Logs for jdev
[00:14:31] * Lance_ left the chat.
[00:27:30] * psa joined the chat.
[00:29:36] * luca tagliaferri left the chat.
[00:46:34] * jcea left the chat.
[01:15:02] * darkrain_ left the chat.
[01:28:26] * faceprint joined the chat.
[03:25:27] * psa left the chat.
[03:32:17] * Lance joined the chat.
[04:35:42] * bLaDe joined the chat.
[04:43:05] * MattJ_ left the chat.
[06:28:12] * bLaDe left the chat.
[06:29:15] * bLaDe joined the chat.
[06:36:29] * Asterix joined the chat.
[06:59:25] * Asterix left the chat.
[07:11:33] * Alex joined the chat.
[07:16:15] * Alex left the chat.
[07:17:11] * Alex joined the chat.
[08:39:39] * Lance left the chat.
[08:47:34] * bLaDe left the chat.
[08:53:18] * luca tagliaferri joined the chat.
[08:54:51] * bLaDe joined the chat.
[10:08:31] * guus joined the chat.
[10:21:06] * Treebilou left the chat.
[10:25:31] * whatever left the chat.
[10:25:32] * whatever joined the chat.
[10:36:27] * bLaDe left the chat.
[10:44:31] * whatever left the chat.
[10:44:32] * whatever joined the chat.
[10:59:30] * scippio left the chat.
[11:30:11] * xnyhps left the chat.
[11:31:48] * xnyhps joined the chat.
[11:57:35] * Treebilou joined the chat.
[12:20:33] * paulovap joined the chat.
[12:24:24] <paulovap> Hello, is this the proper room to ask questions about xmpp implementation
[12:24:24] * Tobias_ left the chat.
[12:24:24] * Tobias left the chat.
[12:50:01] * jcea joined the chat.
[13:10:42] * deryni joined the chat.
[13:12:14] <deryni> About implementations in general, yes. About a specific implementation less so.
[13:17:47] <paulovap> I was trying to restrict in-band registration for a server that i'm creating for mobile applications only. But i don't know
the best way to do it, i'm thinking about extending tags in the in-band registration extension. Do you guys have any other
suggestion?
[13:23:39] <MattJ> What are you trying to restrict it to?
[13:32:09] <paulovap> I want that only a given mobile app can register on the server.
[13:36:42] <MattJ> Ok
[13:37:13] <MattJ> First of all, understand that it's technically impossible to do that completely (in any protocol)
[13:38:06] <MattJ> But you can certainly do something like have a secret shared between client and server, and attach a HMAC inside the registration
request, and validate it on the server before allowing the registration
[13:43:38] <paulovap> i do understand that is impossible to make it perfect, but the main purpose is to avoid attacks and get more control over
the registration, making it a little more private. Creating a secret was my first way of thinking, but i thought that would
be good the ask the experts :). HMAC only will limit the number of registration per machine, and i don't want to limit it
that way. Thank you, MattJ.
[13:46:30] <MattJ> No, HMAC would be per-whateveryouwant
[13:46:47] <MattJ> Per machine would be just as hard, but still possible
[13:48:04] <MattJ> HMAC just depends on the secret you use, if it's hard-coded into the application there's not much else you need to do
[13:50:16] <paulovap> understood. Thanks again!
[13:56:27] * naw joined the chat.
[13:57:48] <deryni> I might have suggested ssl client certs but I'm not sure those would hit all the same points.
[14:13:56] <paulovap> deryni, i will look into that. But what point do you think it will miss?
[14:15:10] * psa joined the chat.
[14:16:12] <deryni> I'm not sure it would. I haven't thought it all through. But to do a key per-client would mean generating one for each client
download served which is a lot more work than just building a secret/etc. into the client directly.
[14:16:41] <deryni> Doing a key per-build would work too it just doesn't let you do the same things with that key.
[14:38:28] * Asterix joined the chat.
[14:43:38] * naw left the chat.
[14:45:03] * darkrain_ joined the chat.
[14:48:59] * MattJ_ joined the chat.
[14:51:39] * Alex left the chat.
[14:51:40] * Alex joined the chat.
[15:00:44] * Asterix left the chat.
[15:07:32] <paulovap> I see. So for the level of security i'm looking for, just a secret would be enough(considering tls connections only). I would
have to worry only about the app reverse-engineering..
[15:07:32] * louiz’ left the chat.
[15:10:48] <MattJ_> Yep
[15:11:34] * MattJ left the chat.
[15:25:27] * Alex left the chat.
[15:53:26] * paulovap left the chat.
[16:05:57] * guus left the chat.
[16:57:54] * MattJ_ left the chat.
[17:05:26] * scippio joined the chat.
[17:11:51] * Lance joined the chat.
[17:12:51] * faceprint left the chat.
[17:12:51] * faceprint joined the chat.
[17:13:58] * faceprint left the chat.
[17:49:38] * Lance left the chat.
[17:53:25] * Lance joined the chat.
[17:55:02] * luca tagliaferri left the chat.
[18:37:43] * Alex joined the chat.
[19:03:05] * faceprint joined the chat.
[19:08:28] * naw joined the chat.
[19:10:46] * scippio left the chat.
[19:13:25] * scippio joined the chat.
[19:31:14] * Lance left the chat.
[19:38:17] * Lance joined the chat.
[19:49:23] * luca tagliaferri joined the chat.
[20:00:04] * Tobias joined the chat.
[20:03:46] * Lance left the chat.
[20:05:15] * scippio left the chat.
[20:05:50] * whatever left the chat.
[20:05:50] * whatever joined the chat.
[20:21:19] * Lance joined the chat.
[20:45:21] * xnyhps left the chat.
[21:15:03] * Neustradamus left the chat.
[21:18:03] * Treebilou left the chat.
[21:19:01] * Lance left the chat.
[21:29:18] * tamwyn joined the chat.
[21:33:23] * tamwyn left the chat.
[21:43:27] * naw left the chat.
[21:55:13] * scippio joined the chat.
[22:14:59] * whatever left the chat.
[22:16:16] * luca tagliaferri left the chat.
[22:16:16] * luca tagliaferri joined the chat.
[22:22:16] * deryni left the chat.
[22:37:56] * xnyhps joined the chat.
[22:38:22] * Lance joined the chat.
[22:40:55] * Alex left the chat.
[22:58:27] * luca tagliaferri left the chat.
[22:58:28] * luca tagliaferri joined the chat.
[23:13:35] * jcea left the chat.
[23:14:04] * psa left the chat.
[23:22:15] * Alex joined the chat.
[23:38:45] * deryni joined the chat.
[23:45:17] * luca tagliaferri left the chat.