XSF Discussion - 2022-04-08

  1. Tobias

    Is there a way to auto subscribe to private pep nodes without putting them all in caps?

  2. Tobias

    I was considering the use case where I have a private pep node per roster contact. Or is that the wrong technology to use in that case?

  3. Kev

    It is, you'd have one item per contanct, rather than one node.

  4. Kev

    It is, you'd have one item per contact, rather than one node.

  5. Tobias

    ahh...i see

  6. mjk

    A "purely hypothetical" question: In an established omemo session, one side has "rewound" its omemo state to some point far in the past (= backup restored). The server archive doesn't hold _all_ the messages exchanged since then, oldest ones being purged. Is it possible to "fast-forward" the omemo state so as to be able to decrypt the more recent history, or was the purged part of history somehow essential to being able to do that?

  7. lovetox

    in omemo messages can be skipped

  8. lovetox

    but only until some amount as i recall it

  9. lovetox

    but not sure anyone has tested this

  10. lovetox

    i guess if this wasnt the case it would be very fragile

  11. lovetox

    like one message missed and your session is dead

  12. lovetox

    the fact that i have sessions that are years old would hint that its not that fragile

  13. wgreenhouse

    I think that's implementation dependent

  14. wgreenhouse

    IIRC Conversations can heal a gap of something like 1000 messages

  15. lovetox

    its not really, we all use libsignal code, or ports of the code

  16. lovetox

    nobody invents or modifies the crypto

  17. mjk

    Hmm. So, I take it as "if implementation is willing to forward the ratchet a gazillion of steps until it generates a key that can decrypt the oldest archived message, there's nothing in the crypto preventing that"

  18. mjk

    And that Canv. apparently stops trying after 1000 iterations

  19. mjk

    And that Conv. apparently stops trying after 1000 iterations

  20. vanitasvitae

    mjk: No, because during message exchange its likely that the receiving chain is forwarded, which triggers a new key derivation including some randomness. Therefore an old backup would result in the omemo session breaking, resulting in a new session.

  21. vanitasvitae

    This property is the "breaking recovery" part of the signal protocol.

  22. mjk

    vanitasvitae: thanks for the expert insight. I assumed the randomness is pseudo-, and the PRNG's state is part of that backed up omemo state; apparently, not?

  23. vanitasvitae

    No, the PRNGs state is not saved

  24. vanitasvitae

    That would defeat the purpose :D

  25. mjk

    Okay

  26. mjk sad (the "purely hypothetical" was sarcasm :))

  27. moparisthebest

    XEP-XXXX: Save OMEMO state and all messages un-encrypted on Apple's server to compete with iMessage

  28. Zash

    XEP-YYYY: Upload your private key to Google

  29. mjk

    Stahp