[guardian-dev] New post on ChatSecure Push!

Tue Apr 19 17:04:58 EDT 2016

This is a stepping stone to XEP-0357, which we also intend to support. Keep
in mind we started development on this spec years before XEP-0357 was
introduced and didn't have the resources to deliver it until now. This
helps bridge the gap during the rollout of 357 so you can use push *now* on
legacy servers. For instance, our latest release defaults new accounts to
the dukgo server, which doesn't support 357, and probably won't for quite
some time. The prosody modules for push are still in active development and
I'm not aware of any public servers with 357 support deployed.

Our existing push server acts as the "app server" in the 357 model and is
already compatible with 357 servers with our PubSub module (RubDub
<https://github.com/ChatSecure/RubDub>), so the effort still isn't wasted
when we eventually support 357 client side.

I don't think our push spec should necessarily be standardized within XMPP
land, because it doesn't depend on or reference XMPP at all. It's simple
enough that once you have distributed some tokens over any transport,
someone can send you pushes from a web browser, or a desktop app, or
anywhere that HTTP POST is possible. The fact that it integrates with XMPP
is more of an implementation detail.

On Mon, Apr 18, 2016 at 10:52 PM, Pranesh Prakash <pranesh at cis-india.org>
wrote:

> Dear Nathan and Chris,
> I'm not very sure about the viability of the solution that has been rolled
> out.
>
> From what I understand, if Alice on Example.org using Client Y is seeking
> to communicate with Bob on Dukgo.com on Client Z, then for Bob's phone to
> support push messages with:
>
>   - XEP-0357, Dukgo.com and Client Z need to roll out support for XEP-0357.
>   - Chatsecure Push Protocol, Client Y and Client Z need to roll out
> support for CPP.
>
> Push is really needed only if you're using a mobile client, and
> specifically if you're using iOS (since on Android, it's never really been
> a problem).  I'd argue it might be simpler to get the largest server
> instances (Dukgo.com, jabber.ccc.de, etc.) to support XEP-0357 and get
> people to use an XEP-0357 capable client on iOS (say Chatsecure and Monal)
> than to get all those who correspond with those clients to *also* support a
> special something like CPP.
>
> Given that desktop clients like Pidgin have not been adding support for
> new features (even carbons!) for years, I doubt we'll ever get to a
> position where CPP would really work well.
>
> Further, by pushing a non-standardized solution, one of two signals is
> being sent:
>
>   1. Chatsecure devs hope that its userbase ends up meaning other clients
> also adopt this.
>   2. Chatsecure devs don't really care who else adopts this, as this would
> primarily be used for Chatsecure-to-Chatsecure conversations.
>
> I hope it is (1).  While Conversations devs have rolled out new features
> (HTTP Upload, OMEMO), they've sought to work to standardize through the XSF
> by publishing draft XEPs.
>
> While I like the ingenious and decentralized nature of the solution Chris
> has crafted (where the only servers that need to be involved are the push
> servers run by the client dev), I do hope you'll work to get it
> standardized and adopted by others.  And I also hope Chatsecure (esp. for
> iOS) will add support for XEP-0357 too.
>
> Also, I'd love to learn why you feel the other way, as I might well have
> misunderstood or missed something.
>
> Regards,
> Pranesh
>
> Nathan of Guardian <nathan at guardianproject.info> [2016-04-18 09:13:42
> -0400]:
>
>
>> If you haven't read it you should:
>> https://chatsecure.org/blog/chatsecure-v32-push/
>>
>> "With the release of ChatSecure iOS v3.2, we have enabled the first
>> phase of a new form of push messaging that is decentralized,
>> interoperable, and reduces identifiable metadata. Users of any app
>> compatible with the ChatSecure Push protocol can send push messages
>> across app boundaries, starting with the latest release of ChatSecure
>> iOS and the next version of Zom Messenger. These push messages currently
>> contain no content and are simply a way to wake up the receiving client
>> for ~20 seconds."
>>
>> Important work by Chris and the ChatSecure team... having a
>> privacy-preserving, decentralized push mechanism on iOS is both
>> essential and cool.
>>
>> +n
>>
>>
>>
> --
> Pranesh Prakash
> Policy Director, Centre for Internet and Society
> http://cis-india.org | tel:+91 80 40926283
> sip:pranesh at ostel.co | xmpp:pranesh at cis-india.org
> https://twitter.com/pranesh
>
>
> _______________________________________________
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> To unsubscribe, email:  guardian-dev-unsubscribe at lists.mayfirst.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20160419/a961d662/attachment.html>