<tangent128>
(Is it normal for hashes resulting from a writable-gateway PUT to give a "Error: merkledag node was not a directory or shard" when I try to ls them from the command line?)
<whyrusleeping>
tangent128: uhh
<whyrusleeping>
tangent128: that depends on what the hash is
<whyrusleeping>
and how you created it
<whyrusleeping>
i havent messed with the writeable gateway in a while, so im not sure how it behaves
palkeo has quit [Ping timeout: 240 seconds]
gmoro_ has joined #ipfs
<jamesstanley>
is there any consensus on what an ipfs uri should look like?
<rozie>
and the last question (for now): is there any catalog of services in ipfs? let's say I want to give it a try, but provided examples are rather manual and work in the way "first know what do you want to see with ipfs"
<tangent128>
Run it off of a writable gateway, and it can save changes and give you the URL of the new copy.
joelburget has joined #ipfs
Foxcool_ has quit [Remote host closed the connection]
joelburget has quit [Ping timeout: 240 seconds]
<jamesstanley>
tangent128: that's cool; note it gives confusing error messages on a non-writable gateway
<fabrixxm-offline>
tangent128: also /ipfs/QmVPyRpgqLwBWyf6HB41p2VnaiepUN6LazKaT7qSKzQybQ
<TUSF>
jamesstanley: probably because the writer didn't account for non-writable gateways and still has the browser redirect you to a non-existent hash.
<jamesstanley>
indeed, it just goes to null
<jamesstanley>
works great with a writable one though
ShalokShalom has joined #ipfs
fabrixxm-offline is now known as fabrixxm
espadrine has joined #ipfs
<tangent128>
It's 3am, I was not in the mood to make pretty error handling. Maybe later in the week :P
<TUSF>
:P
joelburget has joined #ipfs
Foxcool has joined #ipfs
tilgovi has quit [Ping timeout: 246 seconds]
ylp has joined #ipfs
ygrek has quit [Ping timeout: 272 seconds]
joelburget has quit [Ping timeout: 260 seconds]
gmcabrita has joined #ipfs
brendyn has joined #ipfs
rendar has joined #ipfs
Caterpillar has joined #ipfs
btmsn has joined #ipfs
cehteh has quit [Ping timeout: 246 seconds]
cehteh has joined #ipfs
dgrisham has quit [Ping timeout: 272 seconds]
joelburget has joined #ipfs
Guest31939 has joined #ipfs
<jamesstanley>
web apps distributed over ipfs that store content in localstorage are unwittingly leaking this content to every other web app distributed over ipfs - including malicious scripts embedded in otherwise non-ipfs pages
<jamesstanley>
just occurred to me that setting it in a meta tag is clearly not sufficient
<TUSF>
So suborigins is only a draft right now, but some browsers are already supporting it?
<jamesstanley>
(the attacker could just copy your suborigin in their own meta tag)
maxlath has quit [Remote host closed the connection]
Luis[m] has left #ipfs ["User left"]
s_kunk has joined #ipfs
ianopolous__ has quit [Ping timeout: 255 seconds]
joelburget has joined #ipfs
cxl000 has joined #ipfs
joelburget has quit [Ping timeout: 240 seconds]
galois_dmz has joined #ipfs
joelburget has joined #ipfs
espadrine has quit [Ping timeout: 264 seconds]
joelburget has quit [Ping timeout: 264 seconds]
jungly has joined #ipfs
<Kubuxu>
TUSF, jamesstanley, Stskeeps: chrome supports them, but the spec changed midway and Suborgings set buy ipfs were invalid. We didn't have time to deal with it so we disabled the feature.
<Kubuxu>
If anyone of you is interested in resurrecting it, see the issue linked above.
<jamesstanley>
as I understand it, the problem is simply a matter of working out how to acceptably encode the multihash?
<jamesstanley>
I'll have a look, most likely will lead nowhere though
joelburget has joined #ipfs
petroleum has joined #ipfs
petroleum has quit [Max SendQ exceeded]
joelburget has quit [Ping timeout: 260 seconds]
asyncsec_ has quit [Quit: asyncsec_]
petroleum has joined #ipfs
TUSF has quit [Ping timeout: 260 seconds]
espadrine` has joined #ipfs
xSkyripper_ has joined #ipfs
joelburget has joined #ipfs
TUSF has joined #ipfs
joelburget has quit [Ping timeout: 272 seconds]
<Kubuxu>
jamesstanley, Stskeeps: there is also option of working under your own domain: http://tr-wiki.ipfs.ovh
<Kubuxu>
but it won't work with local only without hacks
joelburget has joined #ipfs
maxlath has joined #ipfs
ShalokShalom has quit [Ping timeout: 260 seconds]
joelburget has quit [Ping timeout: 240 seconds]
petroleum has quit [Quit: petroleum]
Mateon3 has joined #ipfs
Mateon1 has quit [Ping timeout: 246 seconds]
Mateon3 is now known as Mateon1
Endeavour has joined #ipfs
Endeavour is now known as Guest55174
Guest55174 has quit [Remote host closed the connection]
Guest94945 has joined #ipfs
kvda has joined #ipfs
joelburget has joined #ipfs
imvr has joined #ipfs
<TUSF>
So question; is our private key encrypted, or are they hashed, to make the Peer ID?
<TUSF>
I ask, cause I want to know if someone could prove the Peer who submitted a particular file, by like encrypting a message with your Private Key, and decrypting it with the Public key?
joelburget has quit [Ping timeout: 260 seconds]
<TUSF>
I'm imagining a scenario, specifically over pubsub, where someone could make an announcement, add an encrypted message, and when someone connects later, they could ask other peers "Hey, was their an announcement?" and receive the message back, and verify who sent it by decrypting the message with the public key.
<Kubuxu>
TUSF: we are currently using RSA keys, which shouldn't be used for signing and encrypting at the same time. We use them for signing.
kvda has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<Quiark_>
TUSF, "verify message" ... use signinig, not encryption
<TUSF>
Err, OK but, would there be a way to re-publish a message someone else already sent, and verify they are the one who sent it?
<TUSF>
Like, should I sign the original message? Not sure how it works and all
joelburget has joined #ipfs
kvda has joined #ipfs
<jamesstanley>
how much memory does it typically take to run a go-ipfs node? it keeps exhausting the memory on my vps
mildred3 has quit [Ping timeout: 240 seconds]
joelburget has quit [Ping timeout: 260 seconds]
mildred3 has joined #ipfs
A124 has quit [Quit: '']
<TUSF>
Kubuxu: so if I'm announcing some sort of "update", go offline, and someone else asks for "new updates", so that someone else can confirm my message, would I have to further attach a signature to my message, that someone else can repost? Can I not reuse the signature PubSub sent?
<Kubuxu>
jamesstanley: it depends, we seen quite rapid growth in recent months and hit a problem we did not expect (too many connections) we are in process of exploring solutions for it.
<jamesstanley>
I skimmed the cidv1 spec after you mentionde it
<jamesstanley>
I think the code I just linked would work ok with that case?
<Kubuxu>
I think it should.
<jamesstanley>
fyi nothing on master uses go-multibase - should I definitely be the first?
<Kubuxu>
dependencies use it
<TUSF>
tbh, I read over multibase, and I can't bring myself to like it, because it's... ambiguous.
<Kubuxu>
just add it to imports and then do `gx-go rewrite'
<jamesstanley>
I haven't tested it, but it looks to me like Base32 and Base32Upper are both uppercase?
<Kubuxu>
possible, do you know if suborgins enforce case or it is just case insensitive?
<Kubuxu>
TUSF: how? the first byte is interpreted binarly, not as encoded.
<jamesstanley>
pretty sure they enforce case - that's why the original version of this got disabled
<jamesstanley>
enforce lowercase, that is
xSkyripper__ has quit [Quit: Leaving]
<jamesstanley>
that said, I still haven't actually got chrome to respond *at all* to suborigin headers, so from my perspective it doesn't enforce anything
<Kubuxu>
you can just run it through strings.ToLower
<jamesstanley>
lol, it gives me different base32 output for the same input
asyncsec has joined #ipfs
<jamesstanley>
I wonder which one was wrong
<jamesstanley>
disregard, it was just the leading b
<TUSF>
Kubuxu: What I dislike about it is that it's brought under the "multiformats" banner, which describes itself as "Self-describing values for Future-proofing", and multibase's way of describing each encoding is not very self-describing.
<Kubuxu>
the encoded value describes itself by having multicodec prefix
<Kubuxu>
the self-describing isn't about multicodec itself
<Kubuxu>
but about the value that is being described by multicodec
<Kubuxu>
in this case due to length constrains we need something very short
<jamesstanley>
since the suborigin header is being handled by something that doesn't know anything about multibase, I'm not sure it makes any practical difference in this case
<Kubuxu>
it might not but there is no reason not to do it I think
<Kubuxu>
also we should have some separator between segments
<Kubuxu>
as `ipfs` and `ipfsz` might be different protocols
<Kubuxu>
but they might encounter collision, just future proofing it
joelburget has quit [Ping timeout: 255 seconds]
<jamesstanley>
are you saying the "b" acts as a separator, or I should add one?
<Kubuxu>
do we have any sepcial chars allowed by suborigin spec?
<jamesstanley>
no
<Kubuxu>
I am running out of battery here
<jamesstanley>
only digits and lowercase letters
<Kubuxu>
So I might drop out.
<jamesstanley>
no problem
<Kubuxu>
hmm
<jamesstanley>
we could write "ipfsipfsipfsipfs"
<jamesstanley>
(not serious)
dimitarvp has joined #ipfs
<Kubuxu>
like 000 would work
Boomerang has joined #ipfs
<Kubuxu>
we would never have protocol with 000 at the end
<Kubuxu>
hmm
<Kubuxu>
let me think about it
<jamesstanley>
(y)
<TUSF>
ipfs0x00 ?
<TUSF>
A pseudo terminator, if you will.
Boomeran1 has joined #ipfs
Boomerang has quit [Ping timeout: 240 seconds]
joelburget has joined #ipfs
<jamesstanley>
here's another point to consider - if I'm looking at a document referenced by its ipns name, shouldn't visiting the corresponding ipfs url put me in the same suborigin?
<jamesstanley>
alternatively: no, because when the content referenced by that ipns name updates, you want the localstorage to follow the ipns name rather than the ipfs content
<TUSF>
Yeah, I'd rather it have to be unique between the two
<TUSF>
So the IPNS and IPFS ones would be different
joelburget has quit [Ping timeout: 258 seconds]
Boomeran1 is now known as Boomerang
Boomerang has quit [Quit: leaving]
<jamesstanley>
I agree
Boomerang has joined #ipfs
kvda has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
kvda has joined #ipfs
talonz has quit [Remote host closed the connection]
talonz has joined #ipfs
joelburget has joined #ipfs
<jamesstanley>
fyi the ssl certificate for https://ipfs.io/ is not trusted by the latest chromium
<jamesstanley>
because it is from startcom
TUSF has quit [Ping timeout: 255 seconds]
joelburget has quit [Ping timeout: 272 seconds]
TUSF has joined #ipfs
maxlath has joined #ipfs
kvda has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<jamesstanley>
would it be easy to insert rogue code into the ipfs repo by referencing (for example) a rogue implementation of go-multibase and loading it via ipfs hash?
<jamesstanley>
i.e. is anyone actually checking that the hash I committed is good
whataname[m] has joined #ipfs
caiogondim has joined #ipfs
ShalokShalom has joined #ipfs
onee-chan has joined #ipfs
<onee-chan>
One of the things I like about IPFS, is that it seems like in 10 years it might be one of those technologies where people do stuff with it without the devs ever having thought about that stuff being possible.
<jamesstanley>
if I'm looking at a page at a /ipns/Qm... address, and I want to share exactly this version, how can I derive the corresponding ipfs address?
demize has quit [Quit: Do Androids Dream of Electric Sheep?]
archpc has quit [Read error: Connection reset by peer]
<jamesstanley>
ipfs name resolve
TUSF has quit [Ping timeout: 255 seconds]
demize has joined #ipfs
TUSF has joined #ipfs
s_kunk has quit [Remote host closed the connection]
leeola has joined #ipfs
Foxcool_ has joined #ipfs
Foxcool has quit [Ping timeout: 240 seconds]
asyncsec has joined #ipfs
s_kunk has joined #ipfs
joelburget has joined #ipfs
Foxcool_ has quit [Ping timeout: 240 seconds]
gmcabrita has quit [Quit: Connection closed for inactivity]
keesfree[m] has joined #ipfs
Foxcool has joined #ipfs
jkilpatr has quit [Ping timeout: 268 seconds]
<onee-chan>
what's the latest development on IPFS lately?
joelburget has quit [Quit: ZNC 1.6.5 - http://znc.in]
<TUSF>
https://github.com/ipfs/js-ipfs#ipfs-core-use-ipfs-as-a-module How would I do the equivalent of this with the go-ipfs package? Or would I have to reimplement everything from scratch using the various libraries? Oh, and where was the `shell/` library moved? The Documentation mentioned using that for the "High Level API", but that is noticeably missing...
<lemmi>
i haven't found documentation on how to get started on this aswell, but https://github.com/ipfs/ipfs-pack seems a good example
<TUSF>
https://github.com/ipfs/go-ipfs-api is just an interface for interacting with the shell command, and still requires the end user to start up their own daemon.. :|
<lemmi>
TUSF: look at ipfs-pack then
MDude has quit [Remote host closed the connection]
asyncsec has quit [Quit: asyncsec]
MDude has joined #ipfs
asyncsec has joined #ipfs
onee-cha1 has joined #ipfs
onee-chan has quit [Ping timeout: 240 seconds]
<onee-cha1>
cool
jkilpatr has quit [Ping timeout: 246 seconds]
s_kunk has quit [Remote host closed the connection]
btmsn has quit [Ping timeout: 240 seconds]
Guest76863 is now known as amiller
amiller has quit [Changing host]
amiller has joined #ipfs
shizy has quit [Ping timeout: 258 seconds]
jkilpatr has joined #ipfs
TUSF has quit [Ping timeout: 260 seconds]
sidharder has quit [Quit: Leaving]
TUSF has joined #ipfs
jkilpatr has quit [Ping timeout: 268 seconds]
fzzzr has joined #ipfs
A124 has quit [Quit: '']
fzzzr has quit [Quit: WeeChat 1.7.1]
fzzzr has joined #ipfs
shizy has joined #ipfs
A124 has joined #ipfs
fzzzr has quit [Client Quit]
galois_dmz has quit [Remote host closed the connection]
ylp has quit [Quit: Leaving.]
fzzzr has joined #ipfs
shizy has quit [Ping timeout: 240 seconds]
fzzzr has quit [Client Quit]
pawalls has quit [Remote host closed the connection]
gbathree has joined #ipfs
jkilpatr has joined #ipfs
pawalls has joined #ipfs
<gbathree>
anywhere here interested in a conversation with me about using IPFS to replace SAAS model for community-led research? I'm cofounder of PhotosynQ (photosynq.org) and I feel like IPFS could really benefit the communities we're trying to serve.
fzzzr has joined #ipfs
jkilpatr has quit [Ping timeout: 260 seconds]
droman has joined #ipfs
ebarch has joined #ipfs
fzzzr is now known as fzzr
fzzr is now known as fzzr-
fzzr- is now known as fizzr
fizzr is now known as fzzrr
ebarch has quit [Remote host closed the connection]
fzzrr is now known as fzz
sirdancealot has joined #ipfs
fzz is now known as ak
ebarch has joined #ipfs
ak is now known as fzzzr
fzzzr is now known as ak
ak is now known as akoz
akoz is now known as fzz
gbathree has quit [Quit: Page closed]
fzz has quit [Quit: WeeChat 1.7.1]
<droman>
I can not "make install" because "cannot verify ipfs.io's certificate", does it only happens to me?
<droman>
I see, thanks achin, probablye that will solve it.
<achin>
CC whyrusleeping and maybe lgierth (i think you two were talking about this issue fairly recently?)
A124 has quit [Quit: '']
A124 has joined #ipfs
asyncsec has quit [Quit: asyncsec]
bwn has quit [Ping timeout: 241 seconds]
A124 has quit [Quit: '']
A124 has joined #ipfs
A124 has quit [Client Quit]
A124 has joined #ipfs
vapid has quit [Ping timeout: 268 seconds]
bwn has joined #ipfs
Boomerang has quit [Ping timeout: 240 seconds]
<NeoTeo>
gbathree: you might want to ask that on the forums (discuss.ipfs.io)
<NeoTeo>
gbathree: Ah, just saw your post :)
TUSF has quit [Ping timeout: 255 seconds]
ygrek has joined #ipfs
A124 has quit [Quit: '']
A124 has joined #ipfs
A124 has quit [Client Quit]
A124 has joined #ipfs
asyncsec has joined #ipfs
TUSF has joined #ipfs
onee-cha1 has quit [Quit: leaving]
ianopolous has joined #ipfs
jkilpatr has joined #ipfs
citizenErased has joined #ipfs
citizenErased has quit [Ping timeout: 246 seconds]
caiogondim has quit [Quit: caiogondim]
athan has quit [Ping timeout: 264 seconds]
Encrypt has joined #ipfs
athan has joined #ipfs
espadrine` has quit [Ping timeout: 246 seconds]
jungly has quit [Remote host closed the connection]
m3lt has quit [Quit: leaving]
<Kubuxu>
droman: yeah, it is this issue, lgierth is working right now to resolve it
<droman>
Kubuxu, in fact gentoo does provide a package, but it seems unmaintained, the provided version is 0.4.2. Maybe the package can require the ca-certificate to have the insecure_certs USE flag
<Kubuxu>
I have no idea, I don't use gentoo, and I don't know who created that package.
<Kubuxu>
but the certs are being worked on as we speek
<Kubuxu>
so it shouldn't be an issue for much longer
<droman>
Kubuxu, but which is the problem with the certs? I mean, the problem is that gentoo have tagged some secure certs as insecure?
joelburget has quit [Remote host closed the connection]
<Kubuxu>
yes, gentoo marked whole StarCom chain as insecure, where others distrust new certificates
<Kubuxu>
so gentoo breaks existing sites as you can see
<chrono[m]>
this has been going since jan
<chrono[m]>
chromium has kicked out startcom long ago
<chrono[m]>
recommend going let's encrypt
<chrono[m]>
and recently the CN has been expired, so you also have to setup SubjectAltName
<whyrusleeping>
chromium didnt kick startcom out a while ago
<whyrusleeping>
i use chromium and everything works fine here
<chrono[m]>
I've been hit by this in january
<whyrusleeping>
because you use gentoo
<chrono[m]>
when did you last update your chromium? :)
<Kubuxu>
chromium followed right deprecation path and distrusted certs newer than November last years or something
<achin>
i'm pretty sure that chromium uses the system's ca-certificates (and doesn't ship their own). am i wrong?
<Kubuxu>
October 21, 2016 00:00:00 UTC will not be trusted
<Kubuxu>
Beginning with Chrome 56, certificates issued by WoSign and StartCom after October 21, 2016 00:00:00 UTC will not be trusted.
strykerkkd has joined #ipfs
<Kubuxu>
The right deprecation path as I said.
<chrono[m]>
yeah, and since most people are on the same cert cycle now due to heartbleed many had to re-issue in january again
<Kubuxu>
LE is nice, but not when you have 30+ unique domains with exotic nginx configs on 5+ servers
<chrono[m]>
but it's moot since probably no CA can be trusted at all, especially if tied with US/Israel since they all can be compromsied by their national security letters...
<chrono[m]>
LE is still the best option for this broken design ATM, IMHO
jkilpatr has quit [Ping timeout: 260 seconds]
<chrono[m]>
I find it pretty easy to setup certbot and NOT let it tamper with my nginx conf. YOu can set it up to only exchange the certs but leave your special configs and setups nginx wise in place, only changing chain and key files and giving nginx a nudge on re-issue
Boomerang has joined #ipfs
btmsn has joined #ipfs
<chrono[m]>
perhaps in chromium58 or some update inbetween fixed the path, but I pretty much remember having two different chromium versions and it worked with one and didn't with the other anymore. sys/ca-certificates were the same. But in the end I'm rather happy about that fuckup because for some reason I didn't really want to use LE since the old way of doing CA was routined and reasonably convenient with startcom. setting up certbot
<chrono[m]>
even for more complex setups turned out to be easier and from my point even more convenient.