XSF Discussion - 2022-12-06


  1. nicomuc

    Tonight’s event is not on the XSF calendar, is this intended?

  2. MattJ

    emus: I'll be there

  3. emus

    nicomuc: no, but I have never dealt with it ralphm:

  4. goffi

    https://blog.keyoxide.org/xmpp-claims-vcard/ ==> maybe we should clean this vcard situation once for all, get rid of vcard-temp and IQ protocol in XEP-0292 to only use pubsub.

  5. MattJ

    That's not really the problem though, although the post makes it seem like it is

  6. MattJ

    The ultimate problem is that we are moving towards profiles that are not public by default, but non-public profiles are incompatible with keyoxide's requirements

  7. MattJ

    So it makes it sound like this is due to a "transition between standards", but it's more about "dropping the legacy world-readable profiles"

  8. goffi

    we can make them public with an open access model

  9. MattJ

    I've already contacted the author/developer and we're going to chat about how to solve keyoxide's requirements

  10. goffi

    but it would be better to be able to choose which data is public and which is not

  11. MattJ

    Sure. If you make them public then everything is fine.

  12. goffi

    with pubsub encryption, it could be possible to have several vcards, the public one, and other one restricted to some users.

  13. Zash

    One obvious piece is that <DESC> has no equivalence in vcard4, so in Prosody we convert it to <note>, but that does have an equivalent <NOTE> element when converted back to vcard-temp.

  14. Andrzej

    simple solution would be to have 2 pubsub nodes with different settings for vcard4 (one public and second one for "friends")

  15. goffi

    You may not want to have your server admin to access some vcard data, pubsub encryption is a better option IMHO (also you have a single node, no need to look for the node id to use).

  16. Andrzej

    I'm not convinced to encrypted pubsub for vcard

  17. Zash

    Encryption isn't going to solve this issue tho, quite the opposite.

  18. goffi

    Zash: why?

  19. MattJ

    The goal is to publish public information

  20. Zash

    Publish a proof to keyoxide and anyone who wants to verify, thus if anything signing may be helpful, but not encryption.

  21. goffi

    My proposal is to have several items, one bein plain text, and the other ones encrypted. You may want to have your nickname in public item, and phone number encrypted only for friends.

  22. singpolyma

    goffi: I have drafted https://github.com/xsf/xeps/pull/1246 about gitting rid of the iq

  23. goffi

    Zash: for keyoxide stuff, you put in plain text item.

  24. goffi

    singpolyma: great

  25. MattJ

    goffi, so what solves it is having an "always public" part, not encryption

  26. singpolyma

    MattJ: ideally we wouldn't require this binary "world readable vs not" choice. There's no reason we can't send different vcards to different people, one for public, one with more for contacts at the very least

  27. MattJ

    singpolyma, the XEP editor (hehe) awaits your submission :)

  28. singpolyma

    MattJ: doesn't really need a xep, IMO, there's nothing against the current specs to do that

  29. MattJ

    I don't see how you can do it without a XEP

  30. singpolyma

    you mean in terms of how will the user configure what to send to who?

  31. MattJ

    or are you saying the server should hard-code rules about what is public and what is not?

  32. Zash

    singpolyma, feel free to steal and complete all of my WIPs from https://github.com/xsf/xeps/compare/master...Zash:xep-0292-updates

  33. singpolyma

    MattJ: hard-coding would be the simplest way, but obviously not useful in all cases. If I were running a service for it I would expose an ad-hoc command that allowed this config. But for example something like snikket could also do it in the Web UI instead if that's preferred

  34. Zash

    And not all clients even have a way to view or edit vcards.

  35. singpolyma

    for sure, that's fine. not every clients needs to support every thing :)

  36. singpolyma

    Though I do want to add that to mine

  37. Zash

    complicates their use case tho

  38. singpolyma

    for keyoxide? I mean, their users are pretty techy so if there's a how-to for several well-known clients it's probably doable for them

  39. emus

    XMPP End of the Year Talk 2022! Starting in about 30 mins! https://socialcoop.meet.coop/sam-pku-dud-niv

  40. Menel

    I managed keyoxide with gajim.. But many people had indeed problems. Even generally tech affine people.

  41. Zash

    It was me! I broke it!

  42. emus

    Hmm, I am not amused. One needs to activate a BBB session? we cannot join until someone "starts" it?

  43. moparisthebest

    emus, is Sam around to activate it ?

  44. emus

    nope

  45. emus

    fun

  46. singpolyma

    do we need another option? I can offer one if needed

  47. emus

    is it jitsi or BBB?

  48. emus

    I have one open already

  49. emus

    (an alternative)

  50. singpolyma

    if you have something already that's fine. I have access to another BBB

  51. emus

    can you get it ready? but please wait until I confirm to post before people run crazy.

  52. moparisthebest

    everyone post different room links in 3... 2...

  53. emus

    my god, how I hate this...

  54. MSavoritias (fae,ve)

    Last time i used BBB i swear it had a start room without me setting..

  55. moparisthebest

    eh don't worry about it, these things are to be expected

  56. emus

    anyone able to login? https://socialcoop.meet.coop/sam-pku-dud-niv

  57. moparisthebest

    I'm on: > The meeting hasn't started yet. > You will automatically join when the meeting starts.

  58. MSavoritias (fae,ve)

    Nope doesnt work

  59. MSavoritias (fae,ve)

    Me too

  60. nicomuc

    sa,e

  61. emus

    🤬️

  62. nicomuc

    same

  63. emus

    okay, plan B activating...

  64. edhelas

    Nope doesn't work

  65. edhelas

    Time to launch the Matrix conference room ?

  66. MattJ

    Me too ;)

  67. emus

    Everyone interested in the XMPP End of the Year talk, please join here: https://bbb.sfconservancy.org/b/ste-fdo-qen (technical issues as always)

  68. Zash

    So we can chat over the Prosody in the embedded Jitsi Meet in Matrix?

  69. emus

    Twitter user = Fosstodon user after two years! (only 100-200 related to recent situation)

  70. emus

    https://jabbers.one:5281/upload/WimIkcmfCUVKdNB1II_an6Cj/4271647d-c2e5-47a8-8e58-804269bac5e2.png

  71. nuron

    Fediverse rulz 😎

  72. emus

    FYI https://wiki.soprani.ca/ClientIssues

  73. moparisthebest

    thanks goffi & mathieui for the pandoc suggestion it worked out well https://www.moparisthebest.com/slides/slides.sh

  74. emus

    👌

  75. Ingolf

    Thank you for the interesting event.

  76. emus

    Con gusto!

  77. edhelas

    Yeah, was nice, thanks 👍

  78. moparisthebest

    singpolyma: re: host-meta, another argument for not SRV is I want a place to put the ECH secret

  79. moparisthebest

    I need to just write it up to get the discussion going...

  80. singpolyma

    I'm just pretty grumpy about anything that involves http

  81. moparisthebest

    I don't actually blame you, it's just DNS and DNSSEC is so depressing

  82. moparisthebest

    We could have such nice things!!!

  83. singpolyma

    Apparently conversations has DNSSEC support disabled by default because just asking for DNSSEC stuff can hang the connection on some DNS servers? I'm just reading some historical reports, not sure what actually causes the reported failure mode

  84. Zash

    Stop enabling the middlebox vendors by putting everything in HTTP! 🧐️

  85. singpolyma

    I mean, can get DNSSEC even in that case because of DoH

  86. moparisthebest

    Seriously though, does anyone think we can get an XMPP DNS record type widely adopted the same way the https one is?

  87. moparisthebest

    If someone wants to try I'll help, but I honestly can't see it succeeding

  88. Zash

    Just use the generic one that is identical to HTTPS?

  89. Zash

    Or even more evil, hijack the HTTPS RR type

  90. Zash

    Obviously the SVCB one will never work

  91. singpolyma

    Not a new record type, no. But between src and txt does anyone ever truly need a new type?

  92. moparisthebest

    iirc it didn't have everything we need, but I'll look again

  93. Zash

    SVCB? The one that lets you put arbitrary pseudo-RR types in it?

  94. singpolyma

    Not a new record type, no. But between srv and txt does anyone ever truly need a new type?

  95. Zash

    I bet you could do DNS over HTTPS-the-RR-type

  96. moparisthebest

    Those types are the ones that need defined, like https

  97. Zash

    Write "subtype X is a thing" and submit to IANA

  98. Zash

    I mean SVCB/HTTPS has A, AAAA, TLSA and some more stuff already

  99. moparisthebest

    Oh I'm sure we could get iana to approve it, but getting support in any DNS dashboards or anything other than bind seems impossible

  100. moparisthebest

    Meanwhile we can (unfortunately) use host-meta and get anything we need with secure delegation today

  101. mjk

    call the XEP dns-temp ;)

  102. Zash

    We should just rename XMPP to IM-TEMP to really cement our infinite existence

  103. mjk

    :D

  104. moparisthebest

    Nice