#social 2019-01-14

2019-01-14 UTC
HankG and xmpp-social joined the channel
# 11:49 
fr33domlover In HTTP Signatures, it's possible to use the Date header to prevent replay, make the sig valid only for a short time frame. Is there a recommended time frame size? Mastodon was using 30 seconds, switched to 12 hours, and other projects seem not to check at all (or at least I couldn't find the check in their source code)
# 12:18 
jdormit fr33domlover: I don't think there's an officially recommended time frame
# 12:19 
jdormit 30 seconds is pretty reasonable, assuming you don't expect any latency longer than that
KjetilK joined the channel
# 12:19 
jdormit 12 hours seems so long as to be functionally useless
# 12:19 
jdormit might as well not enforce a time frame at that point
RzR joined the channel
# 12:20 
RzR hi are any of you going to fosdem this year?
# 12:21 
fr33domlover jdormit, I'm guessing Mastodon switched to 12 hours because 30 seconds wasn't enough? Also, the commit explains why it switched although I admit I'm not sure I understand
# 12:21 
fr33domlover jdormit, it suggests the time check prevents replaying old vulnerable signatures, which is supposedly unlikely to happen within 12 hours idk
# 12:23 
rialtate[m] Servers with bad clock sync will misbehave with 30 seconds. I think 5-10 minutes is much more reasonable.
# 12:25 
fr33domlover rialtate[m], joyent's implementation recommends 300 seconds which is 5 minutes
# 12:25 
rialtate[m] Fwiw Date doesn't have to be accurate to prevent replay. It merely has to be different (and digest takes care of the body in this regard)
# 12:27 
fr33domlover rialtate[m], yeah technically you can set Date to be a year from now and send the request a year from now. I guess what could protect it then it key rotation i.e. by then the key can be different so the sig won't pass
# 12:27 
fr33domlover But either way, checking Date helps prevent the sig from passing more than once
# 12:28 
fr33domlover I guess either way AP servers can check the actual AP activity against their DB and not store new activities with ID URLs they've already received
# 12:41 
jdormit yeah, they should be doing that anyway
# 12:42 
jdormit but you could potentially do a replay attack with e.g. Update activities
# 12:43 
jdormit unless you include the digest in the signature as well
# 12:52 
rialtate[m] Updates are a nightmare without versioning anyway
# 12:53 
jdormit because different nodes get out-of-sync about the latest version of an object?
# 13:04 
rialtate[m] Put simply yes
# 13:10 
jdormit i guess the bigger danger is multiple updates arriving out-of-order
# 13:15 
rialtate[m] Anything that isn't a directed graph has a variety of sync issues
# 13:24 
jdormit not sure I follow - how does a directed graph fix the sync issues?
# 13:33 
jdormit the ap graph is directed, isn't it? Edges have a direction, e.g. object -['attributedTo']-> actor
# 13:34 
jdormit but it's not acyclic, b/c actor also has an edge pointing back to object via 'outbox' -> 'items'
# 13:35 
jdormit but even if it was acyclic, say by enforcing that objects could never point back to their actors, you'd still have the update problem
Guest84 joined the channel
# 13:48 
rialtate[m] Version graph. "this update based on version abcd". 2 updates can be based on the same version and conflict resolution can be exposed to the UI so not necessarily acyclic
jdormit joined the channel
# 13:58 
heluecht[m] RzR (IRC): I will be at the FOSDEM
# 13:59 
RzR heluecht[m], cool I'll be there too
# 13:59 
heluecht[m] fr33domlover (IRC): 30 seconds are much too short, just think of systems that clock is slightly unsynchronized.
# 14:00 
RzR heluecht[m],  I saw on mastodon call about mastodons devs for pannel was this you ?
# 14:01 
heluecht[m] I'm no Mastodon dev. I'm developing Friendica.
# 14:01 
nightpool[m] if your clock is more then THIRTY seconds desync'd, then you shouldn't be federating
# 14:01 
nightpool[m] install ntp
# 14:01 
RzR heluecht[m], IIRC the call was about  activitypub implementations
# 14:02 
heluecht[m] My clock is synchronized, but I always think of lazy admins.
jdormit joined the channel
# 14:31 
fr33domlover Hi heluecht[m] :) It's cool the fediverse projects' devs are here
# 14:32 
RzR https://fosdem.org/2019/schedule/event/activitypub_panel/
# 14:32 
fr33domlover heluecht[m], yeah 30 is little for desynced servers but I wonder how common/acceptable it is to just leave it like that
# 14:32 
fr33domlover Versus asking admins to use ntp
# 14:32 
fr33domlover Which I hope is common anyway
# 14:33 
fr33domlover heluecht[m], does Friendica use HTTP sigs and check the date? What's the time frame size? ^_^
# 14:41 
fr33domlover Looks like Peertube, Pleroma Kroeg don't check
# 14:42 
fr33domlover *and Kroeg
# 14:44 
heluecht[m] We create the date in the signature, but I guess we don't check it.
# 14:46 
fr33domlover heluecht[m], well I suppose creating the date is a must because it's required for federation with Mastodon
# 14:46 
fr33domlover Looks like nobody else checks that date though
# 14:46 
fr33domlover Tbh the HTTP sigs draft doesn't mention such checking
# 14:47 
fr33domlover It's mentioned in Joyent's implementation though
# 14:48 
heluecht[m] For Mastodon you don't need the date.
# 14:48 
Chocobozzz fr33domlover: peertube checks it: https://github.com/Chocobozzz/PeerTube/blob/develop/server/tests/api/activitypub/security.ts#L78
# 14:48 
heluecht[m] Concerning checking the date I just found this in our code:
# 14:49 
heluecht[m] ```/// @todo Check if the signed date field is in an acceptable range```
# 14:49 
heluecht[m] So, no, we don't check it at the moment.
ahihi2 joined the channel
# 15:23 
fr33domlover Chocobozzz, hmmm can you show me where the check happens in the code though? I couldn't find it
# 15:23 
fr33domlover Chocobozzz, btw the peertube readme/docs don't say in which language it's written, I was looking for the info and couldn't find it
# 15:24 
fr33domlover I just guessed it's JS/TypeScript but would be nice to find this detail written in readme / architecture / contributing
# 15:42 
rigelk[m] fr33domlover (IRC)fr33domlover (IRC) that's at least said insupport/doc/development/server/code.md` and `support/doc/development/client/code.md`
# 15:46 
fr33domlover rigelk[m], thanks :) That's nice but hard to find, no big deal but I'm wondering if it could be placed somewhere more visible
# 15:49 
rigelk[m] fr33domlover (IRC): honestly I think people look for less specific information in the README, and infer it from the build system/file extensions/etc. anyway.
# 15:51 
Chocobozzz github shows the language if you click on the bar below the commits/branches/releases/contributors info
# 15:52 
Chocobozzz fr33domlover: it's checked by the parseHTTPSignature function https://github.com/Chocobozzz/PeerTube/blob/develop/server/tests/api/activitypub/helpers.ts#L134
# 15:53 
fr33domlover Chocobozzz, but that's in tests?
# 15:53 
Chocobozzz https://github.com/Chocobozzz/PeerTube/blob/develop/server/helpers/peertube-crypto.ts#L49
# 15:54 
nightpool[m] fr33domlover: peertube doesn't check it explicitly, they rely on a library that checks it
# 15:55 
rigelk[m] this one https://github.com/joyent/node-http-signature/
# 15:59 
fr33domlover nightpool[m], rigelk[m] ah I see! I saw that lib, just missed the clock skew parameter ^_^
# 16:02 
fr33domlover Looks like Peertube does't mass clock skew which means the default of 300 seconds would be used
# 16:03 
fr33domlover *pass
dlongley, schmittlauch[m], timbl and timbl_ joined the channel