XSF Discussion - 2017-03-16


  1. Ge0rG

    Am I the only one to be baffled by the Yes-Yes-Yes-No-Yes order of questions in the Last Call emails, every single time?

  2. Tobias

    yes you are

  3. Ge0rG

    Tobias: how can you know? :D

  4. Tobias

    aww...multi-client support in major IM apps, "WhatsApp is open on another computer or browser. Click “Use Here” to use WhatsApp in this window."

  5. Ge0rG

    Tobias: And you have also stored XSS vulnerabilities in WhatsAppWeb

  6. Ge0rG

    Tobias: And you have also stored-XSS vulnerabilities in WhatsAppWeb

  7. Tobias

    what web app doesn'T have XSS vulnerabilities, that's their feature, isn't it?

  8. Ge0rG

    Last time I audited a web app, I was able to type HTML/JavaScript right into the "Send message to admin" input box. Instant root!

  9. Tobias

    jonasw, am I missing something or does xmpp.org already show the data based on your JSON system?

  10. jonasw

    no, I think it does

  11. jonasw

    https://github.com/xsf/xmpp.org/pull/278 cc @ Ge0rG (who wants to write the announcement mail for software developers) A bit of manual cannot hurt for the renewal thing.

  12. Tobias

    jonasw, nice..and expiration also works as soon as last_renewed is set

  13. jonasw

    there is also that deadline hardcoded in pelicanconf.py, we should adapt this once the mail is sent out

  14. jonasw

    after that deadline anything without renewal disappears magically

  15. jonasw

    https://github.com/xsf/xmpp.org/blob/master/pelicanconf.py#L58

  16. Tobias

    so yeah...an annoucement mail would be nice to tell people to create PRs that set the last_renewed value for their project to a value in the past and that after a months or so, all entries without a last_renewed set will be removed

  17. jonasw

    we can set this to date_of_mail + 1 month when the mail is sent out.

  18. jonasw

    no need to modify the last renewal of projects for us.

  19. jonasw

    ah, nevermind, I misunderstood you. disregard the last one, it was unrelated.

  20. jonasw

    (true, but unrelated)

  21. Tobias

    jonasw, could the config also be relative? like today - 13 months or so

  22. jonasw

    not sure what you mean

  23. Ge0rG

    https://op-co.de/tmp/deprecation-mail.txt draft email with PR link

  24. jonasw

    there are two reasons to kick an entry from the list in the code (aside from date parsing issues): 1. if they have no renewal timestamp set, they are kicked after the date in STRICT_RENEWAL_DEADLINE has passed 2. if they *have* a renewal timestamp set, they are kicked if it is more than ENTRY_LIFETIME in the past (currently set to 365 days)

  25. Tobias

    jonasw, ahh..so it does more than I thought :) good

  26. Ge0rG

    jonasw: ENTRY_LIFETIME should be ~13 months to provide for a grace period

  27. jonasw

    it does everything that was asked I think :-)

  28. jonasw

    Ge0rG: fine with me. make a PR ;-)

  29. Tobias

    right...I thought we'd just delete projects with no date set after the deadline, but your STRICT_RENEWAL_DEADLINE config already does this :)

  30. Tobias

    does this = has the same effect

  31. Ge0rG

    jonasw: -ETOOMANYPENDINGPRS

  32. jonasw

    Ge0rG: your email footnotes have two times [2] in them

  33. Ge0rG

    jonasw: damn off-by-ones. Fixed.

  34. jonasw

    Ge0rG: it might be better to link to the commit rather than to the PR

  35. jonasw

    the PR does a lot of unrelated stuff

  36. jonasw

    it might be even better to link to the README

  37. jonasw

    (and we can update the readme with a link to the example commit once the branch is merged)

  38. Ge0rG

    jonasw: but I did link to the commit. It was just relative to the PR and not in the xsf repo.

  39. jonasw

    argh

  40. jonasw

    I cannot read urls

  41. jonasw

    sorry

  42. Tobias

    jonasw, right...maybe we should add a section to https://xmpp.org/software/ how authors can add new software and update the date

  43. Ge0rG

    jonasw: URLTLDR

  44. jonasw

    Tobias: might be wise, yes

  45. Ge0rG

    Tobias: maybe we should add it to some README and link it from https://xmpp.org/software/

  46. Tobias

    why not have the readme at https://xmpp.org/software/ ?

  47. jonasw

    https://github.com/xsf/xmpp.org/pull/278/commits/73cd247e4af6624e60ac29bf33c3f4bf46677786#diff-ac579daf3602a0a4ea57b5fdd7f73dd8 like this readme?

  48. jonasw

    Tobias: because it’s long and technical. If we want normal users to use the software directory there, we shouldn’t have that information on it

  49. Tobias

    yeah..that what you linked to looks qutie long..linking to it sounds sensible

  50. jonasw

    I thought I’d rather make it too detailed than too shallow.

  51. Ge0rG

    Yay. I've been reading 0369 for the last two hours, and I only managed to get to 6.1.6

  52. jonasw

    Ge0rG: you are in luck! it appears that prefer hidden is going to be broken out of that XEP. so less to read next time ;-)

  53. jonasw

    (which I think is a good idea, I also thought that might make sense to break out into an add-on)

  54. Ge0rG

    jonasw: yeah, I actually had three remarked about prefer-hidden that I already deleted.

  55. jonasw

    :)

  56. Tobias

    Ge0rG, you should order the audiobook version read by helen mirren

  57. jonasw

    thanks for going through it :)

  58. jonasw

    there is one? :-O Tobias

  59. Tobias

    there should be one

  60. Ge0rG

    Tobias: but I want the one read by Morgan Freeman('s German lipsync voice).

  61. Tobias

    https://youtu.be/zmeF2rzsZSU?t=2m19s :)

  62. Tobias

    Ge0rG, you mean Nelson Mandela?

  63. Tobias

    jonasw, but yeah..nice work you did there...thanks :)

  64. jonasw

    no problem :-)

  65. jonasw

    you’re welcome

  66. jonasw

    (I need to get used to using "you’re welcome" in en locales)

  67. Tobias

    de nada

  68. Ge0rG

    resolved my XMPP action items for today.

  69. Ge0rG

    When is the next council meeting due?

  70. Tobias

    Ge0rG, they usually happen on a weekly basis

  71. Ge0rG

    So "yesterday"

  72. Tobias

    Ge0rG, which reminds me to write up minutes for yesterdays meeting...nothing is more exciting than yesterday news

  73. Ge0rG

    Tobias: was there an exciting discussion of #436?

  74. Bunneh

    Tobias: XEP-0045: Add <x/> tag to MUC-PMs #436 https://github.com/xsf/xeps/pull/436

  75. Tobias

    i don't remember discussions about that

  76. Ge0rG

    It looks like my train is arriving. I'm looking forward to read minutes.

  77. Tobias

    http://logs.xmpp.org/council/2017-03-15/

  78. Tobias

    shoo shooo

  79. jonasw

    huh

  80. jonasw

    is there any update on my protoxep?

  81. jonasw

    (I’m not familiar with the process, so please don’t mind me asking.)

  82. jonasw

    ah

  83. jonasw

    I am too stupid to search

  84. Tobias

    jonasw, it's awaiting votes...council members have two weeks to vote

  85. jonasw

    ah, I see

  86. jonasw

    didn’t know that "two weeks" detail

  87. Holger

    Ge0rG: It was mentioned last week http://logs.xmpp.org/council/2017-03-08/#16:32:52 (and then on the list) but maybe you mean a follow-up discussion?

  88. Ge0rG

    Holger: yes. I've done what was asked from me and hoped it would get discussed again

  89. Holger

    Ah ok.

  90. Ge0rG

    Looks like adding things to the PR wasn't enough. Need to bother someone to add it to trello.

  91. Tobias

    Ge0rG, yup..what's not in trello isn't discussed :)

  92. jonasw

    mail to council@?

  93. Ge0rG

    Tobias: can you add it please?

  94. Tobias

    sure

  95. Tobias

    Ge0rG, seems there are pending votes on https://trello.com/c/wF37u9DJ/169-vote-on-approve-xep-0045-changes-proposed-by-georg

  96. Tobias

    one of which is mine...will review that now then :)

  97. Ge0rG

    Tobias: it might need a revote (is that a thing), because I changed the PR based on council feedback

  98. Tobias

    Ge0rG, i'll put it on the agenda to discuss this next meeting

  99. Ge0rG

    Tobias: thanks very much! Is there anything I can do to accelerate the process, so that there is no more 1-week latency in the feedback loop?

  100. Ge0rG

    Or even 2-week in this case

  101. Tobias

    Ge0rG, get dwd to vote on it

  102. jonasw

    Ge0rG: have you sent the deprecation announce already?

  103. Ge0rG

    jonasw: to board? Yes.

  104. jonasw

    with the link to the commit?

  105. Ge0rG

    jonasw: yes

  106. jonasw

    hm, then I’ll make sure that the commit ID doesn’t change :)

  107. Tobias

    seems i already voted on Ge0rG's PR, just forgot to mark it in Trello...now reviewing caps2

  108. Ge0rG

    jonasw: it has a todo note

  109. jonasw

    Ge0rG: what has?

  110. Ge0rG

    jonasw: the URL

  111. jonasw

    ah okay

  112. Holger

    Tobias, dwd: > <Tobias> Dave Cridland, well..p1 implemented it [MIX] too, not? > <Dave Cridland> Tobias, They implementing grouchat over pubsub; not quite the same thing. They implemented both.

  113. Holger

    (Well, an early revision of MIX.)

  114. dwd

    Holger, That's actually the one I was referring to. The thing they said was early MIX was a brief discussion; it didn't, for example, handle <presence/> or <message/> stanzas in the traditional way, a design feature that lasted all of a week or so and was contentious at the time.

  115. Holger

    Yeah whatever, just wanted to clarify that there's two totally unrelated pieces of code, so you were both right :-)

  116. Holger

    Oh.

  117. Holger

    Sorry you were referring to mod_mix, finally got that now.

  118. Holger

    While at it, personally I think if there's any chance to move non-essential functionality out of the core MIX spec into separate XEPs, that should be strongly considered.

  119. dwd

    Holger, I agree. I'm not sure what remains to be removed.

  120. Holger

    I can totally see use cases for anonymous chat, but they don't seem to be the common me, so it would be nice if implenting that would be optional (esp. on the client side_.

  121. Holger

    *implementing

  122. Tobias

    Holger, indeed...it's quite an amount to review

  123. MattJ

    To be honest I'm not sure that MIX should even attempt to compete with use-cases that MUC already covers

  124. MattJ

    but maybe it's too early in the morning to be so controversial

  125. jonasw

    which use-cases does MUC actually cover?

  126. dwd

    Holger, Anonymity seems very fundamental to operations, though.

  127. dwd

    Holger, And crucial where it arises.

  128. dwd

    jonasw, Being shit on mobile?

  129. dwd

    No, seriously, MUC covers >90% of what anyone needs for pure synchronous ephemeral chat. I don't think it's hard to make MIX cover that, too, but I think MIX can and should spread its wings wider, at least in potential.

  130. MattJ

    dwd, because?

  131. MattJ

    (to your comment about mobile)

  132. Steve Kille

    dwd: +1

  133. dwd

    MattJ, The tie between your session and your participation, WRT mobile. It can be worked around to some degree, though, but it's a bit of a pain.

  134. MattJ

    Right

  135. MattJ

    Maybe it is a bit of a pain, but here comes a whole new spec that isn't exactly trivial either

  136. dwd

    MattJ, I suspect that most servers will find it *easier* to implement than we have done do far in Openfire.

  137. dwd

    MattJ, Due to the architecture, we couldn't reuse any of the MAM code, nor PubSub code, nor even the MUC code.

  138. dwd

    Not that any of that code is bad, it's just either in the wrong place, or highly focussed to what it does.

  139. Tobias

    like the s2s code? :)

  140. dwd

    Tobias, The S2S code is just very old, basically. We've updated it a considerable amount over the past few years, including fixing a bunch of security issues.

  141. Tobias still can't recursively disco igniterealtime.org

  142. dwd

    Tobias, The MUC code, and the pubsub code, both have near-complete, all-options, implementations of '45 and '60 respectively, with full clustering.

  143. dwd

    Tobias, Sure - I've not fixed the issue you found yet. It's a hang-up of Openfire originally assuming that x.domain.example could always be reached at domain.example; that assumption has entered code in a large number of cases.

  144. Guus

    no-one is arguing that that s2s bug should be fixed, Tobias. Daytime jobs and all.. :)

  145. Tobias

    Guus, dwd, yeah i know..just nitpicking :)

  146. Guus

    interop problems are annoying

  147. Guus

    you should simply switch to Openfire and be done. :)

  148. Guus ducks, runs

  149. Tobias

    Guus, and you are 100% sure that openfire would not have that issue :P

  150. Guus

    (I'm somewhat in a defiant optimistic mood now that it turns out i'm not living in the newest populist-governed country)

  151. dwd

    Tobias, Actually yes, because the assumption operates bidirectionally.

  152. dwd

    Guus, As you should be.

  153. Tobias

    dwd, i wonder if there could be a security issue there

  154. dwd

    Tobias, Actually, I suspect this case is due to authenticating domains individually rather than authorizing as domain-pairs. So no security issue.

  155. Tobias

    dwd, didn't you propose some standard for that once? bidi or dwd?

  156. Guus

    Tobias: yes.

  157. Guus

    also, what he said

  158. Guus

    (eww, lag)

  159. dwd

    Tobias, No. Those still operate on pairs.

  160. Tobias

    but it was a practice gtalk was doing right? reusing a s2s connection for all their domains?

  161. dwd

    Tobias, That's different... Piggybacking is fine. But you still have to authorize pair-wise.

  162. Tobias

    ok

  163. nyco

    hey, are you aware? https://www.erlang-solutions.com/blog/21-xmpp-use-cases-and-the-best-ways-to-achieve-them.html sorry, looks like a shameful ad...

  164. nyco

    it is interesting, as we discussed that many many times

  165. nyco

    how to read the massive amounts of XEPs

  166. nyco

    how to triage the massive amounts of infos that are behind each XEP

  167. nyco

    do it give ideas on how to present our XEP list or feature list?

  168. Ge0rG

    Wow, a burst of discussion. I think that the fact it takes multiple hours to read and understand MIX might indeed mean we won't see IM MIXes any time soon.

  169. Ge0rG

    While MUC is really broken in some regards, it can be fixed with a bunch of undocumented hacks.

  170. Tobias

    it's all a matter of having the right abstraction in your software...and if you then already have pubsub and MAM in place, i don't think MIX is that mich work, at least a minimal version

  171. Ge0rG

    Tobias: I've tried to read the XEP (admittedly I also did some light editing along the way), and I managed to read ~40% in 2 hours.

  172. Ge0rG

    Tobias: if you have the right abstractions in your software, it still takes multiple hours to understand how to stack them

  173. Tobias

    sure

  174. Ge0rG

    I'm not sure if it would help to refactor the XEP into "Client Developers Read This", and the same for Server Devs and Service Devs.

  175. Tobias

    mostly it covers so many things...i mean user experiences like whatsapp group chats, doesn't require 4 different affilations/roles, etc.

  176. Ge0rG

    Tobias: yes, it attempts to be everything to everyone.

  177. Ge0rG

    If history is repeating itself, we'll have a MIX-Light in five years that is a one-man-show slim rework of MIX, similar to what MAM is to Message Archiving, PEP is to PubSub and Blocking Command is to Privacy Lists.

  178. Ge0rG

    ...and http-upload is to Jingle FT

  179. Ge0rG

    Tobias: btw, you intended to update https://wiki.xmpp.org/web/XEP_and_RFC_Remarks/RFC_6121:_XMPP-IM with that one corner case you were talking about yesterday

  180. Tobias

    somewhere I have a tab open about that, yes

  181. Tobias opens a new tab for it :)

  182. Guus

    that makes three rows of tabs, right?

  183. Tobias

    chrome can't do mulit rows

  184. Tobias

    but there's a nice plugin that removes duplicate tabs :)

  185. Arc

    Amazon Smile is donating 10% of purchases to your chosen charity today

  186. Arc

    so if you've selected XMPP as your charity on smile.amazon.com be sure to make purchases ;-)

  187. mathieui

    if you’re in the US

  188. Ge0rG

    Arc: XMPP is a charity?

  189. Tobias

    Ge0rG, sure...feeding the hungry in africa

  190. Ge0rG

    Xenophobics' Money for Poor People?

  191. Ge0rG

    I'm sure it's a SCAM.

  192. Tobias

    Ge0rG, they probably delegated the chairity part to paypal..they are experts at this

  193. intosi

    Super Cool Automatic Messenger?

  194. dwd

    I should put MIX onto dave.cridland.net, shouldn't I? Are any [other] client developers wanting to play?

  195. jonasw

    dwd: yes

  196. jonasw

    not this month, but yes

  197. dwd

    jonasw, What library?

  198. jonasw

    aioxmpp

  199. dwd

    jonasw, Ah, heh. We nearly put MIX support into that, before deciding to base our test suite around Java instead.

  200. jonasw

    aw pity

  201. dwd

    jonasw, We have partial implementation, so far, only in stanza.io. I'm awaiting confirmation that'll all be offered upstream (I can't imagine why not).

  202. Ge0rG

    dwd: any chance you can have a look at https://trello.com/c/wF37u9DJ/169-vote-on-approve-xep-0045-changes-proposed-by-georg and maybe provide feedback if action is required from my side, regarding repairing the MUC protocol?

  203. Tobias

    Ge0rG, btw: just added the text to the wiki page

  204. Ge0rG

    Tobias: thanks. Any ideas on how to fix that? Let server push a presence change to the other clients?

  205. Tobias

    with full to and from attributes, yeah

  206. dwd

    Ge0rG, FWIW, I'm a little uncomfortable with "SHOULD" here, given you're adding a normative requirement post-facto. But I suppose this is probably as good as it gets, so I'm not going to block.

  207. Ge0rG

    Tobias: I also noticed some multi client weirdness when *accepting* a subscription request, have you looked into that as well?

  208. Tobias

    Ge0rG, with accepting clients should receive a roster push, not?

  209. Tobias

    Ge0rG, also...i thought you were planning to replace the SHOULD with a MAY?

  210. Tobias

    "TLDR either change the wording to MAY or add a sentence that implementations MUST NOT rely on it." <--- regarding that

  211. Ge0rG

    dwd: thanks for the feedback. I think that we should be able to change our specifications over time, or we will end up with multiple generations of imperfect XEPs attempting to solve the same problem, evolving over the years

  212. Ge0rG

    Tobias: I added the sentence

  213. dwd

    Ge0rG, I don't disagree. I don't think that ought to involve simply declaring everything non-conformant. I don't see much of an option in this case, but that doesn't mean I'm happy with it.

  214. Ge0rG

    dwd: IMHO, this approach has two benefits. First, it provides a clear path for new implementors to do the right thing. Second, it provides a bit of leverage to get existing implementations fixed.

  215. dwd

    Ge0rG, But they weren't broken...

  216. dwd

    Ge0rG, Not from a standards point of view.

  217. dwd

    Ge0rG, The actual protocol seems fine. My concern is with establishing the case that conformance isn't acheivable, or important.

  218. Ge0rG

    dwd: they were compliant to an imperfect specification. One *could* consider this as broken

  219. dwd

    Ge0rG, Nothing is perfect. What we want is interoperable.

  220. dwd

    Ge0rG, And if things aren't interoperable, I'd rather they weren't despite following the specification rather than because they didn't.

  221. dwd

    Ge0rG, To put it another way, the pattern of declaring existing conformant implementations non-conformant isn't a pattern I'd like to see continue.

  222. Ge0rG

    dwd: the two largest server implementations already exhibit the new behavior.

  223. dwd

    Ge0rG, That's irrelevant.

  224. dwd

    Ge0rG, I'm not saying the protocol change is bad - I've explicitly said it seems the right solution.

  225. dwd

    Ge0rG, I'm saying the choice of how the change has been made is not something I want to see ever again.

  226. Ge0rG

    dwd: I don't see a better way to change MUC, except for a hard fork. And I think we all agree that that would not really be better.

  227. Ge0rG

    TBH, I'd like to also add more explicit words to 0045 regarding repeated join presences from the same full JID, and also do another take on the message ID stability for reflected messages.

  228. dwd

    Ge0rG, I agree this is the best of a bad bunch. I'm just saying that introducing new normative requirements to an existing specification is a problem.

  229. dwd

    Ge0rG, For repeated joins: I think there's consensus on the approach now, but it's not clear that we could put this in as anything more than an implementation note nonetheless. But Openfire, M-Link, and possibly others do it the "right" way.

  230. dwd

    Ge0rG, For message id stability, there's really no chance. I've changed my mind on that one over the years, but there's no universally-agreed "right" way. It is, however, "fixed" in MIX.

  231. dwd

    Ge0rG, Mind you, a note saying that implementations differ on message id stability would be good if you want to pen one.

  232. Ge0rG

    dwd: my reading of rfc 2119 is more flexible, and I tend to accept "this was not part of the XEP when I implemented it" as a valid exception to a SHOULD.

  233. dwd

    Ge0rG, But that would suggest nobody would ever need to implement it... Which I don't think you really mean.

  234. jonasw

    dwd: to be frank, as a relative newcomer to XMPP, this kind of stance is annoying. If there is a consensus on how something should be done, that should be written in the XEPs. Yes, during the transition period, some implementations won’t get it right. If that’s any better, we can make it a MAY first and after a year or so make it a SHOULD. But if you only make it an implementation note, I as a developer *cannot* at all rely on that behaviour, and it doesn’t look as if I ever can, so it is often useless to me.

  235. Ge0rG

    dwd: MAY is completely optional. SHOULD at least provides direction in how to do it best

  236. MattJ

    As far as I'm aware there was only ever one implementation that rewrote ids on messages, and it tripped up everyone when it appeared

  237. dwd

    jonasw, I get that. The protocol can and should change. And if the specification says "SHOULD", you really should be able to rely on it. If we abuse that by introducing *new* normative languages into *existing* protocol, you can't.

  238. jonasw

    dwd, Ge0rG: at the same time, when such changes are made, it is important to keep a hint on that this was changed "recently" inside the text. The list of versions below is not really discoverable, and finding important changes among the long list of changes is often hard (if the list of changes is even complete). Otherwise, one might be confused by implementation which do not handle this correctly; although that can be mitigated by making that (nothing) -> MAY -> SHOULD transition.

  239. jonasw

    dwd: what about that MAY -> SHOULD transition?

  240. jonasw

    new implementations will see where the journey is going and there is something to point existing implementations to to achieve change

  241. jonasw

    MattJ: I think daniel mentioned some gateways (Slack?) which did that, too

  242. dwd

    jonasw, I don't think introducing new normative requirements to existing protocol is *ever* the ideal path. I think we want to add new *protocol*, and then add this to the requirements for a given compliance level.

  243. Kev

    jonasw: Spec versions (by protocol) should be interoperable.

  244. Kev

    If I see feature X offered, I should know that I will interoperate with it if I implement the spec.

  245. Kev

    Not that I might or might not interoperate with it based on the age of the implementation.

  246. jonasw

    okay, can we add a <feature/> then?

  247. dwd

    Or that I might not interoperate with it next week.

  248. jonasw

    that would work for "I am not rewriting message IDs" for example

  249. Kev

    Where we want to break things such that that isn't true, we do it by changing the negotiated feature (by our faux-versioning scheme).

  250. dwd

    jonasw, Sure, and we can certainly do that.

  251. Kev

    The issue here is that we're trying to avoid bumping the namespace version in MUC for obvious reasons.

  252. dwd

    Kev, We can also add new features.

  253. Kev

    dwd: Different issue if you're adding a new feature, in a sense :)

  254. Kev

    But yes.

  255. dwd

    Kev, MAM's recent :1 -> :2 transition could have done that, and it's somewhat frustrating that it hasn't.

  256. dwd

    Kev, But behavioural differences can be expressed as a new feature almost always.

  257. Kev

    dwd: If thre's a better way, you could suggest rolling back to :1 with additional features.

  258. Kev

    Given I doubt anyone implements :2 (and if it's true that it just needs new features, that might be smart).

  259. MattJ

    Prosody implements :2

  260. Ge0rG

    Maybe we should entirely abandon the version bumping thing for new features and only use it for breaking changes.

  261. MattJ

    and iirc Conversations (but not 100% sure)

  262. Kev

    Oh. 0.10 or something?

  263. Kev

    Or are we on 0.11 now?

  264. MattJ

    0.10

  265. jonasw

    Ge0rG: +1

  266. dwd

    MattJ, The MAM protocol itself is entirely unchanged on the wire. When used with MIX, nothing changes at all. Aside from everything, due to bumping the namespace/

  267. dwd

    Ge0rG, Well, of course. That was *always* the intent.

  268. dwd

    Ge0rG, See XEP-0053, §4, point 2.

  269. Kev

    Yes, new features that don't break the existing stuff should be by additional feature negotiation, not by bumping the namespace.

  270. Ge0rG

    dwd: so it would be perfectly OK with you if I added the stable ID thing into MUC with an additional feature?

  271. dwd

    Ge0rG, You can't. :-) Otherwise I would have suggested it.

  272. Ge0rG

    dwd: what's wrong with it?

  273. dwd

    Ge0rG, But you've done this by - quite rightly - allowing either clients or servers to add the PM marker.

  274. dwd

    Ge0rG, You could have a feature that indicated the server would do this for you. Perhaps you should.

  275. Ge0rG

    dwd: I'm not talking about <x>, I'm talking about keeping the message ID on reflection

  276. Kev

    The thing you can't do is say that servers SHOULD or MUST implement such a new feature. The point of upgrades-through-features is that they might not happen :)

  277. dwd

    Ge0rG, Oh that. Yes, sure.

  278. Kev

    No reason a server can't advertise a feature saying "I'll keep ids stable".

  279. Ge0rG

    dwd: though I could imagine adding a <feature> for <x> as well, I'm just not sure what that would give in that specific case.

  280. Kev

    What you can't then do is say servers SHOULD or MUST implement this.

  281. Ge0rG

    Kev: as I wrote earlier, I consider "SHOULD" to be the appropriate wording for such things, because it indicates the purpose and intent of our Great Master Plan. Foregoing that for the sake of backwards compatibility to the year 2002 is just not right

  282. Ge0rG

    Kev: It's the right thing to RECOMMEND server implementations to do these awesome new things nobody thought of in 2002, and to have a <feature> advertising that.

  283. Ge0rG

    Kev: actually, those two are almost completely orthogonal aspects of a protocol change.

  284. Ge0rG

    (at least in my eyes)

  285. Kev

    I know you consider that. I just don't think that's the appropriate reading of SHOULD.

  286. dwd

    Ge0rG, And I strongly believe you to be wrong. Not because recommending people implement something new is wrong, but because RECOMMENDing people do something new is wrong.

  287. Kev

    ^

  288. Ge0rG

    RFC 2119 does not provide approrpiate wording to go with the time.

  289. dwd

    Ge0rG, You can strongly encourage. You can advise. But if you RECOMMEND, you are changing the past.

  290. Kev

    I think Dave's spot on here.

  291. Ge0rG

    dwd: I see what you mean.

  292. dwd

    Ge0rG, You *can*, though, say that for XMPP Server 2018 conformance, your new thing is REQUIRED.

  293. Ge0rG

    "Server implementations created in the year 2017 or later SHOULD add an <x> tag to PMs. All other implementations are strongly encouraged to do so."

  294. Kev

    Ge0rG: Which isn't needed for interop. So just go with 'strongly recommended' and MAY :)

  295. dwd

    Ge0rG, Sorta. We have XEPs specifically designed to do what you want. I RECOMMEND you help work on those. ;-)

  296. Kev

    It doesn't matter whether it's a new implementation that doesn't do it or an old one, an entity has to cope regardless.

  297. Kev

    Sorry, 'strongly suggested', senior moment.

  298. Ge0rG

    I'm still not really convinced though. IMO our main goal is to have clear normative language that corresponds to the state of affairs as it is now, if only to attract new people to XMPP and to make implementors' lives as easy as possible. I'm okay with changing the past to achieve that, and people who feel betrayed by that can still dig up the old version of the XEP as their motivation to violate the new RECOMMENDation.

  299. Kev

    If you implement the current version of a spec, and get weird interop problems with something else that looks like it's the same version, you've had your life made difficult, not easier.

  300. Ge0rG

    really, sentences like this are frightening in a network protocol specification: "The following is a suggested set of rules a server MAY use, or it MAY use its own; in either case it SHOULD follow the general intent of these rules."

  301. Kev

    Terrifying. I can scarcely sleep at night.

  302. Ge0rG

    Kev: everybody has their own nightmares, I suppose.

  303. Ge0rG

    Kev: re "get weird interop problems with something else", my reading of SHOULD in 2119 is that no other party may actually rely on it anyway, because you might always have a reason not to follow the RECOMMENDation

  304. MattJ

    I read it the other way: if you break a SHOULD, you have to deal with potential interop problems from that

  305. Kev

    What MattJ says.

  306. Kev

    Otherwise SHOULD is no different to MAY.

  307. Ge0rG

    So there is nothing in between SHOULD and MAY that conveys "do it this way, but if you don't then the others have to cope with it"

  308. moparisthebest

    isn't MUST the word where breaking it makes interop problems happen?

  309. Ge0rG

    I suppose this actually was a wise design decision on behalf of the Elders of the Internet

  310. Kev

    moparisthebest: No, SHOULD is.

  311. Kev

    Ge0rG: If others have to cope with it, it's MAY.

  312. moparisthebest

    then how do MUST and SHOULD differ Kev ?

  313. Kev

    From an interoperability point of view - which is what 2119 language cares about

  314. Kev

    moparisthebest: For SHOULD, you might understand how one can not implement it without affecting interop.

  315. Ge0rG

    Kev: yes, on re-reading 2119 this became apparent to me now. Thanks to you and Dave and Matt for being patient with me

  316. Kev

    But generally, in a spec a SHOULD should be matched with 'except when...'

  317. Ge0rG

    So effectively I MUST NOT change the normative language of an XEP without either making it conditional on a new feature or bumping the namespace.

  318. Kev

    SHOULD NOT, except where you can mitigate interop considerations in some manner, yes.

  319. Kev

    :)

  320. Ge0rG

    Kev: heh :P

  321. moparisthebest

    yea I need to re-read 2119 it's been too long, thanks :)

  322. Ge0rG

    However, the question remains what is the most elegant way to convey a new intent (like in the case of <x/>) and to make it a SHOULD eventually

  323. SamWhited

    ralphm: Ping, reminder to create me a trello board and add me to the XSF organization if possible

  324. Tobias

    and check if the board board and the council board belong to the XSF org

  325. SamWhited

    the board board does, the council board doesn't; we should probably fix that.

  326. Tobias

    right

  327. Ge0rG

    board the board board?

  328. Kev

    I can fix the Council Board once Ralph makes me as XSF admin.

  329. ralphm

    Kev: looking right now

  330. ralphm

    Kev: do you already have an Trello identifier?

  331. ralphm

    SamWhited: you, too?

  332. SamWhited

    ralphm: yup, it's just my name, same as my nick

  333. SamWhited

    I think I'm already on the board trello, but not in the organization so it shows up in my "Personal boards"

  334. ralphm

    and now?

  335. SamWhited

    yup, that did it

  336. SamWhited

    Excellent; I can create an editor board now too. Thanks.

  337. ralphm

    SamWhited: who owns the Council board, and can he/she initiate a transfer or something?

  338. SamWhited

    ralphm: Let me check; I think it's Kev.

  339. SamWhited

    Kev, Lance, and Tobias are admins; not sure if that's the same as owner or not.

  340. ralphm

    There should be a 'change team' in the setting of the board

  341. ralphm

    Hmm. I'm not the owner of the Board board. Only bear and Laura.

  342. ralphm

    eh, admin

  343. ralphm

    Even though I am admin of the team, I cannot change that

  344. SamWhited

    Board board appears to already be on the team, I think?

  345. dwd

    I've nudged Laura, but she seems to be busy.

  346. SamWhited

    oh, you just want to be an admin; nevermind, makes sense.

  347. ralphm

    SamWhited: it is either a documentation bug, or an implementation bug. I filed a ticket.

  348. Laura

    hello…

  349. dwd

    Laura, ralphm was after the Trello board ownership.

  350. ralphm

    Yeah, so it turns out I am admin of the team, not the Board Meetings board.

  351. Laura

    The trello Board board?

  352. ralphm

    yes

  353. Laura

    Fixed

  354. ralphm

    Link Mauve: thanks!

  355. ralphm

    Laura: thanks!

  356. dwd

    Does MAM on MIX archive the outgoing message or the incoming one?

  357. Ge0rG would assume that archiving happens on the pubsub node, so only for messages reflected by the MIX

  358. Kev

    dwd: You mean pre-or-post unspecified munging, or something else?

  359. dwd

    That.

  360. Kev

    What you get out should be what would be sent to you.

  361. Kev

    So if you had a pastebin running, I'd expect to get the munged URL from MAM, not the paste that I submitted.

  362. dwd

    So is the from attribute set to the MIX on the forwarded message? Does it have <jid/>? (That's what I thought... But the only example is 52 and shows the opposite).

  363. Steve Kille

    Kev: yes

  364. Steve Kille

    I will sort the text

  365. Kev

    dwd: The from is always the MIX for MIX messages isn't it?

  366. dwd

    Kev, Yes. See Example 52.

  367. Kev

    by looks right to me, and from looks like a typo.

  368. Kev

    Is that consistent with your reading?

  369. dwd

    Yup. Ta.

  370. Zash

    Are the to/from attributes even needed in MIX-MAM?

  371. Kev

    Zash: Not really needed, but it's how MAM works, so there doesn't seem huge value removing them.

  372. Kev

    The <jid xmlns='urn:xmpp:mix:0'>coven+123456@mix.shakespeare.example</jid>, which is always the proxy JID, needs to be in the archived messages to say who it's really from.

  373. Kev

    That's 123456#coven@mix... now, of course :)

  374. Ge0rG

    Steve Kille, Kev: what about using 12345%coven@mix? It might be more in line with existing transports, that encode transported IDs by replacing @ with %

  375. Kev

    Ge0rG: That was exactly my motivation for *not* using it (same as \), I didn't want any confusion when conflating it with existing stuff.

  376. Ge0rG

    Not that I'd oppose "#", it's also used by transport JIDs (e.g. for irc: `#channel%irc.server.net@irc-transport.xmpp`)

  377. dwd

    Can we have non-numeric proxy jidlets, too? (As in, in the examples - I assume it's legal)

  378. Ge0rG

    Kev: that's a great point

  379. Kev

    Ge0rG: Yeah. I realised that, but it seems like the least bad option from what Steve and I discussed earlier. I'm not tied to the octothorp, other than loving the name.

  380. Ge0rG

    what about using UUIDs? *ducks&runs*

  381. Kev

    dwd: That'd probably be sensible.

  382. Kev

    Ge0rG: What, 123456<uid>coven@mix...? :)

  383. Ge0rG

    Kev: I had to look up into the example to determine what an octothorp is.

  384. Kev

    Ah, 'hashtag' to you youngsters.

  385. Ge0rG

    Kev: no, `#<uuid>+<uuid>@uuid.server.xmpp/<uuid>/<uuid>`

  386. Zash

    BRÄDGÅRD

  387. Ge0rG

    Kev: I'm part of the generation that associates "#" with channels, actually

  388. Ge0rG

    Kev: so having `#channel` in the JID rings a bell with me

  389. Kev

    Well, Twitter hashtags came from IRC. IRC users started using them to associate messages informally, them actually being a 'thing' came later.

  390. Ge0rG

    personally, I liked '+' and was surprised by its demise.

  391. Zash

    I thought it was meant as an inverse channel?

  392. Kev

    Ge0rG: I liked it, but + in local parts has a definite semantic from email. I felt that reversing the semantic would be confusing.

  393. Kev

    But your arguments about proxypart coming first seemed compelling.

  394. Ge0rG

    yay!

  395. Kev

    So, changing the separator seemed sensible.

  396. Ge0rG

    Kev: I'm not sure if we are going to expose the proxy JIDs at all to non-tech users, and we are going to realize it's not an email anyway

  397. Kev

    End users are probably less likely to recognise the + notation than devs. It was confusing devs that I was worried about.

  398. Ge0rG

    So my vote goes to '+', with '%' a remote second.

  399. moparisthebest

    + isn't really an email standard anyway, iirc sendmail used +, and qmail or something used -

  400. moparisthebest

    I have my postfix configured to accept +, -, or . as that seperator :)

  401. Ge0rG

    what about using a slug of the user's nickname to create the proxy JIDlet?

  402. Zash

    What if they change it?

  403. Ge0rG

    Zash: keep it as-is. Also if somebody tries to collide, obviously, use a different JIDlet

  404. Kev

    Ge0rG: I think we leave choice of proxy JID parts up to the service.

  405. Kev

    So if they wanted to do that, they could.

  406. Ge0rG

    Kev: but we could RECOMMEND something. It's not too late! :D

  407. Zash

    I'd also like to say that I don't think structured data belongs in jid parts, but I haven't manged to read all of MIX yet so I don't know if there's a good enough reason.

  408. Ge0rG

    Zash: pseudonymity combined with routability.

  409. Kev

    Zash: I agree, in principle, but it also doesn't seem harmful, and is beneficial in this case.

  410. Ge0rG

    Zash: the MIX needs to provide JIDs for all resources of all participants, in a way that prevents you from obtaining their real identity

  411. Kev

    Right, the Council Trello board is now in the XSF org.

  412. Kev

    ralphm: Thanks for the team stuff.

  413. SamWhited

    Yey! Thanks Kev and ralphm

  414. SamWhited

    I just discovered that Trello has "due dates". I haven't used this before. ♡

  415. jonasw

    Guus: you wanted me to write a blogpost. I cannot recall what it was about

  416. moparisthebest

    how about the meaning of life

  417. Zash

    42?

  418. Guus

    jonasw: anything xmpp related? :)

  419. jonasw

    Guus: I cannot recall.

  420. Guus

    ah, it was pretty obvious, actually: http://logs.xmpp.org/xsf/2017-03-13/#11:59:19

  421. jonasw

    oh right

  422. Zash

    Was there someone asking why the mam:2 namespace bump was needed?

  423. Zash

    IIRC MattJ said things about security considerations that sounded reasonable. Integration with stanza-ids, and stuff.

  424. MattJ

    I think dwd was arguing that we should have had a "stanza-ids-are-mam-ids" feature instead of bumping the main namespace

  425. MattJ

    There were some other changes though (though not as many as I originally had in the doc when we decided to bump the namespace)

  426. dwd

    I couldn't *find* any other changes... Might well have been textual ones.