XMPP/Jabber protocol makers are uniting this Thu 30 and Fri 30 at the XMPP Summit in Brussels, Belgium, right before the FOSDEM

They will be iterating on the protocol, to make it better for YOU!

What improvements would love to see happening soon?

@xmpp not sure if this is in scope: OMEMO has nicely evolved, however i still struggle to keep it stable in a Multi Device/Client setup and MAM. Might be my failure though 🙃

@aslmx @xmpp You're not the only one having issues with OMEMO and multiple clients. I would like to see improvements here as well.


I would like to see in #xmpp:

* better support of #omemo XEP-0384

* an extension for cacheable media, so a feature like "stickers" could be implemented

The current state of omemo restricts the choice of clients significantly if multi-device crypto is a requirement.

While a "Sticker"-Feature may seem unimportant for people which favor pure text communication, it is desired by many other people. Sadly I didn't manage to get my ideas into a proposal.

sticker feature is just image sharing. We should ask for it not to xmpp, but to clients developers


> While a "Sticker"-Feature may seem unimportant

It does not “seem” unimportant. It *is* a completely inconsequential, vapid #marketing gimmick.

It's just a fucking #image for god's sake. Doesn't your client already have a “send image” option?

That is exactly what one of my contacts does. I just assumed that she'd downloaded an image pack from somewhere on the internet. Now I realise it apparently came bundled with some other app.


@bg @xmpp Yeah I'd also argue to not spend any time on this. It's a niche feature that is already supported by the protocol.
Client devs can just have their own hosted sticker pack and send them using a public URL. Those messages will be loaded like images in clients with HTTP Upload support enabled.

@stevenroose @xmpp
I think the special property of stickers is that they are cached and may be located using content based addressing.

This distinguishes them in a significant way from uploaded images.

A client side cache would be significant in applications with limited bandwidth.

Http uploads (XEP-0363) don't seem suited for this kind of use.

At least I could easily see how to build a feature based on this.

@xmpp Polls would be nice.
And (more) clients implementing audio and video chat.

@allo @xmpp Polls are no priority at all IMO. One can always do polls with text. (With "slings" where people copy the same message adding their name in one of the options. We that all the time.)
But definitely a +1 for A/V. I hate to have to use WA or Signal to call people abroad all the time.

They are no priority for me as well. But for such an open question they are something to add, what may not be a topic, yet. I guess A/V calls are wanted since a long time, but they are not so easy to implement.


@Muto @xmpp I second that! Thought I might generalize to just better iOS clients. Bookmarks sync is also mostly absent.

@Muto @xmpp Let's be honest: we need Conversations for iOS ;)

@xmpp better description of available services/bridges, under the end user's point of view. Among them, I wish the video call to be implemented, better SIP support

@XSF: XMPP Standards Foundation why developing new chat protocol if there is already matrix for so long.

@muppeth @xmpp What lol? Is this a troll account? #Jabber/#XMPP chat is 20 years old. #Matrix is 5 y/o.

Troll post, not a troll account. Muppeth runs and he IS my XMPP provider.
@muppeth @xmpp

@xmpp I think an extension to the #OMEMO protocol to have clients accept new keys automatically once they are signed by an already trusted key from the same contact. When a new device comes online, one of your existing clients can prompt you with "We saw your new device, is this the fingerprint: DEADBEEFDEADBEEF?" then you can verify this yourself and your contacts will automatically accept the new key without any obstacles.

@xmpp An alternative to that would be a protocol to do Signal-like transfer of keys from one device to another. With those clients, when you login to a new device, it asks you to scan a QR code from your old device, to copy the private key.
This would make addressing missing history problems for businesses also a lot better.


That would work, but doesn't that defeat the purpose of forward secrecy in the first place? All you have to do is “borrow” your target's device for a few moments and then you have access to their whole history (and future comms) with them being none the wiser. 🤷


@0 @xmpp Hmm, there's 2 aspects:
(1) in principle, it'd be opt-in to do this so a user could be warned for the implications of sharing his keys on all his devices.
(2) OTOH, only the fact that clients will have a UI for grabbing the key out of a device means indeed that you are vulnerable for an attacker that controls your client for a while.

A good client could overcome both by f.e. showing good warnings for (1) and asking an additional password for (2).


Yeah I reckon with (2) it would work. Nonetheless, I'm surprised old keys are kept at all—as I said, that seems to defeat the purpose of the whole exercise.


@stevenroose @xmpp Any and all improvements to OMEMO key exchange would be welcome! In real-world usage, there are definitely still teething pains, especially with multiple devices and new contacts.

@Mopp :debian: @XSF: XMPP Standards Foundation monal and siskin are doing quite ok. Once the omemo mess is figured, things should work well

dev in particular seems to be very dedicated so as much as I have no clue about apple stuff, recommending monal instead of chatsecure at this point makes more sense.
@Mopp :debian: @XSF: XMPP Standards Foundation Sorry thew link got screwed and seems like mastodon does not accept hubzilla's post edits so need to post it here again

A better name than XMPP? 1. No one uses Jabber™ anymore or they think it's Cisco Jabber™ 2. Very user unfriendly. Think, if you need to Translate English acronym's meaning to other languages for them to understand? I hope you come up with a new name than 

Ex MP pee

@xmpp emoji reactions to messages, and custom emojis

Syncing logs to new clients, by re-encrypting them for the key of the new client. Maybe by refreshing the logs stored in mam, but maybe better as an explicit function, that is also able to transfer larger archives.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.