Post AXksVcK7cDtQ65UtMm by TMakarios@theres.life
(DIR) More posts by TMakarios@theres.life
(DIR) Post #AWz03gqXXauqP31QR6 by TMakarios@theres.life
2023-06-22T05:04:48Z
2 likes, 4 repeats
I like XMPP, and I also like #peerToPeer things. So why not both at once?Yggdrasil gives you a stable IP address, and it turns out that the domain part of an XMPP address can be just a [bracketed] IPv6 address, meaning you can have a stable XMPP address, without buying DNS entries, regardless of whether or how often you change how you're connected to the internet.As an experiment, I tried setting up #Prosody to run on such an address, on my desktop and on my phone. And it worked!All I needed to change in the default configuration file was the VirtualHost line and the s2s_secure_auth line (setting it to false, so that they would accept each others' self-signed certificates, which is ok, because yggdrasil takes care of the end-to-end authentication and encryption). I also had to persuade each operating system that its own self-signed certificate was legit, so that #Dino on the same machine would be willing to accept it, to sign me in.And with that, I could send myself peer-to-peer XMPP messages, and it carried on working seamlessly even when I switched my phone's WiFi off, leaving it to connect via its mobile data connection, which is a #CGNAT IPv4 address.Having seen #libp2p try and not yet succeed in CGNAT holepunching, I'm really impressed by how easy it was to get yggdrasil to make the CGNAT barrier effectively disappear.Cc: @neilalexander, @prosodyim @dino
(DIR) Post #AWz03kQ6Fq8vUCgMmO by TMakarios@theres.life
2023-06-22T05:09:57Z
0 likes, 0 repeats
Apparently those hashtags in the content warning didn't work. See above if you're interested in #P2P #XMPP over #yggdrasil.I might write more about this next week.
(DIR) Post #AWz03nsZORhODN1e4W by TMakarios@theres.life
2023-06-23T06:31:58Z
0 likes, 1 repeats
On the other hand, I might write more about it today. (The weekend wasn't as close as I thought when I wrote that.)The best #peerToPeer systems allow ordinary people to use them without having to rely on a system administrator, or be one themself. What I described above clearly isn't that kind of #P2P system.But it is a proof-of-concept demonstration, and I'm sure it would be possible to bundle an #XMPP server with its own internal #yggdrasil component, like @neilalexander's #yggmail does for email.There's something to be said for the way yggmail lets you use your favourite email client, and that could be one way to go for peer-to-peer XMPP, but another alternative would be to bundle the relevant parts of an XMPP client in there, too (so it doesn't need to worry about client-to-server communication), resulting in an an all-in-one #XMP2P app that anyone could use.Next time, I might talk about interoperability with the existing federated XMPP network.
(DIR) Post #AWz2aUKnHUAF3uwLho by Revertron@zhub.link
2023-06-23T12:56:20Z
0 likes, 0 repeats
@TMakarios @neilalexander It's over an year since I've set up my XMPP-server (Openfire) on xmpp.yggdrasil.link (working over clearnet and Yggdrasil, and prefers Yggdrasil for clients [c2s], and clearnet for servers [s2s]) and xmpp.ygg (A domain name from #ALFIS, working solely on #Yggdrasil).
(DIR) Post #AWzgMOIWvMXUS7iK4e by arcanicanis@were.social
2023-06-23T20:22:02.307292Z
0 likes, 1 repeats
There is also serverless XMPP, where you have disparate clients directly connect: https://xmpp.org/extensions/xep-0174.htmlAlthough I’m unclear of how dependent it is on DNS-SD.I figure there could be a simple QR code/scanner in mobile clients, for adding a client via a QR code in XMPP URI format (xmpp:user@[300:1234:5678:9abc:def1:2345:6789:abcd]?roster) versus typing in a whole Yggdrasil address.https://xmpp.org/extensions/xep-0147.html#actions-roster-add
(DIR) Post #AX2TYlEKlwPj7ZCPKK by TMakarios@theres.life
2023-06-25T04:42:39Z
0 likes, 0 repeats
@Revertron @neilalexander Nice! So am I right in thinking a client without Yggdrasil will have a delay when connecting, because it first tries and fails to connect to the Yggdrasil address? And similarly, a server with *only* an Yggdrasil connection will have a delay because it first tries to connect to the non-Yggdrasil address? If so, how long are the delays?(Also, are you sure you've got the preferences that way around? When I query the SRV records of _xmpp-server._tcp.yggdrasil.link, for example, I see a 10 in the priority field for xmpp-ygg.yggdrasil.link, and a 20 for xmpp.yggdrasil.link, and I thought the lower priority numbers were meant to be tried first, but maybe I'm wrong about that.)
(DIR) Post #AXksVbHbU6HgrzJMno by TMakarios@theres.life
2023-06-27T05:23:26Z
0 likes, 0 repeats
An #XMP2P network could be hard to get off the ground without any significant network effect at the start. But what if XMP2P users could easily join multi-user chats in the existing #XMPP network, and talk to users of existing XMPP servers?How much work would it take to get a federated XMPP server to accept server-to-server connections from XMP2P apps?Not much, it turns out:1. In order to talk to an #Yggdrasil address, a federated XMPP server would need to be running Yggdrasil, in order to have its own Yggdrasil address. (It could use a 300::/8 address delegated from a router running Yggdrasil, instead of running Yggdrasil itself, but this would lose the end-to-endness of Yggdrasil's encryption.)2. In order to accept identity assertions from XMP2P apps, a federated XMPP server would need to accept self-signed certificates, at least from Yggdrasil addresses (or accept non-TLS connections from them, since Yggdrasil has built-in end-to-end encryption).And that's all!In particular, the federated XMPP server does *not* need to put its Yggdrasil address in any of its DNS entries. As long as an XMP2P app can access the internet outside Yggdrasil, it can make outbound connections to the XMPP server's normal address that it advertises to the rest of the world. And the XMP2P app can, at the same time, accept inbound connections on its stable Yggdrasil address, regardless of whether it's behind CGNAT or whatever. The dialback protocol (often used to verify an XMPP server's identity when TLS identity verification isn't being used) already assumes that outbound and inbound connections might use different IP addresses, or even be on different machines.I tested the above and confirmed it works in @prosodyim 0.12.3; I also tried it with the federated server end being on #Prosody 0.11.9, and it failed, though I'm not certain why.
(DIR) Post #AXksVcK7cDtQ65UtMm by TMakarios@theres.life
2023-07-16T02:23:49Z
0 likes, 0 repeats
@prosodyim As a demonstration, there is now an #XMPP channel that you can join from a traditional federated XMPP account, or from an #Yggdradsil #XMP2P setup, as described above: xmpp:yggdrasil@groups.freespoken.nz?joinIf you're joining from an XMP2P setup, you'll still need to be able to make outbound connections to public IPv4 addresses; one day I may give the server a globally reachable non-Yggdrasil IPv6 address, but it will not be this day.(The delay in making this announcement wasn't because setting up the server was particularly difficult; it was about as easy as anticipated above, but I've had other things to do.)
(DIR) Post #AXksVcyXByDe7QPAMC by stevenroose@x0f.org
2023-07-16T14:49:32Z
0 likes, 0 repeats
@TMakarios @prosodyim I want XMP2P!