Agregador de noticias

ProcessOne: XMPP Radar Newsletter #6

Planet Jabber - 8 January, 2016 - 11:47

Welcome to the 6th issue of our newsletter. In this issue we focus on long-form articles discussing the state of XMPP. You can subscribe to the XMPP Radar newsletter and receive it in your inbox at the end of each month. Here are the links we found interesting in December:

Messaging is Just Getting Started

There’s arguably more innovation happening in messaging today than any other mainstream category of software. Yes, typing on your phone is a lousy proposition: a tiny keyboard trapped behind a pane of glass and hidden underneath your thumbs. But we still do it.

Kik’s Plan to Get Us to Ditch Our Browsers for Chat Apps

It’s been four months since Tencent invested $50 million in Kik, giving the Canadian founder of the chat service, Ted Livingston, his unicorn horn in the form of a billion dollar valuation for the startup.

SMB in India Use WhatsApp Power to Generate Buzz

40-year-old Nanasaheb Sheersat sets up his food stall outside an IT park and makes his first plates. Then he takes pictures and sends them to his potential customers and friends, alerting them that their favourite food has arrived, via WhatsApp.

Text Me? Ping Me? Communications Overload in the Digital Age

NY Times columnist Sam Slaughter writes about the weird state of communication on the Internet and how regular people use it in a surprising way.

Implementing State of the Art One-to-Many Chat Services with ejabberd

This is the first published video for ejabberd Advanced Erlang Workshop. In this video, Mickaël Rémond talks about the history of XMPP protocol extensions for group messaging and details each approach for message broadcasting, from multicast to pubsub. He also explains how to overcome the limitations of Multi-User Chat protocol to build mobile WhatsApp-like group chat.

Gajim 0.16.5 Released

New Gajim XMPP client release brings improved MAM implementation and improved security.

XMPP Academy #3 Video and Slides

We recently had our third XMPP Academy live online event. We have answered several questions about XMPP and ejabberd. The full video recording of that session is now online and available for everyone to enjoy.

Daniel Pocock: Do you own your phone or does it own you?

Planet Jabber - 7 January, 2016 - 15:05

Have you started thinking about new year's resolutions for 2016? Back to the gym or giving up sugary drinks?

Many new year's resolutions have a health theme. Unless you have a heroin addiction, there may not be anything else in your life that is more addictive and has potentially more impact on your health and quality of life than your mobile phone. Almost every week there is some new report about the negative impact of phone use on rest or leisure time. Children are particularly at risk and evidence strongly suggests their grades at school are tanking as a consequence.

Can you imagine your life changing for the better if you switched off your mobile phone or left it at home for one day per week in 2016? If you have children, can you think of anything more powerful than the example you set yourself to help them stay in control of their phones? Children have a remarkable ability to emulate the bad habits they observe in their parents.

Are you in control?

Turning it off is a powerful act of showing who is in charge. If you feel you can't live without it, then you are putting your life in the hands of the people who expect an immediate answer of their calls, your phone company and the Silicon Valley executives who make all those apps you can't stop using.

As security expert Jacob Appelbaum puts it, cell phones are tracking devices that also happen to make phone calls. Isn't that a chilling thought to reflect on the next time you give one as Christmas gift?

For your health, your children and your bank balance

Not so long ago we were having lunch in a pizza restaurant in Luzern, a picturesque lakeside town at the base of the Swiss Alps. Luzern is a popular first stop for tourists from all around the world.

A Korean family came along and sat at the table next to us. After ordering their food, they all immediately took out their mobile devices and sat there in complete silence, the mother and father, a girl of eight and a boy of five, oblivious to the world around them and even each other, tapping and swiping for the next ten minutes until their food arrived.

We wanted to say hello to them, I joked that I should beep first, initiating communication with the sound of a text message notification.

Is this how all holidays will be in future? Is it how all families will spend time together? Can you imagine your grandchildren and their children sharing a meal like this in the year 2050 or beyond?

Which gadgets does Bond bring to Switzerland?

On Her Majesty's Secret Service is one of the more memorable Bond movies for its spectacular setting in the Swiss Alps, the location now transformed into a mountain-top revolving restaurant visited by thousands of tourists every day with a comfortable cable car service and hiking trails with breathtaking views that never become boring.

Can you imagine Bond leaving behind his gun and his skis and visiting Switzerland with a smartphone instead? Eating a pizza with one hand while using the fingertips of the other to operate an app for making drone strikes on villains, swiping through Tinder for a new girl to replace the one who died (from boredom) in his previous "adventure" and letting his gelati melt while engrossed in a downhill ski or motorcycle game in all the glory of a 5.7" 24-bit colour display?

Of course its absurd. Would you want to live like that yourself? We see more and more of it in people who are supposedly in Switzerland on the trip of a lifetime. Would you tolerate it in a movie? The mobile phone industry has paid big money to have their technology appear on the silver screen but audience feedback shows people are frustrated with movies that plaster the contents of text messages across the screen every few minutes; hopefully Bond movies will continue to plaster bullets and blood across the screen instead.

Time for freedom

How would you live for a day or a weekend or an entire holiday without your mobile phone? There are many small frustrations you may experience but the biggest one and the indirect cause of many other problems you will experience may be the inability to tell the time.

Many people today have stopped wearing a watch, relying instead upon their mobile phone to tell the time.

Without either a phone or a watch, frustration is not far away.

If you feel apprehension just at the thought of leaving your phone at home, the lack of a watch may be a subconcious factor behind your hesitation.

Trying is better than reading

Many articles and blogs give opinions about how to buy a watch, how much to spend and what you can wear it with. Don't spend a lot of time reading any of it, if you don't know where to start, simply go down to the local high street or mall and try them. Start with the most glamorous and expensive models from Swiss manufacturers, as these are what everything else is compared to and then perhaps proceed to look more widely. While Swiss brands tend to sell through the stores, vendors on Amazon and eBay now distribute a range of watches from manufacturers in Japan, China and other locations, such as Orient and Invicta, at a fraction of the price of those in the stores. You still need to try a few first to identify your preferred style and case size though. Google can also turn up many options for different budgets.



Copying or competition? Similarity of Invicta (from Amazon) and Rolex Submariner

You may not know whether you want a watch that is manually wound, automatically wound or battery operated. Buying a low-cost automatic model online could be a good way to familiarize yourself before buying anything serious. Mechanical watches have a smoother and more elegant second-hand movement and will survive the next Carrington event but may come to grief around magnets - a brief encounter with a low-cost de-gausser fixes that.

Is it smart to buy a smart watch?

If you genuinely want to have the feeling of complete freedom and control over technology, you may want to think twice about buying a smart watch. While it may be interesting to own and experiment with it some of the time, being free from your phone means being free from other electronic technology too. If you do go for a smart watch (and there are many valid reasons for trying one some of the time), maybe make it a second (or third) watch.

Smart watches are likely to be controversial for some time to come due to their impact in schools (where mobile phones are usually banned) and various privacy factors.

Help those around you achieve phone freedom in 2016

There will be further blogs on this theme during 2016, each looking at the pressures people face when with or without the mobile phone.

As a developer of communications technology myself, you may be surprised to see me encouraging people not to use it every waking minute. Working on this technology makes me more conscious of its impact on those around me and society in general.

A powerful factor to consider when talking about any communications technology is the presence of peer pressure and the behavior of those around you. Going phone-free may involve helping them to consider taking control too. Helping them out with a new watch as a gift (be careful to seek advice on the style that they are likely to prefer or ensure the purchase can be exchanged) may be an interesting way to help them engage with the idea and every time they look at the time, they may also be reminded of your concern for their freedom.

Daniel Pocock: Want to use free software to communicate with your family in Christmas 2016?

Planet Jabber - 6 January, 2016 - 12:25

Was there a friend or family member who you could only communicate with using a proprietary, privacy-eroding solution like Skype or Facebook this Christmas?

Would you like to be only using completely free and open solutions to communicate with those people next Christmas?

Developers

Even if you are not developing communications software, could the software you maintain make it easier for people to use "sip:" and "xmpp:" links to launch other applications? Would this approach make your own software more convenient at the same time? If your software already processes email addresses or telephone numbers in any way, you could do this.

If you are a web developer, could you make WebRTC part of your product? If you already have some kind of messaging or chat facility in your website, WebRTC is the next logical step.

If you are involved with the Debian or Fedora projects, please give rtc.debian.org and FedRTC.org a go and share your feedback.

If you are involved with other free software communities, please come to the Free-RTC mailing list and ask how you can run something similar.

Everybody can help

Do you know any students who could work on RTC under Google Summer of Code, Outreachy or any other student projects? We are particularly keen on students with previous experience of Git and at least one of Java, C++ or Python. If you have contacts in any universities who can refer talented students, that can also help a lot. Please encourage them to contact me directly.

In your workplace or any other organization where you participate, ask your system administrator or developers if they are planning to support SIP, XMPP and WebRTC. Refer them to the RTC Quick Start Guide. If your company web site is built with the Drupal CMS, refer them to the DruCall module, it can be installed by most webmasters without any coding.

If you are using Debian or Ubuntu in your personal computer or office and trying to get best results with the RTC and VoIP packages on those platforms, please feel free to join the new debian-rtc mailing list to discuss your experiences and get advice on which packages to use.

Everybody is welcome to ask questions and share their experiences on the Free-RTC mailing list.

Please also come and talk to us at FOSDEM 2016, where RTC is in the main track again. FOSDEM is on 30-31 January 2016 in Brussels, attendance is free and no registration is necessary.

This mission can be achieved with lots of people making small contributions along the way.

Daniel Pocock: Promoting free software and free communications on popular social media networks

Planet Jabber - 5 January, 2016 - 14:27

(You can Follow or Tweet about this blog on Twitter)

Sites like Twitter and Facebook are not fundamentally free platforms, despite the fact they don't ask their users for money. Look at how Facebook's censors confused Denmark's mermaid statue with pornography or how quickly Twitter can make somebody's account disappear, frustrating public scrutiny of their tweets and potentially denying access to vital information in their "direct message" mailbox. Then there is the fact that users don't get access to the source code, users don't have a full copy of their own data and, potentially worst of all, if most people bothered to read the fine print of the privacy policy they would find it is actually a recipe for downright creepiness.

Nonetheless, a significant number of people have accounts in these systems and are to some extent contactable there.

Many marketing campaigns that have been successful today, whether they are crowdfunding, political activism or just finding a lost cat claim to have had great success because of Twitter or Facebook. Is this true? In reality, many users of those platforms follow hundreds of different friends and if they only check-in once a day, filtering algorithms show them only a small subset of what all their friends posted. Against these odds, just posting your great idea on Facebook doesn't mean that more than five people are actually going to see it. Those campaigns that have been successful have usually had something else going in their favour, perhaps it was a friend working in the media who gave their campaign a plug on his radio show or maybe they were lucky enough to be slashdotted. Maybe it was having the funds for a professional video production with models who pass off as something spontaneous. The use of Facebook or Twitter alone did not make such campaigns successful, it was just part of a bigger strategy where everything fell into place.

Should free software projects, especially those revolving around free communications technology, use such platforms to promote themselves?

It is not a simple question. In favour, you could argue that everything we promote through public mailing lists and websites is catalogued by Google anyway, so why not make it easier to access for those who are on Facebook or Twitter? On top of that, many developers don't even want to run their own mail server or web server any more, let alone a self-hosted social-media platform like pump.io. Even running a basic SIP proxy server for the large Debian and Fedora communities involved a lot of discussion about the approach to support it.

The argument against using Facebook and Twitter is that you are shooting yourself in the foot, when you participate in those networks, you give them even more credibility and power (which you could quantify using Metcalfe's law). The Metcalfe value of their network, being quadratic rather than linear, shoots ahead of the Metcalfe value of your own solution, putting your alternative even further out of reach. On top of that, the operators of the closed platform are able to evaluate who is responding to your message and how they feel about it and use that intelligence to further undermine you. In some cases, there may be passive censorship, such as WhatsApp silently losing messages that link to rival Telegram.

How do you feel about this choice? How and when should free software projects and their developers engage with mainstream social media technology? Please come and share your ideas on the Free-RTC mailing list or perhaps share and Tweet them.

ProcessOne: XMPP Academy #3 Video and Slides

Planet Jabber - 4 January, 2016 - 14:33

We recently had our third XMPP Academy live online event. Thank you for all our customers who attended and for all the questions we received.

Here are the questions that were covered during that session:

  1. ejabberd questions:

    • How does Apple and Google Push support work on ejabberd SaaS and ejabberd Business Edition ? direct link – 1m20s
    • What is the relationship between ejabberd Push support and XEP-0357: Push Notifications ? direct link – 22m34s
  2. XMPP questions:

The full video recording of that session is now online and available for everyone to enjoy.

Please, send us your XMPP questions for the next event !

For those who just need access to the slides, they are on Slideshare:

XMPP Academy #3 from Mickaël Rémond

And of course, do not hesitate to watch previous videos:
XMPP Academy #2 video
XMPP Academy #1 video

ProcessOne: XMPP Academy #2 Video and Slides

Planet Jabber - 4 January, 2016 - 13:51

We had last wednesday our second XMPP Academy live online event. Thank you for all our customers who attended and for all the questions we received.

Here are the questions that were covered during that session:

  1. ejabberd questions:
  1. XMPP questions:

The full video recording of that session is now online and available for everyone to enjoy.

Please, send us your XMPP questions for the next event !

For those who just need access to the slides, they are on Slideshare:

XMPP Academy #2 from Mickaël Rémond

And of course, do not hesitate to watch XMPP Academy #1 video.

Peter Saint-Andre: Joining Filament

Planet Jabber - 4 January, 2016 - 00:00
It was 17 years ago (January 4, 1999) that my dear friend Jeremie Miller announced the Jabber open-source project, which in many ways laid the foundation for the messaging systems that billions of people use today (e.g., huge services like WhatsApp and Apple iMessage got their start using Jabber/XMPP, even if some of them migrated to special-purpose technologies later on). Although when I got involved with the Jabber project in November 1999 it felt like I was late to the party compared to folks like Temas Muldwowney (contributor #2), clearly I've found plenty to do in standardizing and extending XMPP over the last 16+ years.

Christian Schudt: Precis (RFC 7564/7613) - A Java Implementation

Planet Jabber - 3 January, 2016 - 19:16
Since a few months, there are a few new specifications around concerning internationalized strings in application protocols, which obsoletes the old Stringprep specification (RFC 3454).
  • RFC 7564: PRECIS Framework: Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols
  • RFC 7613: Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords
  • RFC 7700: Preparation, Enforcement, and Comparison of Internationalized Strings Representing Nicknames

These are also used by XMPP, especially by the new Address Format specification, RFC 7622 (The local and resource part must conform to Precis profiles).

After working on a Java implementation for Precis for some time, I'd finally like to announce the first release of the open source software, which supports all of the three Precis specifications:

Project site with more information

Maven coordinates:

<dependency>
<groupId>rocks.xmpp</groupId>
<artifactId>precis</artifactId>
<version>0.1.0</version>
</dependency>

Anybody who likes to upgrade the obsolete Libidn's Stringprep class is invited to give it a try.

Daniel Pocock: The great life of Ian Murdock and police brutality in context

Planet Jabber - 2 January, 2016 - 20:45

Tributes:

(You can Follow or Tweet about this blog on Twitter)

Over the last week, people have been saying a lot about the wonderful life of Ian Murdock and his contributions to Debian and the world of free software. According to one news site, a San Francisco police officer, Grace Gatpandan, has been doing the opposite, starting a PR spin operation, leaking snippets of information about what may have happened during Ian's final 24 hours. Sadly, these things are now starting to be regurgitated without proper scrutiny by the mainstream press (note the erroneous reference to SFGate with link to SFBay.ca, this is British tabloid media at its best).

The report talks about somebody (no suggestion that it was even Ian) "trying to break into a residence". Let's translate that from the spin-doctor-speak back to English: it is the silly season, when many people have a couple of extra drinks and do silly things like losing their keys. "a residence", or just their own home perhaps? Maybe some AirBNB guest arriving late to the irritation of annoyed neighbours? Doesn't the choice of words make the motive sound so much more sinister? Nobody knows the full story and nobody knows if this was Ian, so snippets of information like this are inappropriate, especially when somebody is deceased.

Did they really mean to leave people with the impression that one of the greatest visionaries of the Linux world was also a cat burglar? That somebody who spent his life giving selflessly and generously for the benefit of the whole world (his legacy is far greater than Steve Jobs, as Debian comes with no strings attached) spends the Christmas weekend taking things from other people's houses in the dark of the night? The report doesn't mention any evidence of a break-in or any charges for breaking-in.

If having a few drinks and losing your keys in December is such a sorry state to be in, many of us could potentially be framed in the same terms at some point in our lives. That is one of the reasons I feel so compelled to write this: somebody else could be going through exactly the same experience at the moment you are reading this. Any of us could end up facing an assault as unpleasant as the tweets imply at some point in the future. At least I can console myself that as a privileged white male, the risk to myself is much lower than for those with mental illness, the homeless, transgender, Muslim or black people but as the tweets suggest, it could be any of us.

The story reports that officers didn't actually come across Ian breaking in to anything, they encountered him at a nearby street corner. If he had weapons or drugs or he was known to police that would have almost certainly been emphasized. Is it right to rush in and deprive somebody of their liberties without first giving them an opportunity to identify themselves and possibly confirm if they had a reason to be there?

The report goes on, "he was belligerent", "he became violent", "banging his head" all by himself. How often do you see intelligent and successful people like Ian Murdock spontaneously harming themselves in that way? Can you find anything like that in any of the 4,390 Ian Murdock videos on YouTube? How much more frequently do you see reports that somebody "banged their head", all by themselves of course, during some encounter with law enforcement? Do police never make mistakes like other human beings?

When a felon is convicted of a crime, there is always a lot of discussion about whether they apologize and show remorse. What is staggering about police communications, like this one, is that there is never any hint that they may have any responsibility, nobody saying "he was in our care, and we failed", no sign of regret or humility.

If any person was genuinely trying to spontaneously inflict a head injury on himself, as the police have suggested, why wouldn't the police leave them in the hospital or other suitable care? Do they really think that when people are displaying signs of self-harm, rounding them up and taking them to jail will be in their best interests?

Now, I'm not suggesting this started out with some sort of conspiracy. Police may have been at the end of a long shift (and it is a disgrace that many US police are not paid for their overtime) or just had a rough experience with somebody far more sinister. On the other hand, there may have been a mistake, gaps in police training or an inappropriate use of a procedure that is not always justified, like a strip search, that causes profound suffering for many victims.

A select number of US police forces have been shamed around the world for a series of incidents of extreme violence in recent times, including the death of Michael Brown in Ferguson, shooting Walter Scott in the back, death of Freddie Gray in Baltimore and the attempts of Chicago's police to run an on-shore version of Guantanamo Bay. Beyond those highly violent incidents, the world has also seen the abuse of Ahmed Mohamed, the Muslim schoolboy arrested for his interest in electronics and in 2013, the suicide of Aaron Swartz which appears to be a direct consequence of the "Justice" department's obsession with him.

What have the police learned from all this bad publicity? Are they changing their methods, or just hiring more spin doctors? If that is their response, then doesn't it leave them with a cruel advantage over those people who were deceased?

Isn't it standard practice for some police to simply round up anybody who is a bit lost and write up a charge sheet for resisting arrest or assaulting an officer as insurance against questions about their own excessive use of force?

When British police executed Jean Charles de Menezes on a crowded tube train and realized they had just done something incredibly outrageous, their PR office went to great lengths to try and protect their image, even photoshopping images of Menezes to make him look more like some other suspect in a wanted poster. To this day, they continue to refer to Menezes as a victim of the terrorists, could they be any more arrogant? While nobody believes the police woke up that morning thinking "let's kill some random guy on the tube", it is clear they made a mistake and like many people (not just police), they immediately prioritized protecting their reputation over protecting the truth.

Nobody else knows exactly what Ian was doing and exactly what the police did to him. We may never know. However, any disparaging or irrelevant comments from the police should be viewed with some caution.

The horrors of incarceration

It would be hard for any of us to understand everything that an innocent person goes through when detained by the police. The recently released movie about The Stanford Prison Experiment may be an interesting place to start, a German version produced in 2001, Das Experiment, is also very highly respected.

The United States has the largest prison population in the world and the second-highest per-capita incarceration rate. Many, including some on death row, are actually innocent, in the wrong place at the wrong time, without the funds to hire an attorney. The system, and the police and prison officers who operate it, treat these people as packages on a conveyor belt, without even the most basic human dignity. Whether their encounter lasts for just a few hours or decades, is it any surprise that something dies inside them when they discover this cruel side of American society?

Worldwide, there is an increasing trend to make incarceration as degrading as possible. People may be innocent until proven guilty, but this hasn't stopped police in the UK from locking up and strip-searching over 4,500 children in a five year period, would these children go away feeling any different than if they had an encounter with Jimmy Saville or Rolf Harris? One can only wonder what they do to adults.

What all this boils down to is that people shouldn't really be incarcerated unless it is clear the danger they pose to society is greater than the danger they may face in a prison.

What can people do for Ian and for justice?

Now that these unfortunate smears have appeared, it would be great to try and fill the Internet with stories of the great things Ian has done for the world. Write whatever you feel about Ian's work and your own experience of Debian.

While the circumstances of the final tweets from his Twitter account are confusing, the tweets appear to be consistent with many other complaints about US law enforcement. Are there positive things that people can do in their community to help reduce the harm?

Sending books to prisoners (the UK tried to ban this) can make a difference. Treat them like humans, even if the system doesn't.

Recording incidents of police activities can also make a huge difference, such as the video of the shooting of Walter Scott or the UK police making a brutal unprovoked attack on a newspaper vendor. Don't just walk past a situation and assume everything is under control. People making recordings may find themselves in danger, it is recommended to use software that automatically duplicates each recording, preferably to the cloud, so that if the police ask you to delete such evidence, you can let them watch you delete it and still have a copy.

Can anybody think of awards that Ian Murdock should be nominated for, either in free software, computing or engineering in general? Some, like the prestigious Queen Elizabeth Prize for Engineering can't be awarded posthumously but others may be within reach. Come and share your ideas on the debian-project mailing list, there are already some here.

Best of all, Ian didn't just build software, he built an organization, Debian. Debian's principles have helped to unite many people from otherwise different backgrounds and carry on those principles even when Ian is no longer among us. Find out more, install it on your computer or even look for ways to participate in the project.

Peter Saint-Andre: Monadnock Valley Press Annual Report 2015

Planet Jabber - 31 December, 2015 - 00:00
Because I spent most of my time in 2015 working at my day job and on the side researching the book I'm writing about Henry David Thoreau, I published very little in 2015 at the Monadnock Valley Press - really just A Doll's House by Henrik Ibsen and the Meditations by Marcus Aurelius. Here's hoping I can do better in 2016. We also earned only $150.63, a 50% drop from 2014. I'll need to talk to our director of sales and marketing about that... ;-)

Daniel Pocock: Real-Time Communication in FOSDEM 2016 main track

Planet Jabber - 29 December, 2015 - 19:12

FOSDEM is nearly here and Real-Time Communications is back with a bang. Whether you are keen on finding the perfect privacy solution, innovative new features or just improving the efficiency of existing telephony, you will find plenty of opportunities at FOSDEM.

Main track

Saturday, 30 January, 17:00 Dave Neary presents How to run a telco on free software. This session is of interest to anybody building or running a telco-like service or any system administrator keen to look at a practical application of cloud computing with OpenStack.

Sunday, 31 January, 10:00 is my own presentation on Free Communications with Free Software. This session looks at the state of free communications, especially open standards like SIP, XMPP and WebRTC and practical solutions like DruCall (for Drupal), Lumicall (for Android) and much more.

Sunday, 31 January, 11:00 Guillaume Roguez and Adrien Béraud from Savoir-faire Linux present Building a peer-to-peer network for Real-Time Communication. They explain how their Ring solution, based on OpenDHT, can provide a true peer-to-peer solution.

and much, much more....
  • XMPP Summit 19 is on January 28 and 29, the Thursday and Friday before FOSDEM as part of the FOSDEM Fringe.
  • The FOSDEM Beer Night on Friday, 29 January provides a unique opportunity for Real-Time Communication without software
  • The Real-Time Lounge will operate in the K building over both days of FOSDEM, come and meet the developers of your favourite RTC projects
  • The Real-Time dev-room is the successor of the previous XMPP and Telephony dev-rooms. The Real-Time dev-room is in K.3.401 and the schedule is discussed here.
Volunteers and sponsors still needed

Please come and join the FreeRTC mailing list to find out more about ways to participate, the Saturday night dinner and other opportunities.

The FOSDEM team is still fundraising. If your company derives benefit from free software and events like FOSDEM, please see the sponsorship pages.

Thijs Alkemade: Common DH groups

Planet Jabber - 28 December, 2015 - 00:00

To deal with the logjam attack, I was looking for a set of all “common” Diffie-Hellman parameters to update xmpp.net, yet I wasn’t able to find those easily. Even just searching for the hexadecimal representation of commonly encounted primes often didn’t lead to the document they were specified. Here I’m documenting those that I found and where they are from.

Java sun.security.provider

Java “helpfully” includes a number of hard-coded default parameters. I’m unsure about how old these are exactly, probably from 1996/1997, maybe earlier.

512 bit FCA682CE8E12CABA26EFCCF7110E526DB078B05EDECBCD1E B4A208F3AE1617AE01F35B91A47E6DF63413C5E12ED0899B CD132ACD50D99151BDC43EE737592E17

Generator:

678471B27A9CF44EE91A49C5147DB1A9AAF244F05A434D64 86931D2D14271B9E35030B71FD73DA179069B32E2935630E 1C2062354D0DA20A6C416E50BE794CA4 768 bit E9E642599D355F37C97FFD3567120B8E25C9CD43E927B3A9 670FBEC5D890141922D2C3B3AD2480093799869D1E846AAB 49FAB0AD26D2CE6A22219D470BCE7D777D4A21FBE9C270B5 7F607002F3CEF8393694CF45EE3688C11A8C56AB127A3DAF

Generator:

30470AD5A005FB14CE2D9DCD87E38BC7D1B1C5FACBAECBE9 5F190AA7A31D23C4DBBCBE06174544401A5B2C020965D8C2 BD2171D3668445771F74BA084D2029D83C1C158547F3A9F1 A2715BE23D51AE4D3E5A1F6A7064F316933A346D3F529252 1024 bit FD7F53811D75122952DF4A9C2EECE4E7F611B7523CEF4400 C31E3F80B6512669455D402251FB593D8D58FABFC5F5BA30 F6CB9B556CD7813B801D346FF26660B76B9950A5A49F9FE8 047B1022C24FBBA9D7FEB7C61BF83B57E7C6A8A6150F04FB 83F6D3C51EC3023554135A169132F675F3AE2B61D72AEFF2 2203199DD14801C7

Generator:

F7E1A085D69B3DDECBBCAB5C36B857B97994AFBBFA3AEA82 F9574C0B3D0782675159578EBAD4594FE67107108180B449 167123E84C281613B7CF09328CC8A6E13C167A8B547C8D28 E0A3AE1E2BB3A675916EA37F0BFA213562F1FB627A01243B CCA4F1BEA8519089A883DFE15AE59F06928B665E807B5525 64014C3BFECF492A RFC 2409

RFC 2409 “The Internet Key Exchange (IKE)”, written in 1998, includes a number of DH parameters in §6.

First Oakley Default Group (768 bits)

Prime:

FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1 29024E088A67CC74020BBEA63B139B22514A08798E3404DD EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245 E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF

Generator:

02 Second Oakley Group (1024 bits)

Prime:

FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1 29024E088A67CC74020BBEA63B139B22514A08798E3404DD EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245 E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381 FFFFFFFFFFFFFFFF

Generator:

02 RFC 3526

RFC 3526 “More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)”, written in 2003, documents a number of DH parameters.

1536-bit MODP Group FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1 29024E088A67CC74020BBEA63B139B22514A08798E3404DD EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245 E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F 83655D23DCA3AD961C62F356208552BB9ED529077096966D 670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF

Generator:

02

(This is also the group used by OTR.)

2048-bit MODP Group FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1 29024E088A67CC74020BBEA63B139B22514A08798E3404DD EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245 E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F 83655D23DCA3AD961C62F356208552BB9ED529077096966D 670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9 DE2BCBF6955817183995497CEA956AE515D2261898FA0510 15728E5A8AACAA68FFFFFFFFFFFFFFFF

Generator:

02 3072-bit MODP Group FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1 29024E088A67CC74020BBEA63B139B22514A08798E3404DD EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245 E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F 83655D23DCA3AD961C62F356208552BB9ED529077096966D 670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9 DE2BCBF6955817183995497CEA956AE515D2261898FA0510 15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64 ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7 ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B F12FFA06D98A0864D87602733EC86A64521F2B18177B200C BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31 43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF

Generator:

02 4096-bit MODP Group FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1 29024E088A67CC74020BBEA63B139B22514A08798E3404DD EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245 E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F 83655D23DCA3AD961C62F356208552BB9ED529077096966D 670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9 DE2BCBF6955817183995497CEA956AE515D2261898FA0510 15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64 ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7 ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B F12FFA06D98A0864D87602733EC86A64521F2B18177B200C BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31 43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7 88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA 2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6 287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED 1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9 93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199 FFFFFFFFFFFFFFFF

Generator:

02 6144-bit MODP Group FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1 29024E088A67CC74020BBEA63B139B22514A08798E3404DD EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245 E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F 83655D23DCA3AD961C62F356208552BB9ED529077096966D 670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9 DE2BCBF6955817183995497CEA956AE515D2261898FA0510 15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64 ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7 ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B F12FFA06D98A0864D87602733EC86A64521F2B18177B200C BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31 43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7 88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA 2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6 287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED 1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9 93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492 36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831 179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF 5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6 D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3 23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328 06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE 12BF2D5B0B7474D6E694F91E6DCC4024FFFFFFFFFFFFFFFF

Generator:

02 8192-bit MODP Group FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1 29024E088A67CC74020BBEA63B139B22514A08798E3404DD EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245 E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F 83655D23DCA3AD961C62F356208552BB9ED529077096966D 670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9 DE2BCBF6955817183995497CEA956AE515D2261898FA0510 15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64 ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7 ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B F12FFA06D98A0864D87602733EC86A64521F2B18177B200C BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31 43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7 88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA 2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6 287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED 1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9 93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492 36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831 179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF 5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6 D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3 23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328 06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE 12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4 38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300 741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568 3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9 22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B 4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A 062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36 4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1 B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92 4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47 9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71 60C980DD98EDD3DFFFFFFFFFFFFFFFFF

Generator:

02 RFC 5114

RFC 5114 “Additional Diffie-Hellman Groups for Use with IETF Standards”, written in 2008, documents even more DH parameters.

1024-bit MODP Group with 160-bit Prime Order Subgroup B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6 9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0 13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70 98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0 A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708 DF1FB2BC2E4A4371

Generator:

A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F D6406CFF14266D31266FEA1E5C41564B777E690F5504F213 160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1 909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24 855E6EEB22B3B2E5 2048-bit MODP Group with 224-bit Prime Order Subgroup AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1 B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15 EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212 9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207 C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708 B3BF8A317091883681286130BC8985DB1602E714415D9330 278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8 BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763 C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71 CF9DE5384E71B81C0AC4DFFE0C10E64F

Generator:

AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF 74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7 C17669101999024AF4D027275AC1348BB8A762D0521BC98A E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE F180EB34118E98D119529A45D6F834566E3025E316A330EF BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB 10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381 B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269 EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179 81BC087F2A7065B384B890D3191F2BFA 2048-bit MODP Group with 256-bit Prime Order Subgroup 87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2 5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30 16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD 5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B 6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C 4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9 67E144E5140564251CCACB83E6B486F6B3CA3F7971506026 C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3 75F26375D7014103A4B54330C198AF126116D2276E11715F 693877FAD7EF09CADB094AE91E1A1597

Generator:

3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054 07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555 BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18 A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B 777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83 1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55 A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14 C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915 B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6 184B523D1DB246C32F63078490F00EF8D647D148D4795451 5E2327CFEF98C582664B4C0F6CC41659 draft-ietf-tls-negotiated-ff-dhe-10

There’s a draft draft-ietf-tls-negotiated-ff-dhe-10 “Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for TLS” that adds some more DH groups specifically for TLS. The current version is from June 2015.

ffdhe2048 FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1 D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9 7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561 2433F51F5F066ED0856365553DED1AF3B557135E7F57C935 984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735 30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19 0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61 9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73 3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA 886B423861285C97FFFFFFFFFFFFFFFF

Generator:

02 ffdhe3072 FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1 D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9 7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561 2433F51F5F066ED0856365553DED1AF3B557135E7F57C935 984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735 30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19 0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61 9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73 3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA 886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238 61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3 64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF 3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF

Generator:

02 ffdhe4096 FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1 D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9 7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561 2433F51F5F066ED0856365553DED1AF3B557135E7F57C935 984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735 30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19 0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61 9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73 3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA 886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238 61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3 64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF 3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB 7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004 87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832 A907600A918130C46DC778F971AD0038092999A333CB8B7A 1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF 8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6A FFFFFFFFFFFFFFFF

Generator:

02 ffdhe6144 FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1 D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9 7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561 2433F51F5F066ED0856365553DED1AF3B557135E7F57C935 984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735 30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19 0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61 9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73 3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA 886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238 61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3 64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF 3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB 7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004 87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832 A907600A918130C46DC778F971AD0038092999A333CB8B7A 1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF 8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902 0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6 3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477 A52471F7A9A96910B855322EDB6340D8A00EF092350511E3 0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4 763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6 B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C D72B03746AE77F5E62292C311562A846505DC82DB854338A E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04 5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1 A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF

Generator:

02 ffdhe8192 FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1 D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9 7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561 2433F51F5F066ED0856365553DED1AF3B557135E7F57C935 984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735 30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19 0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61 9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73 3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA 886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238 61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3 64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF 3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB 7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004 87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832 A907600A918130C46DC778F971AD0038092999A333CB8B7A 1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF 8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902 0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6 3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477 A52471F7A9A96910B855322EDB6340D8A00EF092350511E3 0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4 763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6 B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C D72B03746AE77F5E62292C311562A846505DC82DB854338A E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04 5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1 A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C838 1E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E 0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665 CB2C0F1CC01BD70229388839D2AF05E454504AC78B758282 2846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022 BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C 51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9 D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA457 1EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30 FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D 97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88C D68C8BB7C5C6424CFFFFFFFFFFFFFFFF

Generator:

02

Remko Tronçon: BookWidgets Keynote @ iBAConf 2015

Planet Jabber - 27 December, 2015 - 23:00

Last October, I gave a keynote talk on creating interactive iBooks with BookWidgets at the iBooks Author Conference 2015 in Nashville. Here’s the full recording:

The XMPP Standards Foundation: XMPP at the end of the Google Summer of Code 2015

Planet Jabber - 18 December, 2015 - 18:41

This year we had six students working on disparate projects for GSoC, and we’re delighted that all of them were successful! Here we link to a wrapup blog post from each of the students, and a description of their work from their mentors.

We had Adhish Singh working on Internet of Things implementations – http://www.xmpp-iot.org/gsoc/week-12/. His mentor, Joachim, said:

Adhish Singla: Prototyping tools for IoT, http://www.xmpp-iot.org/gsoc/

Adhish started from no XMPP experience and have created 2 graphical interfaces to IoT devices supporting xep 323 and xep 325 (experimental). One as a standalone Cordova mobile application and one as part of the converse.js webpage xmpp client. He also implemented a python history client that is instatiated as another resource on a Device IoT JID and polls the device for momentary values and stores history in db or local storage. So when clients ask for historical data it will in parallell with the originating device return the longtime history as part of the XEP323 history part. The javascript parts was done with crafted IQ messaging but will be enhanced with real plugin usage that is now part of the strophe package. python code will be submitted into SleekXMPP distribution. Converse code is running on the http://www.xmpp-iot.org/ site.

We had Andreas Straub working on end to end encryption in the Conversations client – http://conversationsgsoc2015.blogspot.co.uk/2015/09/omemo.html. His mentor Daniel says:

Andreas Straub: Implementing Axolotl over XMPP
In just three month time Andreas managed to basically invent and implement a completely new protocol for multi-end to multi-end encryption. Compared to the commonly used OTR encryption which has reliability problems in mobile- and multi client setups the new protocol works very well with multiple clients and offline messages while maintaining crypto features such as deniability and forward secrecy. Even after the Google Summer of Code was over Andreas stuck around and created an XEP based on the experienced gather during the implementation. It is currently in the inbox of the XSF and called ‘OMEMO Encryption’. A new name was chosen to highlight the fact that – besides using axolotl internally – it is a completely new protocol and incompatible with other implementations that utilize axolotl.

We had Daniel Baczynski working on multi-account support in the Swift client – http://danielbgsoc.blogspot.co.uk/2015/08/polishing-and-fixing-existing-code.html. His mentor, Kev, says:

Daniel had a tricky job this summer – to add support for using multiple accounts at once to the Swift client. Rather than being protocol-difficult, as some of the other projects, this one was tricky because of the pervasive nature of and difficult user experience changes needed in the project. Over the course of the summer he made significant progress towards multaccount support, and we hope to have the feature completed for a future release.

We had Ishan Khanna working on serverless messaging in the Smack library. His mentor Florian says:

Ishan Khanna, Add support for XMPP Serverless Messaging (XEP-174) to Smack

From the very start Ishan was very motivated to add support for
serverless messaging based on DNS-SD and mDNS as described in XEP-147 to
Smack. While the problem description is trivial, the solution involves
many protocols (XMPP, DNS-SD, mDNS, …), concepts and technology stacks
(Smack, jmdns, …) that need to be understood in order to be able to
implement XMPP serverless messaging. Ishan implemented a working
solution and and demonstrated how other XMPP clients are able to
discover and exchange messages with the smack serverless implementation.

We had Marvin Wißfeld working on DNSSEC support in the Smack library – http://mar-v-in.github.io/gsoc15/weekly-report/2015/08/21/thanks.html. His mentor Dave says:

Marvin W: Adding DNSSEC Support to Smack via miniDNS

A solid implementation of DNSSEC that can span everything from server to mobile would be an accomplishment from any developer – to get this done from scratch in a single summer as a student in GSoC really is amazingly impressive. XMPP relies on DNS for federated service discovery, both from client to server and between servers, and including DNSSEC in this capability gives a huge uplift in security across the board, providing cryptographically assured DNS lookups. Marvin implemented this in miniDNS, and added the needed support to Smack, so this can now be available on Android and desktop clients, and miniDNS can be used by servers as well.

We had Tarun Gupta working on extending the Stroke library with all the features from its Swiften sister-project – http://tarun018.blogspot.co.uk/2015/08/wrap-up.html. His mentor Kev said:

Tarun took on a huge project this summer and achieved much more than I would have expected. His project to update Stroke with all the features available in the Swiften library was a great success, and has made Stroke much more useful for developers. Over the course of the summer Tarun touched nearly 600 files, and ported over 35,000 lines of code. A massive achievement.

Thanks to all the students for their efforts over the summer, and good luck in their future endeavours (although we hope they’ll stick around!).

Thijs Alkemade: Out with octopress, in with Hakyll

Planet Jabber - 18 December, 2015 - 00:00

As you can see, the layout of this blog has changed. I was updating this blog so little, every time I did Ruby had broken everything (or so it felt like). I don’t like the idea of having to learn Ruby or gem to blog, so I’ve decided to switch to something else.

It’s now powered by Hakyll, which seems to be a lot faster at rebuilding everything too. I’ve made sure the paths to most pages are unchanged. For the theme threw bootstrap at it until I liked enough (that’s all the webdesign skills I have).

For those of you using the RSS feed: I know the ids of the posts have changed, so sorry if that has caused a mess for you. I don’t see a clean way to change that.

The hardest part was the “Recent posts” column on the right here. On most pages it is easy to add, but on individual article pages it creates a cyclic dependency in Hakyll that I had to work around.

TLS is now also enabled on the bare domain (thijsalkema.de) again, now using letsencrypt.

Peter Saint-Andre: Annus Mirabilis

Planet Jabber - 16 December, 2015 - 00:00
Somehow I managed to publish 15 RFCs at the IETF this year, clustered around security, internationalization, and messaging:

ProcessOne: Implementing State of the Art One-to-Many Chat Services with ejabberd – ejabberd Workshop #1

Planet Jabber - 15 December, 2015 - 14:07

This is the first published video for ejabberd Advanced Erlang Workshop.

In this video, I talk about the history of XMPP protocol extensions for group messaging and detail each approach for message broadcasting, from multicast to pubsub.

I also explain how to overcome the limitations of Multi-User Chat protocol to build mobile Whatsapp-like group chat services with ejabberd.

You can watch the full talk online:

You can also download the slides: ejabberd state of the art to implement one-to-many chat services

If you like our videos, you may consider joining one of our next Advanced Erlang Workshop:

Peter Saint-Andre: RFC 7702: SIP-XMPP Groupchat

Planet Jabber - 15 December, 2015 - 00:00
As previously noted, I've been working to define interoperability between SIP and XMPP systems for many years, most recently in the STOX working group at the IETF. So we've published four different specifications covering various aspects of interworking, and today we've added a fifth: RFC 7702 on groupchat functionality. Big thanks to my co-authors: SaĂşl Ibarra Corretge and Salvatore Loreto! We're not quite done, though, because we still need to finish the document on signaling for managing multimedia sessions like audio and video calls. I'll be turning to that one next (well, that and fixes to the presence RFC).

Peter Saint-Andre: RFC 7700: Internationalized Nicknames

Planet Jabber - 15 December, 2015 - 00:00
The internationalization odyssey that started with RFC 7564 (the PRECIS framework) and continued with RFC 7613 (PRECIS handling of usernames and passwords) with a side tour into RFC 7622 (updated internationalization for XMPP addresses) continued today with the publication of RFC 7700 (PRECIS handling of nicknames and display names for people, devices, accounts, websites, and other entities.

Ignite Realtime Blog: Openfire 4.0.0 Beta

Planet Jabber - 14 December, 2015 - 17:47

Wouldn't it be great if your favourite XMPP Server was almost about to make a major release? Well, stop imagining, and start downloading, because Openfire 4.0.0 has reached Beta status!

 

This means that while we're quite sure there's bugs to be found, we believe the server is stable enough to use for formal testing and careful use in non-critical production environments (which means, basically, we're using it on igniterealtime.org itself and our own servers).

 

So if you're keen to help make this the best Openfire release we've ever made, then download, install, and keep us posted in the chatroom at open_chat@conference.igniterealtime.org

 

Download from here: Ignite Realtime: Beta Downloads

 

A Change Log is here: Openfire Changelog

 

And SHA1 checksums are below:

 

Format
Checksum
Filename
Mac OS X6b498b67a47f81969352ad8c6a94a12cf50aa946openfire_4_0_0_beta.dmgSource (UNIX)af846e168fb446c3001711c5a8337f5e7494cc47openfire_src_4_0_0_beta.tar.gzZIPd302d9c98c838edec26a60de6ed35e09f11f03a6openfire_4_0_0_beta.zipTarball4957d88b5cbaf087207bd8b459690f7f23021a45openfire_4_0_0_beta.tar.gzWindows5940fb8f1ea0c75512e592dbecb058896c84c30dopenfire_4_0_0_beta.exeSource (ZIP)8d5c3553534762792d5413e23f9913c9dac98b0dopenfire_src_4_0_0_beta.zipDebian / Ubuntu3f37ec574c3fdca231b94b0c67f7d5c3d37fe2eaopenfire_4.0.0.beta_all.debSource (Redhat / CentOS)e73d303bc58e19a2d714c5bd8b3f7d2952305cbeopenfire-4.0.0.beta-1.src.rpmRedhat / CentOS16f76f7eb2eea1b49d85d0f50a673a3c418cc42dopenfire-4.0.0.beta-1.i386.rpm

 

Enjoy!

Distribuir contenido