Gajim - 2017-06-14

  1. Guillaume Hi everyone. I'm using Gajim with a Prosody server and a TLS certificate signed by Let's Encrypt. The cert is renewed every 2 months and Gajim always prints a warning when I reconnect for the first time after a renew because the certificate's fingerprint changed. Is it normal to have this kind of warning even if the certificate is perfectly good?
  2. Asterix Guillaume: You probably have a too old Gajim version.
  3. pep. Asterix, isn't that normal behavior? I'd hope so
  4. pep. Unless you can validate that it's the same key, right
  5. Asterix no it's not. Even is fingerprint changes, if the cert is valid, there is no reason we get a warning
  6. bot Yann Leboulanger pushed 2 commits to branch _refs/heads/master_ of _gajim_ <>: *2c24c5a1* <> fix frong commit from 2fbadc91 *4f7b7288* <> Merge branch 'master' of
  7. pep. Asterix, yes there is a reason, the cert changed and so possible mitm
  8. Asterix not if it is valid. nowadays, with letsencrypt, cert change often. Your users don't know and care when it changes. You should not annoy thm with something they don't understand
  9. pep. yes mitm is possible with a valid cert. Less probable, that's it
  10. pep. Because of traceability among others
  11. lovetox pep, thats nothing gajim has to fix. It has no value to present the user with information that most of them dont understand, quite contrary it teaches the user to ignore warning message
  12. lovetox also why only a xmpp server has to inform the user about a changed cert? what about all the websites i serv everyday, i never received a message of changed fingerprints :)
  13. lovetox *xmpp client
  14. pep. if only DANE was a thing :(
  15. bot Yann Leboulanger pushed 1 commit to branch _refs/heads/master_ of _gajim_ <>: *388acfca* <> fix logging single messages. Fixes #8640
  16. bot Yann Leboulanger pushed 1 commit to branch _refs/heads/master_ of _gajim_ <>: *0d3ce37b* <> fix a test. Fixes #8660
  17. Asterix lovetox, What do you think about
  18. Asterix If we set new constamts, indeed current Gajim won't annoucne :5 while it does :3
  19. Asterix or ... I'm wondering, the Gajim part of JingleFT isn't change to go to :5, right?
  20. Asterix so juste updating nbxmpp to :5 constants and new hash algo will be compatible with current Gajim code, no?
  21. lovetox Asterix, if we up the constant, everyone who installs that new nbxmpp version will anounce JingleFT as :5
  22. lovetox but we didnt actually incoporate the changes that 4 and 5 made
  23. Asterix yes, but if Gajim don't need any change to support it, no problem. But it needs modifications
  24. Asterix so ok Link Mauve will update his MR to add new constants
  25. lovetox Link Mauve writes a jingle implementation that runs on his server, it still lacks socks5, but once he has that running, he maybe can update his MR to incorporate the changes we need to make 5 running
  26. Asterix yep, it's already un MR 89
  27. Asterix without S5B ...
  28. bot Yann Leboulanger pushed 4 commits to branch _refs/heads/master_ of _python-nbxmpp_ <>: *f3e5659c* <> Fix the namespace of the XEP-0300 hashes It was taken from a wrong example instead of from the registry. *997b3516* <> Update JingleFT and Hashes to their latest experimental version *cbc2bae8* <> Update hash calculation to the latest recommendation *ce015edb* <> Merge branch 'jingleft' into 'master' Update JingleFT and Hashes to their latest experimental version See merge request !7
  29. bot Yann Leboulanger pushed 1 commit to branch _refs/heads/master_ of _gajim_ <>: *44430988* <> update dep list