-
Kev
emus: Great, thank you!
-
emus
With pleasure!
-
vanitasvitae
The current situation around Ukraine and especially Russia really shines another light on disappearing (self-destructing) messages.
-
vanitasvitae
Maybe those should be revisited
-
MattJ
vanitasvitae: what's the connection exactly?
-
vanitasvitae
I feel like for people in russia who are chatting with people from abroad, now is possibly a good time to activate disappearing messages when talking about certain topics / naming certain events
-
Guus
There are reports of people being stopped by authorities in the street, not being allowed to leave until they've looked at your phone. I'm not sure if this is new, or not happening in other places - but I can see how this supports the argument for having ephemeral messages.
-
vanitasvitae
exactly
-
Guus
Not sure if there ever was an argument to not have a XEP for ephemeral messages?
-
Guus
A quick google results in https://xmpp.org/extensions/inbox/ephemeral-messages.html
-
vanitasvitae
I can only speak for myself, but I mostly rejected the idea so far, as the sender cannot guarantee that the receiver really deletes the message. I have not really considered that ephemeral messages are also intended to protect the sender
-
vanitasvitae
But I changed my mind 🙂
-
Zash
Push for clients to have a "clear the last n minutes of history" button or something? Doesn't strictly have to be a protocol
-
Zash
And will you always know ahead of time what messages may be considered incriminating in the future?
-
vanitasvitae
I like signals model of activating disappearing messages per conversation
-
MattJ
vanitasvitae, Conversations already supports clearing history after a period of time
-
Guus
If other IM solutions have forms of ephemeral messages, then that's a strong suggestion that there is a end-user desire to have this. I'm not sure if it is up to us to debate if that demand is valid. With that in mind, 'properly' supporting it with a XEP seems reasonable. I'm not sure if we can reasonably guarantee that messages are indeed removed (as we can't control the implementation), but that's a matter for the security notes in the XEP, I think.
-
qy
"ephemeral encryption" might be more useful. Not so much "clear recent history", but if you delete the keys to an encrypted message, useful metadata remains, but incriminating content gone, and with OMEMO using a key-per-message, quite possible
-
Zash
Isn't OMEMO already like that?
-
qy
Most impls store all key for all messages forever and give no option to delete them
-
qy
But yes with a client reset, it would be
-
qy
No perfect forward secrecy
-
Daniel
I'm reasonably certain that most implementations throw the key away but keep a plain text copy of the message
-
qy
Oh thats even worse
-
emus
MattJ, ralphm, arc, jcbrand: any vetos to add the members list to the community/maillists page? https://mail.jabber.org/pipermail/members/
-
emus
I think its missing there
-
emus
https://xmpp.org/community/mailing-lists/
-
Sam
It's an internal list that people can't join so it doesn't seem useful to have it on a community mailing lists page
-
emus
agreed. but maybe we should have it there out if completeness
-
ralphm
Well, the archives are public, so I don't mind adding it there, with the note that you have to be a member to be able to subscribe. Or somesuch.
-
emus
of course
-
Sam
oh I was thinking the archives were private; nevermind, that makes sense then
-
emus
FYI
-
emus
https://summerofcode.withgoogle.com/programs/2022/organizations/xmpp-standards-foundation
-
emus
Yes, I am fixing things already 🙂
-
moparisthebest
microsoft just emailed me a security code and it was "5222" <_< >_>
-
Zash
thanks for sharing that
-
emus
😀
-
emus
Thats a sign!
-
moparisthebest
yea a sign *they* are watching
- moparisthebest pulls tin foil hat on tighter
-
mjk
Scary
-
emus
https://twitter.com/xmpp/status/1500966819045199873 https://fosstodon.org/web/@xmpp/107917701995916850
-
moparisthebest
Excellent work again emus
-
emus
😙️ Thanks you moparisthebest ❤️