sebsauvageJun 15
#MessageriesChiffrées
Plus le temps passe, plus je me dis que DeltaChat est une purin de bonne idée.
J'essaie de poser les raisons qui me font apprécier DeltaChat (et aussi ce qui la distingue de Signal): https://sebsauvage.net/links/?cdQxCA
DeltaChat - Liens en vrac de sebsauvage

Show threadChartrux
@sebsauvage Une raison de préférer delta chat à XMPP ?
XMPP semble plus frugal, dédié à la messagerie, standardisé...
#XMPP
Jun 15 at 1:46pmWeb
Show threadsebsauvageJun 15
@Chartrux
xmmp+omemo est très bon aussi, mais il laisse plus de traces et méta-données.
Show threadadbJun 15

@Chartrux @sebsauvage there are some reasons why Delta Chat is better than XMPP clients here:
https://fosstodon.org/@arcanechat/115963841644398921

basically XMPP is federated, but your account depends a lot on a central server, if the server goes down your profile is gone, you have to join another server and start all over, get in contact with all your contacts again, etc. what is worse: all the groups you created are tied to that server and are now gone also not only for you but for all the other members

with Delta Chat you can use several servers at the same time! and also replace them or add new ones, keeping your profile, chats, messages, etc. without your contacts even noticing, and groups are truly decentralized not depending on any server to exists, meaning no group metadata lives on the server, unlike in XMPP

ArcaneChat (@[email protected])

@[email protected] because: xmpp lacks a client that is available for all platforms and offers the same features people expect everywhere xmpp groups are centralized on the server, if the server dies your group is gone you can't migrate servers easily in xmpp while keeping all your chats, contacts and groups it is not possible to import a backup ex. from Android in desktop etc. you can easily end up sending unencrypted messages in xmpp, not the case in delta chat and MORE! @[email protected] @[email protected]

Fosstodon
Show threadNicocoJun 16
@adbenitez @Chartrux @sebsauvage
Accounts/profiles are similar on XMPP and deltachat, they "live" on your server; but migration is possible on XMPP.
The widely used group protocol on XMPP is indeed different than deltachat's. Nothing prevents to use XMPP for a similarly distributed groupchat protocol. There are tradeoffs to both approaches.
It's OK to prefer DC. It's FUD to say it's vastly superior to XMPP though.
Show threadadbJun 16

@nicoco
> Accounts/profiles are similar on XMPP and deltachat, they "live" on your server

FALSE, profiles in Delta Chat live in YOUR device, there is no "Delta Chat account" in any server, relays are used to transmit messages internally and they are disposable and interchangeable, they are just email servers and have no idea about Delta Chat accounts and chats, your profile (and all chat metadata) lives solely in your devices and it is unblockable/uncensorable (the server doesn't even see the profile ID/fingerprint so can't know what profile is whom

in XMPP you can migrate, similarly you can also migrate in WhatsApp creating a new account with a new phone number, as already explained that is quite inconvenient and you lose all messages chats and contacts

> It's FUD to say it's vastly superior to XMPP though.

it is not, and notice I said "XMPP CLIENTS" I didn't talk about XMPP protocol, what sense has to compare an app to a protocol??? can't you XMPP fans resist the urge to bring how great the xmpp protocol is to every conversation? ofc one can do whatever with an extensible protocol, but the question is what is the reality out there

@Chartrux @sebsauvage

Show threadNicocoJun 16

@adbenitez @Chartrux @sebsauvage
You need to have an account on an email server; how is that fundamentally different than an XMPP account on an XMPP server?

Comparing to WhatsApp is FUD again. This tool exists to make moving from one server to the other easier https://migrate.modernxmpp.org/
It's not linked to a phone number in any way.

It is pretty clear that you engage in these discussions in bad faith, so I'll leave it at that. Long live federated self-hostable chat protocols.

XMPP Account Exporter

Show threadLutin DiscretJun 16
@nicoco it's fundamentally different because authentication is server side in xmpp while client side on DC. if an hostile admin take over your account on an xmpp server, you have lost, the servernadmin control your account and can impersonate you. That's not tye case with DC, the admin can block you and yiu can't migrate you lost everything. In dc you change server as a relay, it's like changing your wifi router, annoying but it works
Show threadNicocoJun 16

@lutindiscret
Oh I had not followed all the recent changes since the introduction of chat relays, I stand corrected. So the value of "you already have an email account" is completely gone, right?

> if a hostile admin take over your account on an xmpp server [... they] can impersonate you.

If you use OMEMO or OpenPGP, the server admin cannot impersonate you, your secret keys are on your device(s).

Anyway, whatever gets people out of the silos is great.

Show threadLutin DiscretJun 16
@nicoco yes it's gone. I regret it a bit. In the future you may be able to use multiple relays for redundancy and even splitting your traffic to obscure it m, à la mixnet
Show threadLutin DiscretJun 16
@nicoco in jabber your id is me@domain. The guy who control domain can really hurt you. In DC your identity is your public key not tied to any server or domain. The relay has a role only between you sending a message and recipients pulling it. After that the relay can die. Someone who DOS the relay hurt you less than someone DOSing your xmpp server. Also the design of rooms, stored on the servers, while DC are just messages broadcasted to all recipients, no rooms stored change things
Show threadNicocoJun 16
@lutindiscret
me@domain has the advantage of being easy to share and remember. Most XMPP clients also have a local copy of room history.
It seems to be that the entire value proposition of delta chat was to be mail-compatible. It turns out basic SMTP was not really suitable for chat, as delta chat has moved on from this idea.
Nothing you describe sounds like it could not be built on top on XMPP, cf
https://xmpp.org/extensions/inbox/xid.html
https://xmpp.org/extensions/xep-0289.html
or the future "onion routing" XEP.
XEP-xxxx: XMPP Decentralized ID (XID)

XMPP Decentralized ID (XID) is a DNS independent XMPP entity identifier. This specification describes how to generate, use, and handle them.

Show threadNicocoJun 16
@lutindiscret that said, thanks for the details, and again, whatever gets people out of whatsapp, telegram or even signal is a win in my book. I may very well write an XMPP/deltachat gateway at some point, if it gets popular somehow and I have people to talk to in there. :)
Show threadLutin DiscretJun 16
@nicoco thanks. I was not aware of those recent xeps. I'm glad those reflections progress. Now, like most of the time it's "on the paper", nothing i can use right now. Nostr may get an implementation of DM and chat before xmpp apps are available 😞 I like that deltaChat choose not to bother with the burden of standardization.
And yes. It's all of us against the global surveillance. We are together in this.
Show threadLutin DiscretJun 16
@nicoco true for omemo and pgp but let's admit adoption is low due to many client incompatibilities while encryption is DC is mandatory for every messages. Relays will dump any unencrypted message.
Show threadNicocoJun 16
@lutindiscret
#XMPP adoption is low or OMEMO adoption is low?
XMPP adoption is low for several reasons, among which NIH syndrome (😏) and the false idea that IM is easy.
OMEMO adoption is very high in direct messaging and private chat, because the most popular clients among non-tech people just default to activating (when they even allow not activating it).
Dumping any unencrypted message is very possible through server if that is desirable.