly because bytes could include 0x1F.
  655. larma Also regarding dimensions: It's so that you can display a sensible placeholder in correct size before fetching the file
  656. Zash But why as one complex attribute instead of two simple integer ones?
  657. larma And length is so that you can display also that for audio and video before fetching the file, it's what most other chat systems do as well
  658. Link Mauve Oh, with the <!-- ... --> I thought it wasn’t complete.
  659. adiaholic has left
  660. moparisthebest parse the images they said, it'll be fun easy and safe they said... https://www.kuow.org/stories/we-didn-t-mean-to-ruin-your-mazda-s-stereo
  661. Link Mauve But then I can only test whether I get the correct result or not, not see where I did something wrong like with XEP-0390.
  662. marc0s has left
  663. larma Zash, I agree that this would be a sensible option if we only have 2d images/videos in mind (and honestly, that's what we have right now, so probably better to not overengineer here)
  664. Link Mauve moparisthebest, an image of the system, aka an update, right?
  665. Link Mauve Not an image with pixels.
  666. marc0s has joined
  667. moparisthebest Link Mauve, no, literally an image with pixels
  668. Link Mauve larma, ok, so I have to reencode to base64.
  669. Zash Wait what?
  670. Andrzej has joined
  671. APach has joined
  672. bung has left
  673. marc0s has left
  674. marc0s has joined
  675. mjk The image placeholders in GUIs are usually 2D because our screens usually too... But then again, the sender shouldn't dictate how their cube of 3D MIP-mapped images shall be projected on the receiver's sceen
  676. moparisthebest Link Mauve, more technical article https://www.theregister.com/2022/02/10/mazda_radios_images/
  677. Link Mauve mjk, skyboxes in video games have been cube maps for about as long as 3D hardware has existed.
  678. mjk With the above I mean: don't limit metadata to WxH, leave space for extensibility :)
  679. mjk Link Mauve: Er. Yes. And? :))
  680. larma Link Mauve, `summary\x1fen\x1fBe cute or be cynical, this little kitten works both ways.\x1ename\x1fen\x1fMarsey the Cat\x1e\x1c👍\x1esha-256\x1f0AdP8lJOWJrugSKOIAqfEKqFatIpG5JBCjjxY253ojQ=\x1f\x1e\x1d😘\x1esha-256\x1fgw+6xdCgOcvCYSKuQNrXH33lV9NMzuDf/s0huByCDsY=\x1f\x1e\x1d\x1c` is the bytes for the sticker pack in example 1 which hash to the hash given in the Example. For reference, the two image files are https://larma.de/xeps/xep-0449-1.png and https://larma.de/xeps/xep-0449-2.png
  681. mjk I'm well-versed in my skyboxes :p
  682. Link Mauve Thanks!
  683. rq77 has left
  684. Link Mauve larma, I couldn’t have guessed @xml:lang was "en". :)
  685. Link Mauve I default to "" if it isn’t set, in xmpp-parsers.
  686. floretta has left
  687. floretta has joined
  688. Zash My 5D chess videos!
  689. Link Mauve “Join the resulting octet strings together, ordered from lesser to greater.”, isn’t summary > name here?
  690. Link Mauve In your example it’s in the other way.
  691. chronosx88 has left
  692. chronosx88 has joined
  693. jgart has joined
  694. karoshi has left
  695. marc0s has left
  696. marc0s has joined
  697. վարյա has left
  698. վարյա has joined
  699. Rixon 👁🗨 has left
  700. homebeach has left
  701. uhoreg has left
  702. Matthew has left
  703. Half-Shot has left
  704. Half-Shot has joined
  705. Matthew has joined
  706. Rixon 👁🗨 has joined
  707. uhoreg has joined
  708. homebeach has joined
  709. wladmis has joined
  710. emus has left
  711. Andrzej has left
  712. neshtaxmpp has left
  713. neshtaxmpp has joined
  714. Andrzej has joined
  715. adiaholic has joined
  716. eevvoor has left
  717. karoshi has joined
  718. me9 has joined
  719. Guus has left
  720. gooya has left
  721. gooya has joined
  722. reimar has joined
  723. larma Meh, yeah, you're right. The field was named desc once and when I renamed it I forgot to reorder that part
  724. guus.der.kinderen has left
  725. guus.der.kinderen has joined
  726. stp has left
  727. pjn has left
  728. pjn has joined
  729. adiaholic has left
  730. argentum has joined
  731. Wojtek has left
  732. adiaholic has joined
  733. adiaholic has left
  734. Menel has joined
  735. adiaholic has joined
  736. bean has left
  737. u70jfzo5eyeb468b9o has left
  738. u70jfzo5eyeb468b9o has joined
  739. Wojtek has joined
  740. leochiu has left
  741. djorz has joined
  742. վարյա has left
  743. վարյա has joined
  744. Link Mauve larma, fyi you’re also missing a \x1f after the content of the name and summary fields.
  745. djorz has left
  746. Link Mauve With this one fix, I’m now compatible with your hash!
  747. վարյա has left
  748. վարյա has joined
  749. Kev This one simple fix to your hash doctors don't want you to know.
  750. debacle has joined
  751. larma I remember there was some issue with the hash as well, have to double check my notes from back then
  752. Menel has left
  753. Link Mauve Also, the desc should probably take one \x1f after, as this is done for every single other field.
  754. marc0s has left
  755. marc0s has joined
  756. pjn has left
  757. pjn has joined
  758. pjn has left
  759. pjn has joined
  760. debacle has left
  761. dwd has joined
  762. Menel has joined
  763. Link Mauve Re section 4.2, I think it would make sense for backwards compatibility to include the image as oob.
  764. pjn has left
  765. pjn has joined
  766. djorz has joined
  767. ralphm bangs gavel
  768. jcbrand hi
  769. ralphm 0. Welcome
  770. ralphm Hi! Who do we have?
  771. վարյա has left
  772. jcbrand MattJ?
  773. jcbrand Looks like arc is not here
  774. gooya has left
  775. adiaholic has left
  776. gooya has joined
  777. Dele Olajide has joined
  778. bean has joined
  779. ralphm unbangs gavel
  780. pjn has left
  781. pjn has joined
  782. jgart has left
  783. վարյա has joined
  784. stp has joined
  785. adiaholic has joined
  786. gooya has left
  787. gooya has joined
  788. pjn has left
  789. pjn has joined
  790. arc has joined
  791. adiaholic has left
  792. arc We really need to get ourselves better organized
  793. paul has left
  794. intosi has left
  795. intosi has joined
  796. dwd has left
  797. Andrzej has left
  798. debacle has joined
  799. govanify has left
  800. govanify has joined
  801. Link Mauve The recommendation to use XEP-0363 for hosting the stickers, in section 4.4, is going to crash pretty quickly with real world server configurations, where the ttl of such a file might be just one week.
  802. intosi has left
  803. intosi has joined
  804. Zash Also remember Daniel mentioning that in the context of avatars
  805. Link Mauve Thankfully avatars are still mostly served in-band.
  806. Zash Since you can't put them in http upload because they expire
  807. Link Mauve Let’s keep it like that then. :D
  808. moparisthebest s/thankfully/unfortunately/
  809. moparisthebest Avatars are pretty much the only reason stanza size limits are exceeded
  810. Link Mauve If someone wants to hammer me with a 1 MiB avatar, I’d rather their connection get closed.
  811. moparisthebest It's more of an s2s problem
  812. moparisthebest Like the person in this room who had the massive avatar
  813. Zash On that topic, can we replace XEP-0153 with micro-images instead? (think blurhash)
  814. Zash moparisthebest, Link Mauve, with their INFINITE avatar?
  815. Zash Note for the archives: Link Mauve has an SVG avatar
  816. moparisthebest That would be fun, unfortunately (for the "fun") most servers have implemented sane stanza size limits by now?
  817. djorz has left
  818. Zash Peek at server logs and look for s2s collapses
  819. Link Mauve My avatar isn’t infinite, it is just the size you want. :)
  820. Link Mauve Any size you want.
  821. ti_gj06 has left
  822. ti_gj06 has joined
  823. uhoreg has left
  824. Rixon 👁🗨 has left
  825. homebeach has left
  826. Matthew has left
  827. Half-Shot has left
  828. Half-Shot has joined
  829. Matthew has joined
  830. Rixon 👁🗨 has joined
  831. uhoreg has joined
  832. homebeach has joined
  833. marc0s has left
  834. marc0s has joined
  835. ti_gj06 has left
  836. ti_gj06 has joined
  837. intosi has left
  838. intosi has joined
  839. alacer has left
  840. jgart has joined
  841. Andrzej has joined
  842. moparisthebest Link Mauve doesn't have an avatar at all for me, or it's infinitely small, I'll never know
  843. Zash Multi-format/multi-resolution avatars when?
  844. qwestion has joined
  845. adiaholic has joined
  846. Zash moparisthebest, you can still have fun if you find someone with even lower stanza size limits than everyone else
  847. Zash When will I finish that path MTU XEP?
  848. Steve has left
  849. Zash Srsly tho, squeeze avatars into the size of a hash and use that instead of a hash of the actual profile image!
  850. restive_monk has left
  851. moparisthebest Is that spec/code free?
  852. arc has left
  853. arc has joined
  854. Zash Can you send one 8x8 block of JPEG?
  855. Zash And like, remove the redundant parts
  856. Zash ie the "this is an 8x8 px JPEG" part
  857. Zash Someone suggested doing that instead of blurhash previously
  858. Zash It was larma, https://logs.xmpp.org/xsf/2020-11-22?p=h#2020-11-22-ea01a0735a4bc25e
  859. qwestion has left
  860. paul has joined
  861. Zash or?
  862. arc has left
  863. arc has joined
  864. Zash upscaled PNG something something
  865. larma I'd suggest to go for even smaller, like 3x2 PX. And then you're better of to use a very simple image format (think bmp or the likes)
  866. larma And yeah, then just upscale them in a blurry way
  867. larma Would be even better to use image formats that are good in supporting low color depth, because you also don't really need that
  868. Link Mauve Use a single chunk of BC7, this is 16 bytes, and it is supported by every GPU.
  869. Link Mauve Using exactly one quarter of the size it would be in RGBA8888.
  870. Steve has joined
  871. Zash Maybe take a bit or two to mean "circle, rounded corners, square, ????"
  872. Link Mauve The downside is that it only supports multiples of 4×4, so 3×2 wouldn’t be any smaller.
  873. Link Mauve I recently wrote an implementation of BC7 and it was pretty fun.
  874. Link Mauve (A software implementation.)
  875. Zash in poezio when?
  876. Link Mauve :D
  877. Link Mauve Zash, the Genshin Impact stickers actually come from this decoder. :)
  878. intosi has left
  879. intosi has joined
  880. Link Mauve Since in the game data they are stored in BC7.
  881. COM8 has joined
  882. Link Mauve PNG often compresses more, these stickers.
  883. Link Mauve Not for all of them.
  884. Zash Acquire some Unicode madness and render avatars in group chat views in like 2x3 pixels!
  885. COM8 has left
  886. COM8 has joined
  887. COM8 has left
  888. COM8 has joined
  889. me9 has left
  890. COM8 has left
  891. larma Actually, I like the idea to use BC7. We just need a mime type for "single bc7 chunk"
  892. COM8 has joined
  893. COM8 has left
  894. Dele Olajide has left
  895. Link Mauve At 8×8, in base64, we have an image of higher quality than blurhash, for the exact same size.
  896. Vidak has left
  897. mh has left
  898. mh has joined
  899. larma and yeah, it only doing 4x4 is a bit problematic, when you think of images that are rather wide, like 21:9 resolutions
  900. Zash Profile images are all square so that's not a problem 🙂
  901. Zash but you're also thinking of previews for file transfers?
  902. larma yes, mostly thinking about those
  903. Link Mauve larma, you can always put in the metadata that it actually is 4×3, and the recipient client will crop out the last line of pixels.
  904. Link Mauve We already have XEP-0264 for that though.
  905. harry837374884 has left
  906. adiaholic has left
  907. adiaholic has joined
  908. larma yes, but those use URIs which either is a BoB cid (requiring sender to be online at time of recipient wanting to fetch the thumbnail) or an external http uri (in which case I can just fetch the real thing and hope that it is encoded in a way that would allow to render early)
  909. larma It could be a data uri if we agree on a file format for those
  910. Link Mauve Reminds me to check for AVIF support of embedded thumbnails.
  911. Link Mauve It was annoyingly not part of the first specification.
  912. intosi has left
  913. intosi has joined
  914. mjk > Maybe take a bit or two to mean "circle, rounded corners, square, ????" 3D! We also need to think about three-dimensional avatars and how to round them
  915. Zash "circle, rounded corners, square, you need more bits"
  916. mjk right
  917. djorz has joined
  918. Zash let's just do 1D avatars
  919. MattJ I've seen discussion of star-shaped avatars for Conversations 3.0
  920. Zash or nD? how many dimension should you curl up the string of pixels into?
  921. mjk > let's just do 1D avatars that's... like... `alt`?
  922. adiaholic has left
  923. adiaholic has joined
  924. emus has joined
  925. mh has left
  926. adiaholic has left
  927. adiaholic has joined
  928. վարյա has left
  929. վարյա has joined
  930. adiaholic has left
  931. dwd has joined
  932. gooya has left
  933. gooya has joined
  934. arc has left
  935. arc has joined
  936. papatutuwawa has joined
  937. emus has left
  938. Link Mauve I’ve tried to associate emoji to the various stickers I’ve used today, but it’s pretty hard.
  939. Link Mauve Is it just me, or is it not fully doable?
  940. Zash Isn't that the point?
  941. Link Mauve Sure, but then the <desc/> might not really be usable.
  942. Link Mauve A proper description (what I’d put in an @alt text) would be better imo.
  943. rafasaurus has left
  944. adiaholic has joined
  945. Link Mauve larma, for the next version of XEP-0449, it would be very nice to have format agility too.
  946. Link Mauve Since (as moparisthebest exhibited) not every client supports SVG yet, it would be sensible to provide an AVIF fallback.
  947. Link Mauve And perhaps even resolution agility, since not everyone needs a 512×512 Marsay the Cat.
  948. Link Mauve Perhaps using multiple <file/> elements? But then the sources don’t match any longer…
  949. larma Link Mauve, format agility and not using <desc/> is also on the to do already (was discussed on standards@ IIRC)
  950. adiaholic has left
  951. Link Mauve Oh.
  952. larma I just didn't have a lot of time recently (did I mention we have video conferences in Dino :D)
  953. Link Mauve (Yes! <3)
  954. Link Mauve There should be a TODO section in experimental XEPs!
  955. Link Mauve So that we wouldn’t give feedback you already have thought about. :)
  956. arc has left
  957. arc has joined
  958. rafasaurus has joined
  959. Zash Aren't ProtoXEPs with TODO sections rejected?
  960. Link Mauve Are they?
  961. Link Mauve Make it “future work” then.
  962. emus has joined
  963. millesimus has left
  964. harry837374884 has joined
  965. arc has left
  966. arc has joined
  967. ti_gj06 has left
  968. adiaholic has joined
  969. Vidak has joined
  970. Wojtek has left
  971. adiaholic has left
  972. millesimus has joined
  973. dwd has left
  974. robertooo has left
  975. robertooo has joined
  976. moparisthebest TODO is short for "this will never be done ever" right ?
  977. djorz has left
  978. adiaholic has joined
  979. arc has left
  980. arc has joined
  981. djorz has joined
  982. msavoritias has left
  983. intosi has left
  984. msavoritias has joined
  985. intosi has joined
  986. adiaholic has left
  987. arc has left
  988. arc has joined
  989. floretta has left
  990. floretta has joined
  991. norkki has joined
  992. norkki has left
  993. arc has left
  994. arc has joined
  995. msavoritias has left
  996. msavoritias has joined
  997. millesimus has left
  998. adiaholic has joined
  999. ti_gj06 has joined
  1000. intosi has left
  1001. intosi has joined
  1002. Rixon 👁🗨 has left
  1003. homebeach has left
  1004. Matthew has left
  1005. uhoreg has left
  1006. Half-Shot has left
  1007. Half-Shot has joined
  1008. Matthew has joined
  1009. Rixon 👁🗨 has joined
  1010. uhoreg has joined
  1011. homebeach has joined
  1012. adiaholic has left
  1013. gooya has left
  1014. intosi has left
  1015. intosi has joined
  1016. gooya has joined
  1017. gooya has left
  1018. gooya has joined
  1019. ti_gj06 has left
  1020. arc has left
  1021. arc has joined
  1022. xnamed has left
  1023. intosi has left
  1024. intosi has joined
  1025. marc0s has left
  1026. marc0s has joined
  1027. arc has left
  1028. arc has joined
  1029. sonny has left
  1030. emus Kev, would you mind to join the GSoC muc to discuss or give your input on the task discussion? So asking for your GSoC experiences if you want to contribute to the discussion
  1031. emus gsoc@muc.xmpp.org
  1032. gooya has left
  1033. adiaholic has joined
  1034. andrey.g has joined
  1035. xnamed has joined
  1036. gooya has joined
  1037. Yagiza has left
  1038. harry837374884 has left
  1039. emus has left
  1040. adiaholic has left
  1041. gooya has left
  1042. gooya has joined
  1043. վարյա has left
  1044. floretta has left
  1045. floretta has joined
  1046. dwd has joined
  1047. Tobias has left
  1048. Tobias has joined
  1049. bung has joined
  1050. arc has left
  1051. arc has joined
  1052. marc0s has left
  1053. marc0s has joined
  1054. emus has joined
  1055. վարյա has joined
  1056. arc has left
  1057. arc has joined
  1058. Dele Olajide has joined
  1059. arc has left
  1060. arc has joined
  1061. mjk has left
  1062. mjk has joined
  1063. arc has left
  1064. arc has joined
  1065. Dele Olajide has left
  1066. Dele Olajide has joined
  1067. arc has left
  1068. arc has joined
  1069. me9 has joined
  1070. floretta has left
  1071. reimar has left
  1072. dwd has left
  1073. Andrzej has left
  1074. Andrzej has joined
  1075. intosi has left
  1076. intosi has joined
  1077. djorz has left
  1078. bung has left
  1079. msavoritias has left
  1080. jgart has left
  1081. Alex has left
  1082. floretta has joined
  1083. Alex has joined
  1084. gooya has left
  1085. Andrzej has left
  1086. gooya has joined
  1087. intosi has left
  1088. intosi has joined
  1089. me9 has left
  1090. arc has left
  1091. arc has joined
  1092. intosi has left
  1093. gooya has left
  1094. gooya has joined
  1095. djorz has joined
  1096. Dele Olajide has left
  1097. qrpnxz has joined
  1098. arc has left
  1099. arc has joined
  1100. stp has left
  1101. andrey.g has left
  1102. floretta has left
  1103. chronosx88 has left
  1104. Andrzej has joined
  1105. adiaholic has joined
  1106. bean has left
  1107. intosi has joined
  1108. marc0s has left
  1109. marc0s has joined
  1110. qwestion has joined
  1111. adiaholic has left
  1112. Tobias has left
  1113. qrpnxz has left
  1114. wurstsalat has left
  1115. intosi has left
  1116. djorz has left
  1117. pasdesushi has left
  1118. Menel has left
  1119. arc has left
  1120. arc has joined
  1121. Andrzej has left
  1122. arc has left
  1123. arc has joined
  1124. robertooo has left
  1125. robertooo has joined
  1126. sonny has joined
  1127. huhn has left
  1128. emus has left
  1129. arc has left
  1130. arc has joined
  1131. gooya has left
  1132. gooya has joined
  1133. Dele Olajide has joined
  1134. arc has left
  1135. arc has joined
  1136. Maranda[x] has left
  1137. Maranda[x] has joined
  1138. Dele Olajide has left
  1139. tykayn has left
  1140. wgreenhouse has left
  1141. floretta has joined
  1142. wgreenhouse has joined
  1143. goffi has left
  1144. atomicwatch has left
  1145. ponymontana has joined
  1146. ponymontana has left
  1147. bung has joined
  1148. intosi has joined
  1149. Dele Olajide has joined
  1150. Dele Olajide has left
  1151. Dele Olajide has joined
  1152. bung has left
  1153. marc0s has left
  1154. marc0s has joined
  1155. intosi has left
  1156. floretta has left
  1157. Dele Olajide has left
  1158. Dele Olajide has joined
  1159. arc has left
  1160. arc has joined
  1161. floretta has joined
  1162. restive_monk has joined
  1163. Dele Olajide has left
  1164. arc has left
  1165. arc has joined
  1166. Dele Olajide has joined
  1167. Dele Olajide has left
  1168. Dele Olajide has joined