AndrzejLink Mauve, I do not recall doing anything on the server around that time
Dele Olajidehas joined
jgarthas joined
Andrzejbut I might have an idea what is going on, thank you for reporting that
dwdhas joined
paulhas left
paulhas joined
millesimushas left
rafasaurushas joined
pasdesushihas joined
florettahas left
jgarthas left
jgarthas joined
jgarthas left
lskdjfhas joined
jgarthas joined
rafasaurushas left
rafasaurushas joined
kyemxdenhas joined
adiaholichas joined
florettahas joined
intosihas joined
xeckshas joined
florettahas left
florettahas joined
reimarhas joined
debaclehas left
adiaholichas left
intosihas left
arcxihas left
Matthew (away)has left
homebeachhas left
Rixon 👁🗨has left
Half-Shothas left
uhoreghas left
Half-Shothas joined
Matthew (away)has joined
Rixon 👁🗨has joined
uhoreghas joined
homebeachhas joined
Paganinihas left
marc0shas left
marc0shas joined
intosihas joined
Alexhas left
Alexhas joined
debaclehas joined
stphas left
intosihas left
goffihas joined
millesimushas joined
govanifyhas left
govanifyhas joined
govanifyhas left
govanifyhas joined
govanifyhas left
govanifyhas joined
chronosx88has left
marc0shas left
marc0shas joined
djorzhas joined
xeckshas left
xeckshas joined
xeckshas left
Syndacehas left
Syndacehas joined
xeckshas joined
florettahas left
intosihas joined
marc0shas left
marc0shas joined
rafasaurushas left
florettahas joined
marc0shas left
marc0shas joined
marc0shas left
marc0shas joined
marc0shas left
marc0shas joined
marc0shas left
marc0shas joined
adiaholichas joined
marc0shas left
marc0shas joined
rafasaurushas joined
ti_gj06has left
ti_gj06has joined
marc0shas left
marc0shas joined
intosihas left
marc0shas left
marc0shas joined
bunghas joined
Titihas left
marc0shas left
marc0shas joined
Danielhas left
Danielhas joined
marc0shas left
marc0shas joined
robertooohas joined
jgarthas left
florettahas left
florettahas joined
adiaholichas left
adiaholichas joined
debaclehas left
florettahas left
florettahas joined
adiaholichas left
adiaholichas joined
Matthew (away)has left
uhoreghas left
Rixon 👁🗨has left
homebeachhas left
Half-Shothas left
Half-Shothas joined
Matthew (away)has joined
Rixon 👁🗨has joined
uhoreghas joined
homebeachhas joined
intosihas joined
gooyahas joined
adiaholichas left
adiaholichas joined
intosihas left
marc0shas left
marc0shas joined
djorzhas left
marc0shas left
marc0shas joined
intosihas joined
adiaholichas left
marc0shas left
marc0shas joined
adiaholichas joined
marc0shas left
marc0shas joined
marc0shas left
marc0shas joined
marc0shas left
marc0shas joined
adiaholichas left
marc0shas left
marc0shas joined
adiaholichas joined
marc0shas left
marc0shas joined
intosihas left
wurstsalathas left
wurstsalathas joined
Titihas joined
dan.caseleyhas left
dan.caseleyhas joined
marc0shas left
marc0shas joined
Calvinhas joined
Titihas left
Paganinihas joined
andrey.ghas joined
Titihas joined
Dele Olajidehas left
marc0shas left
marc0shas joined
Mikaelahas left
Andrzejhas left
Calvinhas left
Calvinhas joined
atomicwatchhas joined
me9has joined
qwestionhas joined
adiaholichas left
Calvinhas left
qwestionhas left
birdwqhas joined
debaclehas joined
qwestionhas joined
wurstsalathas left
Samhas left
Samhas joined
wurstsalathas joined
intosihas joined
rafasaurushas left
Thilo Molitorhas left
rafasaurushas joined
Thilo Molitorhas joined
adiaholichas joined
Andrzejhas joined
guus.der.kinderenhas left
guus.der.kinderenhas joined
me9has left
intosihas left
intosihas joined
arcxihas joined
adiaholichas left
nicolahas joined
nicolahas left
nicolahas joined
xnamedhas joined
debaclehas left
nicolahas left
nicolahas joined
nicolahas left
nicolahas joined
nicolahas left
stphas joined
nicolahas joined
Titihas left
Andrzejhas left
florettahas left
Calvinhas joined
florettahas joined
stphas left
stphas joined
intosihas left
beanhas left
nicolahas left
edhelashas left
edhelashas joined
guus.der.kinderenhas left
edhelashas left
restive_monkhas left
edhelashas joined
andrey.ghas left
Matthew (away)has left
uhoreghas left
Rixon 👁🗨has left
homebeachhas left
Half-Shothas left
Half-Shothas joined
Matthew (away)has joined
Rixon 👁🗨has joined
uhoreghas joined
homebeachhas joined
guus.der.kinderenhas joined
yushyinhas left
arcxihas left
arcxihas joined
yushyinhas joined
gooyahas left
adiaholichas joined
gooyahas joined
xnamedhas left
xnamedhas joined
chronosx88has joined
Titihas joined
Calvinhas left
wladmishas joined
dwdhas left
intosihas joined
marc0shas left
marc0shas joined
Tobiashas left
Tobiashas joined
goffihas left
chronosx88has left
chronosx88has joined
Mikaelahas joined
intosihas left
adiaholichas left
adiaholichas joined
restive_monkhas joined
goffihas joined
neshtaxmpphas left
neshtaxmpphas joined
adiaholichas left
adiaholichas joined
neshtaxmpphas left
neshtaxmpphas joined
Calvinhas joined
neshtaxmpphas left
neshtaxmpphas joined
mhhas joined
wladmishas left
Calvinhas left
adiaholichas left
debaclehas joined
neshtaxmpphas left
djorzhas joined
neshtaxmpphas joined
Andrzejhas joined
intosihas joined
marc0shas left
marc0shas joined
adiaholichas joined
neshtaxmpphas left
neshtaxmpphas joined
harry837374884has left
Calvinhas joined
wladmishas joined
Andrzejhas left
harry837374884has joined
intosihas left
restive_monkhas left
adiaholichas left
kyemxdenhas left
goffihas left
adiaholichas joined
kyemxdenhas joined
intosihas joined
restive_monkhas joined
neshtaxmpphas left
neshtaxmpphas joined
restive_monkhas left
wladmishas left
wladmishas joined
govanifyhas left
govanifyhas joined
intosihas left
robertooohas left
BASSGODhas left
harry837374884has left
wladmishas left
wladmishas joined
intosihas joined
reimarhas left
djorzhas left
reimarhas joined
harry837374884has joined
argentumhas left
argentumhas joined
BASSGODhas joined
adiaholichas left
adiaholichas joined
dan.caseleyhas left
dan.caseleyhas joined
Andrzejhas joined
neshtaxmpphas left
neshtaxmpphas joined
intosihas left
stphas left
florettahas left
BASSGODhas left
adiaholichas left
neshtaxmpphas left
Andrzejhas left
neshtaxmpphas joined
qwestionhas left
BASSGODhas joined
adiaholichas joined
neshtaxmpphas left
neshtaxmpphas joined
wladmishas left
wladmishas joined
robertooohas joined
kyemxdenhas left
kyemxdenhas joined
florettahas joined
bunghas left
me9has joined
adiaholichas left
pasdesushihas left
pasdesushihas joined
wladmishas left
wladmishas joined
harry837374884has left
harry837374884has joined
intosihas joined
wladmishas left
wladmishas joined
Andrzejhas joined
marc0shas left
marc0shas joined
jgarthas joined
mjkhas left
mjkhas joined
alacerhas left
alacerhas joined
intosihas left
djorzhas joined
ti_gj06has left
robertooohas left
debaclehas left
debaclehas joined
pasdesushihas left
eevvoorhas left
atomicwatchhas left
neshtaxmpphas left
Dele Olajidehas joined
neshtaxmpphas joined
mjkhas left
Dele Olajidehas left
intosihas joined
wladmishas left
wladmishas joined
mjkhas joined
wladmishas left
wladmishas joined
marc0shas left
marc0shas joined
alex11has left
Link MauveNo worries, it just popped up in poezio and I thought you’d be interested. :)
atomicwatchhas joined
karoshihas left
ti_gj06has joined
wladmishas left
wladmishas joined
reimarhas left
beanhas joined
stphas joined
larmahas left
larmahas joined
karoshihas joined
intosihas left
wladmishas left
wladmishas joined
intosihas joined
wladmishas left
wladmishas joined
wladmishas left
wladmishas joined
me9has left
wladmishas left
wladmishas joined
moparisthebestHow would people feel if instead of migrating to srv2 we just crammed everything in host-meta over https ?
marc0shas left
marc0shas joined
Mikaelahas left
moparisthebestEverything as in starttls, direct TLS, quic, posh replacement pinning keys instead of certs etc
Link Mauvemoparisthebest, and require an entire HTTP stack just for connecting?
Link MauveNothanks.
adiaholichas joined
intosihas left
moparisthebestLink Mauve: you already need a whole http stack
moparisthebestAlso I've given up hope in dnssec
Link MauveYou don’t.
Link MauveI have written many clients and some servers without doing a single HTTP request.
Link MauveGeneral-purpose clients will need that for HTTP File Upload, but that’s kind of the only one?
Matthew (away)has left
uhoreghas left
homebeachhas left
Rixon 👁🗨has left
Half-Shothas left
Half-Shothas joined
Matthew (away)has joined
Rixon 👁🗨has joined
uhoreghas joined
homebeachhas joined
adiaholichas left
goffihas joined
Thilo Molitorhas left
xeckshas left
robertooohas joined
xnamedhas left
xeckshas joined
Matthew (away)has left
Rixon 👁🗨has left
uhoreghas left
homebeachhas left
Half-Shothas left
Half-Shothas joined
Matthew (away)has joined
Rixon 👁🗨has joined
uhoreghas joined
homebeachhas joined
Thilo Molitorhas joined
marc0shas left
marc0shas joined
moparisthebestLink Mauve: so how do you handle secure delegation for hosted XMPP without an http client for posh or widespread dnssec?
Link MauveHow many clients do POSH?
Link MauveLast time I tried, it wasn’t worth it using for our hosted service.
flowmoparisthebest, I think one reason, if not the main reason, that DNSSEC did no see wide adoption in the last decade is that it does not provide much to closed-silo networks: if you control all clients and all servers, then you probably just pin the TLS certs (and maybe even the IPs)
mhhas left
moparisthebestLink Mauve: right, it's not widely supported, and that's a problem
marc0shas left
Link MauveSo instead we recommend our users to use a CNAME delegation, it creates worse-looking JIDs but that’s the safest way.
marc0shas joined
adiaholichas joined
moparisthebestWe can kill 8 birds with 1 https request here
ZashNoooooooooooooooooooooooooooooooooooooooooooo
moparisthebestflow: right I'm concerned with the open federated network
millesimushas left
Andrzejhas left
moparisthebestLink Mauve: cname delegation is a hack that doesn't work for most of the names people want
Link MauveDo people care?
Andrzejhas joined
Link MauveOur users don’t seem to at least.
moparisthebestI couldn't move my names to a hosted service for instance
moparisthebestIf they did do they have a choice?
Link MauveYou could, by providing us your certificates.
marc0shas left
marc0shas joined
moparisthebestYou have an automated way to send you certificates every 60 days?
Link MauveThey do have a choice, it’s only the automated setup which requires a CNAME, you can contact us for anything more specialised.
Link MauveIt’d be a ssh away if anyone requested that.
Link MauveSo far, none of our ~70 domain owners did.
flowmoparisthebest, personally, I am not willing to give up on DNSSEC, as I think it becomes more and more available. People just overestimated how fast it would be deployed and "replace" the existing status quo. That appears to be an pattern that repeats again and again in tech
moparisthebestI'm not interested in XMPP for the status quo 20 years ago, I'm interested in XMPP for the real world of today
Link MauveSame.
moparisthebestToday, when all certs are renewed every 60 days and you can't count on dnssec
Yagizahas left
moparisthebestI think that paints us into a corner of using https for secure delegation
moparisthebestBut happy to have other alternatives
adiaholichas left
Zashflow, did you say IPv6?
Link Mauvemoparisthebest, do you want to suddenly make all of our users unable to delegate to us, unless they change their DNS configuration? :)
flowZash, yep, another example was when the EU (or was it just germany?) tried to replace FM radio in cars with DAB ~10-15 years ago
moparisthebestLink Mauve: why wouldn't that continue to work? But they could also let you host XMPP for their top level domain while still running their own https/email etc
Link Mauvemoparisthebest, and have to migrate their JID?
moparisthebestWhy would anyone have to change anything?
Link MauveSome of our users don’t even host an HTTP server.
moparisthebestIt opens it up to doing this with top level domains that is not available now
Link MauveNot on the apex nor anywhere else.
moparisthebestRight, all that continues to work...
Link MauveWith your solution, they would have to do so.
moparisthebestNo, you would, you're the XMPP host ✏
moparisthebestIt's not like srv would cease working...
lskdjfhas left
lskdjfhas joined
mhhas joined
stphas left
lskdjfhas left
lskdjfhas joined
moparisthebestTldr we need a way to advertise quic, we need a way to pin keys, we need secure delegation
moparisthebestWe can add another srv/srv2 record, and a replacement for posh, and end up with 4 https requests and 3 srv lookups for connection
moparisthebestOr, we can decide existing host-meta is the way forward for new things and extend it
stphas joined
moparisthebestExtending host-meta seems like the clear winner to me?
lskdjfhas left
lskdjfhas joined
flowmaybe, does one exclude the other?
flowI'd treat is as everything tech related, experiment with it, and see how it works out
Andrzejhas left
millesimushas joined
adiaholichas joined
lskdjfhas left
lskdjfhas joined
larmahas left
larmahas joined
pjnhas left
pjnhas joined
larmahas left
lskdjfhas left
larmahas joined
lskdjfhas joined
pasdesushihas joined
florettahas left
ZashNooooooo, it'll catch on and then we're stuck with it forever
adiaholichas left
wladmishas left
wladmishas joined
wladmishas left
wladmishas joined
wladmishas left
wladmishas joined
marchas left
marchas joined
intosihas joined
marchas left
marchas joined
marchas left
marchas joined
marchas left
marchas joined
marchas left
Andrzejhas joined
marchas joined
dwdhas joined
marchas left
marchas joined
marchas left
Calvinhas left
marchas joined
marchas left
marchas joined
marchas left
marchas joined
marchas left
marchas joined
Matthew (away)has left
Rixon 👁🗨has left
uhoreghas left
homebeachhas left
Half-Shothas left
Half-Shothas joined
Matthew (away)has joined
Rixon 👁🗨has joined
uhoreghas joined
homebeachhas joined
marchas left
marchas joined
flowha, being stuck with a kindaish works thingy forever, even though better things are available, is also a repeating pattern: xep27 anyone? or old-omemo?
florettahas joined
marchas left
marchas joined
marchas left
marchas joined
marchas left
marchas joined
marchas left
marchas joined
flowbut you can't stop people from "experimenting" with stuff, and if it gets momentum and adoption, than it basically can't bet stopped (and also, why would you, if it remedies an itch ppl have?)
marchas left
marchas joined
marchas left
marchas joined
marchas left
wladmishas left
wladmishas joined
marchas joined
marchas left
marchas joined
dwdhas left
marchas left
marchas joined
marchas left
intosihas left
marchas joined
reimarhas joined
marchas left
marchas joined
marchas left
adiaholichas joined
marchas joined
moparisthebestWell you really don't want both or everyone is stuck doing all the things forever
moparisthebestBut yea I'll probably experiment, that's what xmpp-proxy was built for