Video calls have become a widely used means of communication in personal and in business settings. Especially during the last months, people increasingly used video calls to keep in touch. Unfortunately, many turn to US-based, centralized and closed-source solutions that come with privacy and security issues.
We are now starting to implement decentralized calls and conferences in Dino. As with the rest of the UI, we aim for a nice and simple user experience. The call features are planed to be implemented and published step-by-step over the next 12 months. Support for encrypted two-party calls that are compatible with Conversations should be ready by the end of this year or early next year. For conference calls, we are also looking into compatibility with the popular video-conferencing solution Jitsi Meet, that is also based on the XMPP protocol.
This work is made possible through contributions from the NGI0 PET Fund. The fund is managed by NLnet and dedicated to Privacy and Trust Enhancing technologies. It was established with financial support from the European Commission’s Next Generation Internet programme.
The Smack developers are happy to announce the first beta release of Smack 4.4. Together with Smack 4.4 entering the beta phase, the ‘4.4’ git branch of Smack was created. This means that the API of Smack 4.4 is becoming more and more stable: we will try avoid breaking API changes during the beta phase whenever possible.
Smack 4.4.0-beta1 is now available on Maven Central.
4 posts - 3 participants
With news that wechat will leave the us App Stores, one can expect it to leave EU too. I have no idea how wechat is GDPR compliant . If you are looking for something that works in the west and in mainland China, I recommend xmpp, Monal isn’t blocked in China. You can even run your own server that can’t be blocked
This week I managed to add some titbits to existing codebase.
In my last post I mentioned that I was still figuring my way with debuggers. This week, I was able to log down incoming and outgoing texts with the help of SmackDebugger. In future I expect to log down pretty xml.
We can now specify one endpoint for the websocket implementation to connect to. The endpoint has to be configured inside `XmppWebsocketTransportModuleDescriptor`. When a remote endpoint is configured inside descriptor, we can also enable or disbale websocket remote endpoint discovery. By default endpoint discovery mechanism is enabled.
Improvements can be observed inside OkHttpWebsocketImpl.send(). There now exists much less logic than what existed previously. This improvement no longer realised the need of WebsocketConnectionPhase.ReadyToSendOpen phase. And hence, the phase has been safely removed.
Recently I started writing unit tests using mockito. I have no experience with the mocking framework but I have managed to write simple tests. It has been fun :)This was my week. See you next week.
Welcome to the XMPP newsletter covering the month of July 2020.Newsletter translations
Translations of the XMPP Newsletter will be released here:
JC Brand created an XMPP job board! This enables people to review job offers as well as advertise XMPP services. Please take a look, post your own offers and recommend it. XMPP works!
Just how scalable is the XMPP server MongooseIM? See how Bartek Górny, one of the MongooseIM team members, achieved almost 2.5 million connections, passing 45 thousand messages per second. And, why he thinks 10 million connections is easily achievable. Find out more in Scaling a Mongoose.
Yarmo Mackenbach wrote an article on XMPP and OMEMO integration in Keyoxide, a modern, secure and privacy-friendly platform to establish your decentralized online identity and perform basic cryptographic operations.Software news Clients and applications
The multi-platform desktop client Gajim 1.2.1 has been released. Just two weeks after the release of Gajim 1.2, the next update is already there. Gajim 1.2.1 features spam reporting as specified by XEP-0377, automatic activation of shipped plugins which implies OMEMO available by default, and some bug fixes. Audio/Video calls gain some improvements, but remain highly experimental. More development news from July: an automatic update check for Gajim on Windows/MacOS, account password storage enhancements, an OMEMO fix, and many small improvements.
Profanity, the text based user interface client, released version 0.9.5 to fix a potential segmentation fault when using the /theme properties command. It is used to display colour settings for the current theme.
Anurodh Pokharel released Monal 4.7 for iOS and macOS. Despite the small version number update, this is a large upgrade. Besides the usual UI fixes and stability improvements you'll find: a new in chat title bar (as seen below), support for XEP-0319 (Last User Interaction in Presence) so you know when your contact was last seen online, support for XEP-0085 (Chat State Notifications) for those useful typing notifications and support for XEP-0191 (Blocking Command) for when a spammer comes along.
The git repository of Pix-Art Messenger has been moved from Github to Codeberg. This migration process is not finished yet. Until then, both repositories will run in parallel. Concerning the software itself, Pix-Art Messenger versions 2.5.1 and 2.5.2 have been released, highlighting pinned chats in color, improving the video quality, and dynamically optimizing file compression.
Kontalk for Android has released a new version (4.4.0)! Apart from bugfixes and improvements it has now a dark theme, supports sharing to groups, exporting media to storage and deleting media with messages. The settings have been revamped and Android 10 is now supported.
The Android client aTalk released several patches for their 2.3.0 release with bugfixes and improvements.Servers
MongooseIM 3.7.1 has been released! This one is built on top of the 3.7.0 May release, which introduced support for channel binding to prevent replay attacks for all methods of SCRAM, a family of modern, password-based challenge–response authentication mechanisms providing authentication of a user to a server. This previous version also provided a range of new SCRAM authentication methods based on different flavors of the SHA cryptographic hash functions, the ability to retract messages as specified by XEP-0424, and support for Proxy Protocol which safely transports connection information such as a client's address across multiple layers of NAT or TCP proxies. Version 3.7.1 improves on that by speeding up all the SCRAM methods significantly!
Tigase XMPP Server 8.1.0 General Availability has been released and it is packed with improvements! SASL-EXTERNAL mechanism defined in XEP-0178 (Best Practices for Use of SASL EXTERNAL with Certificates) to allow certificate based authenticated connections was added for server-to-server connections, greatly improving compliance with the XMPP federated network. Depending on support in other servers, it’s possible to use both SASL-EXTERNAL and Dialback, another authentication mechanism defined by XEP-0220. Set of XMPP extensions were added: - XEP-0398 (User Avatar to vCard-Based Avatars Conversion) - XEP-0156 (Discovering Alternative XMPP Connection Methods) - XEP-0410 (MUC Self-Ping (Schrödinger’s Chat)) - XEP-0153 (vCard-Based Avatars) - XEP-0411 (Bookmarks Conversion) - XEP-0157 (Contact Addresses for XMPP Services)
This version also improves management of multiple domains in virtual hosts and enables by default a new anti-spam plugin.
A new TURN server called eturnal has been published. This is a standalone version of the TURN server part of ejabberd (with some improvements) and a straightforward alternative to servers such as Coturn which can be used for offering STUN/TURN services to A/V clients using external service discovery as defined by XEP-0215.Libraries
Tigase JaXMPP 3.3.0 has been released! Main features included in this release are support for OMEMO encryption, making it easier to carry out encrypted conversations, and support for XEP-0305 (XMPP Quickstart) allowing connections to be established faster. Apart from that, SCRAM support was extended with SCRAM-SHA512 flavour. Service items discovery can now be controlled with XEP-0059 (Result Set Management). DataForms with multiple items got implemented and MUC message delivery was improved. Last but not least, connectivity with Google's Firebase Cloud Messaging (FCM) was fixed.
Version 1.0.1 of python-nbxmpp, the library developed for and used by Gajim development team, has been released. This version includes a fix for a bug where messages from ChatSecure could not be decrypted after a longer period of time has passed. It also includes some fixes for Websocket connections.
The Ignite Realtime community is pleased to announce the release of jXMPP version 1.0.0! jXMPP is a library that provides common functionality required by all sorts of XMPP implementations (servers, clients, components, ...). Among other things, it provides a sane implementation of JID types. Check out its javadoc documentation!Others
whatsxmpp, the WhatsApp (Web) to XMPP bridge, has seen a variety of bugfixes and improvements this month, mainly as a result of various users using the bridge and reporting errors. The development team switched to using the Nix package manager to build Docker images, resulting in more reproducible and faster builds! A stable 0.1 release is getting closer, and the basic functionalities are already working and battle-tested. A few more stability improvements are still required and some features, such as proper MUC history support and file uploading via native WhatsApp servers, are missing! Please do pop by their MUC email@example.com if you're interested in using or running the bridge.Google Summer of Code
Since the beginning of May students all over the world are working on many open-source projects within the Google Summer of Code Season 2020. We would like to introduce the students who work on GSoC XMPP projects and share their blog posts:
Aditya Borikar is working on WebSocket support for Smack. Blog history:
Thank you for joining GSoC XMPP projects and keep up the good work! To be continued.Extensions and specifications Updated
TL;DR: add new filtering fields, allow for reversing results order and migrate some information to external documents. - Add 'before-id' and 'after-id' fields, flipped pages, single-item retrieval and a new mandatory disco feature - Split preferences protocol into a separate document - Split the details of pubsub archives into a separate document
Advance to Draft as per Council vote from 2020-07-01
Version 0.3.0 of XEP-0420 (Stanza Content Encryption)
TL;DR: some changes concerning elements allowed/denied to be encrypted, and security improvement by increasing the entropy of random padding elements.
- Allow origin-id elements, disallow stanza-id and extended stanza addressing elements inside the payload element - Clarify wording on stanza processed elements and improve XEP formatting - Remove limitation of random padding content to base64 characters alone - Chat messages MUST contain message processing store hint - Credit where credit is due
This XMPP Newsletter is produced collaboratively by the community.
Thanks to eta, emus, erszcz, Ge0rG, Holger, kriztan, jerome-poisson, jonas', Licaon_Kter, pmaziere, vanitasvitae, wurstsalat, woj-tek, zash for their help in creating it!Spread the news!
Please share the news on "social networks":
We suggest you subscribe to receive the next editions in your inbox as soon as it is published! Promote this newsletter to whoever may be interested.Help us to build the newsletter
We are always happy to welcome contributors. Find our monthly drafts here in the XSF Github repository. Do not hesitate to join the discussion in our Comm-Team group chat(https://firstname.lastname@example.org?join) and thereby help us sustain this as a community effort.
You have a project and write about it? Please consider sharing your news or events here, and promote it to a large audience! Even if you can only spend a few minutes, these would already be helpful!
Tasks which need to be done on a regular basis are for example:
This newsletter is published under CC BY-SA license.
Copyright 2019 © All rights reserved