XSF logo XSF Discussion - 2014-02-25


  1. SouL has left
  2. SouL has joined
  3. Santiago26 has joined
  4. Santiago26 has left
  5. Alex has joined
  6. Santiago26 has joined
  7. Simon has joined
  8. Tobias has joined
  9. jabberjocke has left
  10. Santiago26 has left
  11. Simon has left
  12. dezant has joined
  13. Santiago26 has joined
  14. Alex has left
  15. Santiago26 has left
  16. Simon has joined
  17. intosi has left
  18. simon\ has joined
  19. Santiago26 has joined
  20. Laura has joined
  21. Laura has left
  22. Laura has joined
  23. Santiago26 Mozilla also accepted and have some XMPP-related tasks for Instantbird
  24. simon\ Santiago26: that's excellent news. Do you have a link?
  25. Santiago26 https://wiki.mozilla.org/Community:SummerOfCode14#Instantbird
  26. Laura has left
  27. Ash has joined
  28. Lloyd has joined
  29. Ge0rG looks like we need a compliance testing suite real-soon-now
  30. Santiago26 has left
  31. Santiago26 has joined
  32. intosi has joined
  33. emcho has joined
  34. Tobias has left
  35. Simon has joined
  36. Santiago26 has left
  37. Simon has joined
  38. Laura has joined
  39. fippo simon: ah, i spoke to florian who reported the webrtc stuff at fosdem :-)
  40. ralphm 'reported'?
  41. fippo he's listed as reporter
  42. fippo probably proposed those items
  43. ralphm The 'additional protocols' one is funny
  44. Santiago26 has joined
  45. Laura has left
  46. Laura has joined
  47. Tobias has joined
  48. Santiago26 has left
  49. fippo should there be an xsf blog post how happy the XSF is to see all those projects? :-)
  50. Tobias fippo, i'm +1 for that...while it's unfortunate the XSF itself doesn't mentor any of the projects it's nice to see adoption of XMPP style projects in other mentoring orgs
  51. Santiago26 has joined
  52. fippo tobias: that would be the message ;-)
  53. fippo i'll see if i can write something up... after another round of skiing
  54. ralphm I also think we should try to support those efforts
  55. ralphm fippo: do coordinate with Laura, by the way
  56. Tobias fippo, you make it sound like you're on holiday tztztzt
  57. ralphm I guess "break a leg" isn't appropriate now?
  58. Tobias hehe
  59. fippo will do, i typically need someone to wordsmith anyway (-:
  60. Santiago26 has left
  61. Simon has joined
  62. Santiago26 has joined
  63. Laura has left
  64. Laura has joined
  65. Santiago26 has left
  66. Santiago26 has joined
  67. Santiago26 has left
  68. emcho has left
  69. Laura has left
  70. Ge0rG We need a proof-of-work protocol for registering user accounts and for sending messages beyond a given limit!
  71. Simon has left
  72. intosi Account registration combined with crypto currency ;)
  73. Kev Every account you register you gain bitcoin?
  74. Tobias yeah...so each client will come with a 20 gig hash chain :)
  75. dwd has joined
  76. Laura has joined
  77. Ge0rG even though my comment was tongue-in-cheek, it might work out to reduce spam. Also, it could be used by the server admin to delegate bitcoin mining to clients, repaying for the server operation.
  78. intosi And give server operators an incentive to actively welcome clients that are part of a botnet.
  79. Kev Sounds good. Who's going to write up the spec?
  80. Ge0rG botnets are using tor already... why not do some mining?
  81. intosi We filled the … in 1. operate jabber.org, 2. enable registrations again, 3. …, 4. profit!!!
  82. Ge0rG intosi: btw, that is not quite true. the botnet operator will rather be incentivized to mine their own bitcoins, instead of sponsoring the xmpp server
  83. Ge0rG we had throttling in xep-0198. what about letting the server send a "now please calculate this for me, or I won't forward your last message" to the client?
  84. intosi I'm sure the mobile client developers will love the idea of even more power consumption.
  85. intosi Or the IoT-guys, for that matter.
  86. Kev intosi: Although if you're doing IoT you're probably not doing it on free public servers.
  87. Ge0rG intosi: having your smartphone spin a wheel for 10-20s when registering is ok IMHO... and having your account throttled is not too much as well
  88. Kev Or maybe you are, I don't know.
  89. intosi Kev: that might be a fair point, although I don't know either.
  90. dwd I've asked in jdev, but I'll ask here - anyone got a real-world use-case for Teemu's two-factor thing? I don't know if it's just me, but it's still too opaque to me.
  91. intosi Ge0rG: it might not be an issue at registration. And if you normally don't hit this unless you send a large number of stanzas, it wouldn't even be that big an issue for those either.
  92. Kev dwd: I don't understand it.
  93. Ge0rG intosi: that's what I'm saying
  94. Laura has left
  95. intosi Ge0rG: right. And I presume you would suggest just falling back to rate limiting in the old-fashioned way if a client doesn't support this extension.
  96. Laura has joined
  97. Ge0rG intosi: yeah.
  98. Ge0rG intosi: except for registration, obviously
  99. intosi Obviously. No IB registration if you don't support the extension.
  100. intosi Somehow that feels like another step in an arms race to me.
  101. intosi But that might just be the nature of these problems.
  102. Ge0rG intosi: I'm not quite sure if this is just another step or a different order of magnitude.
  103. intosi If it takes 10-20 seconds to do the work before you can slowly send 1000s of spam messages from a botnet drone, the cost might not be high enough to make it an order of magnitude. It might be enough to make botnet attacks harder.
  104. Kev But this isn't the biggest problem model we have at the moment.
  105. Kev It's signing up accounts to send a few messages each.
  106. Tobias has left
  107. intosi Kev: that's true.
  108. jabberjocke has joined
  109. Ge0rG intosi: I'd say that once you run into throttling, you have to work 10s per message or somesuch.
  110. Ge0rG of course, 10s on a smartphone is different from 10s on a desktop
  111. Ge0rG btw, is there a way to throttle if a user sends many messages to different, not-in-roster, users?
  112. ralphm sure, all impl. specific
  113. dwd My wife and daughter are making fudge and chocolate welsh cakes in the kitchen.
  114. dwd I just heard my wife complain she's burnt one. My daughter immediately says, "Dad, you can have another!".
  115. dwd Well, thanks.
  116. Tobias has joined
  117. winfried has joined
  118. jabberjocke has left
  119. ralphm heh
  120. ralphm that's a great form of rate limiting
  121. intosi :)
  122. Kev Fudge and chocolate welsh cake sounds like a wonderful thing.
  123. intosi <proof workload='bake_cookies'/>
  124. Kev I'm only just down the road, you know.
  125. intosi "Can you create an account for me?" "Sure, bring me a cookie.". Don't see the difference from asking for a cup of coffee 15 years ago if soneone needed something done urgently.
  126. jabberjocke has joined
  127. ralphm intosi: yeah, token based authorization is awesome
  128. Santiago26 has joined
  129. stpeter has joined
  130. dwd Kev, It's either/or. Theer are some fudge-chip, and some choc-chip.
  131. dwd Kev, The fudge-chip ones are awesome when they're still warm.
  132. Kev You see where they made their first mistake.
  133. dwd Kev, Well, the choc-chip ones have molten choc in them until they cool. It's not quite the same.
  134. dwd Kev, Also, you could eat both at once.
  135. Ge0rG dwd: now that you have cookies, can I have yaxim-muc?
  136. dwd Ge0rG, I'm almost emerging from my current day-job workload.
  137. Laura has left
  138. Laura has joined
  139. jabberjocke has left
  140. Lloyd Is the editor meeting in editor@muc.xmpp.org or council@muc.xmpp.org, email and calendar invite disagree
  141. winfried ah!
  142. winfried I am waiting in editor...
  143. stpeter oh that's right we have editor!
  144. Lloyd Me too (currently)
  145. stpeter let's use the editor room
  146. dwd Reading XEP-0001, I note that §5 says that after the submission is made, "If no member of the XMPP Council objects to publication of the proposal within fourteen (14) days or at the next meeting of the Council" it's accepted and published.
  147. Laura has left
  148. dwd That's not quite the same thing as the Council has done recently (it's been considered for a maximum of 14 days after the next Council meeting). I suppose that's fixable de-facto within the process by a Council member objecting de-jure until the timeout, but still.
  149. SouL has left
  150. SouL has joined
  151. SouL has left
  152. Kev dwd: Ah, it is what Council are doing.
  153. Kev Council are holding two-week long meetings, starting in a MUC, and ending on teh mailing lists :)
  154. dwd That's also a way of expressing it...
  155. Kev It's what we do, though.
  156. Kev We have a realtime portion, and then allow voting in the meeting to continue for two weeks, to allow for absent members, or those who couldn't get stuff reviewed in advance.
  157. Kev And as far as I could tell, there's no problem with this.
  158. dwd Yes, I entirely agree.
  159. Kev I was aware of the XEP1 language, and didn't think there was anything conflicting about what it said and what we did.
  160. dwd Ah, there I don't agree entirely. At best it depends on how you interpret it. I'd rather we just documented what we do clearly.
  161. Lloyd has left
  162. fippo gmgm
  163. fippo errrr...
  164. stpeter fippo: how is your week going?
  165. Santiago26 has left
  166. fippo stpeter: code-ski-code-ski-code-sauna-code... quite productive ;-)
  167. stpeter fippo: sounds delightful!
  168. intosi Sounds awesome.
  169. Lance has joined
  170. simon\ has left
  171. winfried Next summit in Lapland?
  172. stpeter :)
  173. Kev I tried skiing once and loved it. I'm somewhat concerned that trying it again, especially given my lack of fitness, would be an invitation to destroy myself.
  174. Tobias i'm sure there are easy tracks
  175. stpeter I prefer nordic skiing
  176. stpeter I don't fancy hurtling down mountains
  177. Kev Tobias: Sure, it's not as if I did more than blue runs last time.
  178. Kev stpeter: I don't think one would describe what I did as hurtling.
  179. intosi Right, mail sent to my registrar asking them when they will allow submission of DNSSEC DS records for the NL TLD. They support it for .net
  180. intosi DLV kinda sucks, and the XMPP Observatory (rightfully, I think) doesn't check it.
  181. Ge0rG what about DNSSEC on .im?
  182. ralphm dwd: I think you are getting to cought up in process
  183. ralphm caught
  184. ralphm Ge0rG: there are efforts underway to achieve that
  185. Lance has left
  186. stpeter hmm, I haven't sent my yearly inquiry to the nic.im folks about DNSSEC support
  187. Kev stpeter: I think others might have.
  188. intosi dwd is working on that, as far as I know.
  189. stpeter the more the merrier
  190. intosi Well, not really.
  191. stpeter maybe I need to hop on over to the Isle of Man when I visit the British Isles next week :-)
  192. ralphm stpeter: dwd has been working on this
  193. stpeter allrightie
  194. ralphm http://mail.jabber.org/pipermail/operators/2013-November/001963.html
  195. ralphm However, I don't think he has gotten a meaningful response other than an receipt acknowledgement
  196. stpeter right
  197. stpeter that's why I figure it can't hurt too much for them to know that there's generalized demand, not just one lone person
  198. winfried has left
  199. intosi I believe dwd approached them on behalf of the XSF, but I might be mistaken.
  200. ralphm this is true
  201. stpeter that doesn't seem like the kind of thing that Dave would do
  202. stpeter since he's Mr. Process
  203. ralphm stpeter: it has been discussed in the Board meetings
  204. stpeter and the Board or membership didn't officially deputize him blah blah
  205. stpeter oh, I must have missed that meeting
  206. ralphm I can't find a reference, though, so maybe I'm halucinating
  207. xnyhps has left
  208. Simon has joined
  209. emcho has joined
  210. Simon has joined
  211. Simon has left
  212. Simon has joined
  213. emcho has left
  214. emcho has joined
  215. emcho has left
  216. emcho has joined
  217. Alex has left
  218. Tobias has left
  219. Alex has joined
  220. emcho has left
  221. emcho has joined
  222. Simon has joined
  223. intosi has left
  224. Tobias has joined
  225. emcho has left
  226. emcho has joined
  227. intosi has joined
  228. intosi has left
  229. intosi has joined
  230. emcho has left
  231. dwd ralphm, stpeter - we discussed. However, it probably wasn't part of a board meeting.
  232. dwd ralphm, stpeter - And FWIW, I'm not so much interested in slavishly following a process as ensuring the process we actually follow is documented correctly.
  233. Simon has left
  234. Simon has joined
  235. dwd ralphm, stpeter - So in the case I noted, some author could insist their ProtoXEP should be published as a XEP according to XEP-0001 because it no objection has been raised for 14 days from its submission. The wording is such that an argument could be made that what we do is acceptable, but it'd be an unpleasant discussion at best.
  236. dwd ralphm, stpeter - I thought that given the new editorial team, I'd run a pass over XEP-0001 and see if these minor issues could be cleaned up easily with an edit or two.
  237. dwd ralphm, stpeter - What I'd really hate to happen is the kind of process drift in the IETF, where theory and practise often diverge quite badly.
  238. stpeter dwd: yes, that all makes sense
  239. Tobias has left
  240. Simon has left
  241. Simon has joined
  242. Tobias has joined
  243. intosi Update for the goto fail-issue for OS X just out. No sign in the release notes, but 10.9.2 apparently fixes it.
  244. Simon apparently it fixes it. Love that the fix could potentially be MITM'd
  245. xnyhps I'd be really surprised if OS X updates don't come signed separately.
  246. intosi has left
  247. Simon has left
  248. ralphm dwd: nod
  249. intosi has joined
  250. stpeter xnyhps: let's chat in London about how to manage xmpp.net submissions -- there must be a better way than the github repo that I have (not) been maintaining :-)
  251. xnyhps stpeter: Ah, yes. Nick from jabber.calyxinstitute.org has been asking me a couple of times about how to get on the directory.
  252. stpeter right
  253. stpeter my process is broken
  254. stpeter or I am broken
  255. xnyhps And I think there are a couple of posts to operators@ that have gone unanswered.
  256. stpeter yes
  257. stpeter exactly
  258. emcho has joined
  259. Ash has left
  260. Simon has joined
  261. fippo dwd: you're generating valuable content for that blog :-p
  262. stpeter has left
  263. stpeter has joined
  264. Simon has left
  265. Alex has left
  266. emcho has left
  267. emcho has joined
  268. emcho has left
  269. emcho has joined
  270. Tobias has left
  271. emcho has left
  272. emcho has joined
  273. Lance has joined
  274. stpeter has left