On 2015-04-18 11:59, Thijs Alkemade wrote:
What do you mean with “SASL state”? All of the data the server has after a
SCRAM-SHA-1 exchange is either a) stored on the server, b) session specific.
You can’t derive a key from that which the server could not derive on its own.
During SCRAM, the
On 18 Apr 2015 11:34, Thijs Alkemade th...@xnyhps.nl wrote:
On 18 apr. 2015, at 11:59, Thijs Alkemade th...@xnyhps.nl wrote:
On 18 apr. 2015, at 11:42, Georg Lukas ge...@op-co.de wrote:
1. When a user logs in for the first time, an asymmetric keypair is
created (I was thinking of
Further,
I don't see why you couldn't have a bot that signs in to your account,
enables Carbons and then stores all messages in a local archive, which
could then be exposed via MAM to your other clients.
--
Kim Zash Alvefur
signature.asc
Description: OpenPGP digital signature
On 18 apr. 2015, at 11:59, Thijs Alkemade th...@xnyhps.nl wrote:
On 18 apr. 2015, at 11:42, Georg Lukas ge...@op-co.de wrote:
1. When a user logs in for the first time, an asymmetric keypair is
created (I was thinking of Curve25519, where key creation is almost
free). The private key
* Kim Alvefur z...@zash.se [2015-04-18 12:49]:
I don't see why you couldn't have a bot that signs in to your account,
enables Carbons and then stores all messages in a local archive, which
could then be exposed via MAM to your other clients.
How would that bot (or the off-server archive
On 18/04/2015 11:03, Dave Cridland wrote:
Between XEP-0355 and carbons, I think you're covered already, at first
thought.
Indeed the XEP-0355 has a mechanism to delegate MAM (or something else)
to any entity under the control of the user. The issue here is that the
data still go through the
Sounds like a really nice hack. A recombination of presence, disco and MAM
to gain a totally different user experience.
+1 for the idea :)
Not sure where to put this though. How about
XEP-1337 Hacks
:D
2015-04-18 5:24 GMT+02:00 Kurt Zeilenga kurt.zeile...@isode.com:
On Apr 17, 2015, at
Oh, my list is missing the carbons of course.
2015-04-18 10:58 GMT+02:00 Stefan Strigler stefan.strig...@gmail.com:
Sounds like a really nice hack. A recombination of presence, disco and MAM
to gain a totally different user experience.
+1 for the idea :)
Not sure where to put this though.
On 18 Apr 2015 03:58, Peter Saint-Andre - yet pe...@andyet.net wrote:
Ideally, to me, my message archive would be stored on a trusted device
that is under my control (say, a limited-access storage medium that I keep
in my house). This device could authenticate to my account and advertise
its
* Peter Saint-Andre - yet pe...@andyet.net [2015-04-18 04:59]:
[MAM privacy concerns]
I wholeheartedly agree with you here, but I would like to see another
solution to this - use of asymmetric crypto storage on the server, a la
Lavabit:
1. When a user logs in for the first time, an asymmetric
On 18 apr. 2015, at 11:42, Georg Lukas ge...@op-co.de wrote:
1. When a user logs in for the first time, an asymmetric keypair is
created (I was thinking of Curve25519, where key creation is almost
free). The private key is encrypted with a key derived from the user
password / SASL state
11 matches
Mail list logo
