-
Ge0rG
When is it legal to send a message _from_ a bare JID?
-
jonasw
Ge0rG, as a client, you can’t
-
jonasw
a server will do that when the message is "from the account", like MAM responses or PEP I think
-
Ge0rG
I'm receiving spam from a bare JID.
-
jonasw
what
-
jonasw
goofy server I’d say
-
Ge0rG
-version bnw.im
-
Bunneh
Ge0rG: bnw.im is running BnW version 0.1 on OS/360
-
jonasw
RFC 6120 is rather clear on that: 1. When a server receives an XML stanza from a connected client, the server MUST add a 'from' attribute to the stanza or override the 'from' attribute specified by the client, where the value of the 'from' attribute MUST be the full JID (<localpart@domainpart/resource>) determined by the server for the connected resource that generated the stanza (see Section 4.3.6), or the bare JID (<localpart@domainpart>) in the case of subscription-related presence stanzas (see [XMPP-IM]).
-
Maranda
Spam Server!
-
jonasw
I can’t into cyrillic
-
jonasw
seems to be some type of social network thing
-
Maranda
All the spam is into cyrillic.
-
Maranda
Looks like 4chan
-
Ge0rG
-ping jabber.org
-
Ge0rG
-ping conference.jabber.org
-
Kev
The host seems to not be reachable.
-
jonasw
yeah
-
Ge0rG
This is an example of why it's good to have our MUCs spread over multiple servers. We can still talk about downtime
-
jonasw
DMUC!
-
jonasw
or FMUC?
-
jonasw
did anyone think about how to integrate federation in an extension to MIX?
-
Ge0rG
BOMFUNK!
-
jonasw
or maybe just cluster MIX services
-
jonasw
Ge0rG, Boomfunk MCs?
-
Steve Kille
I've been thinking about FMIX, but I think we need to get "vanilla MIX" sorted first
-
jonasw
Steve Kille, agreed
-
Kev
J.org was going to be clustered, but we just never got around to it.
-
jonasw
Ge0rG, https://www.youtube.com/watch?v=ymNFyxvIdaM
-
Ge0rG
jonasw: one of my favorite pieces of 1990ies music.
-
jonasw
Ge0rG, :-)
-
jonasw
oh, too many os
-
jonasw
gotta fix that in my music library
-
Bunneh
Ge0rG: Ping failed (remote-server-not-found): Server-to-server connection failed: closed
-
Bunneh
Ge0rG: Ping failed (remote-server-not-found): Server-to-server connection failed: closed
-
Ge0rG
Wow, Bunneh has some serious timeout issues
-
jonasw
Ge0rG, it’s just diligent
-
jonasw
Ge0rG, just in case you host your server on your mobile phone.
-
Ge0rG
I was shocked to hear that conversations.im has a 60 seconds 0198 ack timeout
-
jonasw
that’s long or that’s short?
-
intosi
Those with IPv6 should be able to see c.j.o and j.o
-
intosi
Only the IPv4 connectivity seems to be dead.
-
Ge0rG
I'm dualstacked. In theory.
-
jonasw
hm,w eird
-
jonasw
I’m dualstacked in practice, but it doesn’t work
-
jonasw
into the debug logs!
-
Ge0rG
my prosody was keeping an s2s connection and failed to send data that way.
-
Ge0rG
after killing it, it retried ipv4, now ipv6.
-
intosi
My prosody was, as well.
-
jonasw
I blame the SRV records
-
jonasw
_xmpp-server._tcp.conference.jabber.org. 900 IN SRV 30 30 5269 hermes2.jabber.org. _xmpp-server._tcp.conference.jabber.org. 900 IN SRV 31 30 5269 hermes2v6.jabber.org.
-
jonasw
why separate records for v6 and v4, and why prefer v4?
-
jonasw
hm, my prosody does not try the next one after the first times out
-
jonasw
might be my old 0.9.x version though
-
intosi
There used to be too many clients with ipv6 issues in the past.
-
jonasw
intosi, servers, too?
-
intosi
IPv6 in general was an unhappier place five years ago, when these records were set up.
-
jonasw
maybe a change is due
-
jonasw
haven’t had issues (I know about) with dual-stacked records
-
intosi
Quite likely.
-
jonasw
this would be a good time for change ;-)
-
intosi
There used to be a lot of Teredo links, a lot of them barely functioning.
-
jonasw
that makes it a bit more funny that the v4 route aborts at an HE router…
-
jonasw
also, turns out, grepping for jabber.org in debug logs isn’t htat useful. "[…]xmlns:stream='http://etherx.jabber.org/streams'[…]" and the likes
-
Ge0rG
Mar 26 10:13:25 s2sout56531734a4f0 debug sending: <db:result to='conference.jabber.org' from='yax.im'> Mar 26 10:13:25 s2sout56531734a4f0 debug sent dialback key on outgoing s2s stream And then nothing happens.
-
Ge0rG
So it looks like dialback is never completed, then timeouts
-
Andrew Nenakhov
jonasw, I can into Cyrillic but this one is not meant to be easily understood by normal people
-
Ge0rG
intosi, Kev: are you interested in further debugging why s2s over ipv6 still fails?
-
intosi
Ge0rG: thanks for the offer, but I can fully reproduce the issue myself at the moment.
-
intosi
It appears that hermes2, the host running jabber.org, has its IPv4 traffic blocked at its gateway.
-
intosi
Not blocked, but blackholed.
-
Ge0rG
Your ISP switched you to DS-Lite, silently :P
-
intosi
That might be the result of excess ingress or egress connections earlier, I haven't checked yet.
-
Tobias
Ge0rG, it's hard to get large packets as IPv6 through the big walls of a bunker
-
intosi
The IPv6 packets are actually getting through ;)
-
intosi
It's the tiny IPv4 packets that are filtered out :D
-
Ge0rG
Tobias: I didn't know j.o is running on Bulletproof Hosting.
-
Ge0rG
maybe they are too small to swim alone, and j.o is hosted on Sealand instead?
-
jonasw
Ge0rG, winfried: +10min for me
-
pep.
!
-
Williams W
?
-
Williams W
hello
-
MattJ
Hello
-
pep.
Hello
-
Williams W
china ?
-
Williams W
im china~
-
Williams W
`
-
winfried
Hi,
-
winfried
sorry for being a bit late, had to fetch my luunch ;-)
-
pep.
winfried, !
-
Ge0rG
I haven't had lunch yet.
-
pep.
jonasw said +10mn apparently
-
pep.
It's still 11am for me :-°
-
winfried
pep.: I know
-
winfried
(about jonasw )
-
winfried
Shall we start and check with jonasw when he joins us?
-
Seve/SouL
Some meeting going on now?
-
winfried
Seve/SouL: GDPR & XSF meeting
-
pep.
I guess we can wait a bit, it's already 9✎ -
winfried
also good ;-)
-
pep.
I guess we can wait a bit, it's already :09 ✏
-
jonasw
I'm close
-
jonasw
here I am
-
pep.
!
-
winfried
welcome, should someone bang a gafel?
-
pep.
Sure
-
pep.
Ge0rG, jonasw, winfried, pep.!
-
pep.
*bang*
-
jonasw
so, I‘ve got a few things
-
winfried
;-)
-
winfried
I think there are three questions at hand: Q1) What consequences does the GDPR has for the Jabber network and Jabber server operators and what can/should do the XSF with that? Q2) What consequences does the GDPR has for the XSF run Jabber server? Q3) What consequences does the GDPR has for the work processes of the XSF itself (membership, voting, wiki etc)?
-
jonasw
if it’s okay, I‘ll just dump a few notes I took during a talk about GDPR for self-hosters at the chemnitzer linux tage
-
winfried
jonasw: go ahead!
-
jonasw
it’s mostly a random collection of stuff which I felt was important
-
jonasw
first some key articles about the rights of the subjects of the data: art. 13, 14, plus possibly 7, 15, 12, 16, 17, 21 and 20
-
Ge0rG
Yes please. I also had a talk with out GDPR expert regarding self-hosting, so we should be able to align those
-
jonasw
there are rights for transfer of data between providers, in article 20
-
jonasw
some risk management articles: 5, and consent in 7 and 8, with proof
-
jonasw
and the articles about notifying about data breaches, 33 and 34
-
jonasw
and something about a directory of data stored, processed and shared supposedly detailed in article 30
-
jonasw
as I mentioned, those are really just quick notes I took, I haven’t had the chance to look deeply into this. Those are the articles I plan to have a deeper look, and which might be most relevant. but IANAL
-
jonasw
for the german folks: the speaker said that most of the GDPR has been german law for ages already, so germans have even less of an excuse ;-)
-
jonasw
end-of-dump
-
Ge0rG
winfried: do you want to chair this? Maybe we should split the three questions from Q1 into individual ones, and also put https://trello.com/c/t79C3Yds/307-gdpr-advice on the agenda
-
jonasw
we might also want to look very closely at the legal definitions of Controller and Processor and Join Controller etc.
-
winfried
Ge0rG: if jonasw and pep. don't mind me chairing, yes
-
jonasw
as well as the intent, which isn’t defined clearly
-
pep.
winfried, sure
-
jonasw
the speaker mentioned that the intent as well as the separation of controller and processor or something can make a huge difference. he for example assumed that their company wasn’t affected much because while they have their users data (as a hoster), they do not directly work with that (so no intent of usage) and thus they’re not affected
-
jonasw
he was from hostsharing.net fwiw (german)
-
Ge0rG
set the topic to
XSF GDPR Meeting | Logs: http://logs.xmpp.org/xsf/ | Agenda https://trello.com/b/Dn6IQOu0/board-meetings
-
winfried
I propose to take step beck: there is the legal discussion about things like jurisdiction, processor/controller, legal ground for processing, risk of data, transfer etc
-
winfried
but there is also a question about cooperation with the IETF for example on this
-
Ge0rG
winfried: the IETF is facing the same problems we are?
-
winfried
Ge0rG: possibly, the IETF was mentioned in the mail to the board
-
jonasw
(because someone mentioned it here, actually.)
-
Ge0rG
winfried: do we know who at the IETF is working on it?
-
winfried
I have no idea
-
Ge0rG
(how) should we collaborate with them?
-
Ge0rG
Somebody needs to find out and contact them then
-
winfried
who takes notes? I see a to-do here ;-)
-
Ge0rG
we need a minute taker!
-
winfried
:-P
-
pep.
Can do, that'll force me to understand what's been said
-
Ge0rG
Sorry, I'm 120% busy with work, so this is borrowed time already.
-
jonasw
this seems to touch on Q3 and I’d like to challenge the premise of that
-
Ge0rG
pep.: :+1:
-
winfried
jonasw: this may touch Q1 too
-
winfried
jonasw: can you elaborate your challenge?
-
jonasw
to my knowledge, the XSF does not handle non-public data
-
jonasw
voting may be the only exception
-
jonasw
the MUCs are public, the wiki is public
-
jonasw
the only non-public data aside from voting *may* be the email adresses used for wiki accounts; which aren’t sensitive according to article 9 (1), so much less relevant.
-
winfried
jonasw: and the e-mail adresses are inherent to the service provided. Still we can question if the GDPR is applicable to the XSF at all
-
jonasw
(one could construe that voting data are "political opinions" though)
-
jonasw
winfried, that’s another matter, indeed
-
jonasw
but even if it does apply, I don’t think it matters
-
Ge0rG
email addresses are not sensitive, but they are personal data. So we _are_ storing personal data.
-
winfried
But to apply to become a member, I have to state my real name on a public wiki and I have to include my employer (and contact data). Are there any rules about how long that should be stored / stay public?
-
pep.
jonasw, does everything on the member application fall under 9.1?
-
pep.
fullname, email, employer, etc.
-
pep.
Though these pages are public indeed
-
jonasw
pep., the member application (like everything else on the wiki) is covered by article 9 (2) e) I think
-
jonasw
> processing relates to personal data which are manifestly made public by the data subject;
-
pep.
hmm, is it really email we ask for on the membership or JID?
-
Ge0rG
Wiki accounts can be created by non-members, so their email address is not published by themselves.
-
jonasw
pep., email is needed for a wiki account
-
Ge0rG
pep.: both
-
winfried
jonasw: yes, I think it is 9.2, but is that the right discussion to have right here right now?
-
Ge0rG
winfried: you are the chair!
-
jonasw
winfried, dunno, I answered pep.s question :)
-
pep.
Sorry, just for the notes
-
winfried
:-)
-
winfried
Ok, then I make a procudural proposal:
-
winfried
I popsted 3 issues
-
winfried
I think we should take each of them and inventise how big the potential problem is and what research we still need to do
-
Ge0rG
winfried: yes. also please split up Q1.
-
jonasw
winfried, okay
-
jonasw
make a headline and we’re good to go :)
-
winfried
and then try to make a (preliminary) assesment of a good strategy
-
pep.
Agreed, we should split Q1
-
winfried
*** Q1 ***
-
winfried
proposals to split?
-
Ge0rG
winfried: Q1.1 What consequences does the GDPR has for the Jabber network Q1.2 ... and Jabber server operators Q1.3 ... and what can/should do the XSF with that?
-
pep.
Also Q2 goes into Q1.2 doesn't it?
-
Ge0rG
pep.: Q2 depends on Q1.2
-
winfried
yes
-
pep.
k
-
winfried
*** Q1.1 ***
-
jonasw
Q1.1 raises the question of how consent works in a federated network.
-
jonasw
we have no idea.
-
Ge0rG
jonasw: wait, what? elaborate that please
-
winfried
I think it is good to follow the line: a is it in the GDPR jurisdiction, what data is
-
jonasw
Ge0rG, I send you a message. you have MAM which stores forever. I never consented to your servers MAM storage.
-
pep.
I think he's referring to the questions he raised for the previous board
-
winfried
b what data is processed
-
winfried
c what processing is done
-
winfried
(forgetting about responsible party/processer)
-
winfried
d what ground does the processing have
-
winfried
e possible consequences
-
Ge0rG
winfried: (a) processing data of users in the EU requires GDPR compliance. Maybe also processing of data inside the EU, regardless of where the users are.
-
jonasw
winfried, what is "it" in your (a)?
-
Ge0rG
winfried: so basically all servers that are not geo-locked to exclude the EU fall under GDPR
-
winfried
jonasw: good question in a federated network
-
winfried
I think we should regard each server as its own legal entity, and the federation as a kind of processing (exchanging data)
-
Ge0rG
I think it makes sense to define the roles as well. An XMPP server operator is a "controller", and whoever does the hosting and other services for them is a "processor"
-
winfried
Ge0rG: +1
-
Ge0rG
winfried: we have strong parallels to email. I agree with your conclusion regarding server = legal entity
-
pep.
Hmm, that doesn't fit with what you said winfried
-
winfried
pep.: ?
-
pep.
You said "exchanging data", would that fit into "transfering data", and not "processing" per se
-
Ge0rG
I suggest we first focus on a single server before widening up to federation
-
pep.
k
-
pep.
The c2s-only case is a lot more straightforward
-
winfried
pep.: (breaking my head, is transfering / exchangeing legally seen also a kind of processing, let that discussion dangle for a moment)
-
winfried
Ge0rG: +1
-
winfried
Ge0rG: on your: "Maybe also processing of data inside the EU, regardless of where the users are. " - I think we can safely say yes in that one
-
winfried
though not cast in iron, the first opinions point in that direction
-
jonasw
Ge0rG, winfried, alternatively, in the case of MAM, we could argue that the User is the Controller and the server doing the storage is the Processor.
-
Ge0rG
winfried: I've heard different opinions on that, we should say "probably yes"
-
Ge0rG
jonasw: no!
-
jonasw
Ge0rG, why?
-
winfried
we should also add a non-EU server targeting EU-citizens
-
winfried
jonasw: as far as I know the user can't be the controller, just the data subject...
-
Ge0rG
winfried: non-EU server targeting EU-citizens must also comply with GDPR
-
winfried
Ge0rG: yes
-
Ge0rG
so we've got (a) now, up to (b)?
-
winfried
yes, please ;-)
-
winfried
does a xmpp server (c2s) process personal data? I think that is a yes too:
-
jonasw
this is a strong YES
-
winfried
jid as identifyer
-
jonasw
it is even sensitive data according to article 9 (1), I’m pretty sure.
-
winfried
ip-adresses
-
Ge0rG
A server is storing a users' JID and login credentials, roster content (with names), bookmarks, offline/MAM history
-
jonasw
http upload, too
-
Ge0rG
jonasw: I don't think it's sensitive.
-
jonasw
avatar and vcard are "meant to be public"?
-
jonasw
Ge0rG, depends on the message content, doesn’t it?
-
jonasw
you have to assume it is
-
Ge0rG
jonasw: I'm not sure this is how it works.
-
jonasw
why not?
-
winfried
think it is good to distrinc here between the data that is structurally collected and data like the content that is forwarded/stored
-
Ge0rG
jonasw: I assume that art9 applies if you collect sensitive data from users, not if they give it to you without you asking
-
jonasw
Ge0rG, any source for that?
-
winfried
is anybody aware of an analyses of the status of communication services within the GDPR?
-
pep.
Ge0rG, I'd say any <message> almost, rather than MAM? or "history" in general (nit)
- jonasw googles
-
jonasw
> How Cloud Communications Can Help You Comply With GDPR
-
jonasw
oh my god
-
Ge0rG
jonasw: I would argue as follows: the user uploads the data because they want you to forward it to the receipient, so there is a art6 §1 d or f legitimate interest
-
winfried
I think we can use the pictures analogy here: you can find out if people have certain diseases from a picture, but pictures aren't sensitive data until you analyse them
-
jonasw
Ge0rG, I thought that Article 9 (1) overrides that.
-
Ge0rG
jonasw: you can't google that. don't even try "email gdpr"
-
jonasw
mind that article 9 (1) is not (only) a definition, but a "shall be prohibited" and only (2) defines exceptions for that.
-
pep.
Ge0rG, though jingle-ft could be used for that, most of the time
-
winfried
storing and forwarding a (very) personal chat may keep us out of 9.1 as long it isn't analysed / indexed on words as 'sex'...
-
pep.
The legitimacy of server-side component lies for offline delivery, and groupchats(?)
-
Ge0rG
(a) the data subject has given explicit consent to the processing of those personal data
-
jonasw
winfried, pictures are explicitly handled in the reasoning though✎ -
jonasw
winfried, pictures are explicitly handled in the recitals though ✏
-
jonasw
so maybe that analogy doesn’t work
-
jonasw
> The processing of photographs should not systematically be considered to be processing of special categories of personal data as they are covered by the definition of biometric data only when processed through a specific technical means allowing the unique identification or authentication of a natural person.
-
winfried
jonasw: true
-
Ge0rG
That's actually a good analogy.
-
jonasw
Ge0rG, regarding Art. 9 (2) a): exactly, which is why I said we need a way to make users express consent for that.
-
jonasw
and server operators need a way to be sure of that to an extent where they can blame others if the recorded statement is false
-
Ge0rG
So we have the meta-data actually requested by the XMPP server: JID, name(?), email(?), IP address(es)(?)
-
Ge0rG
this meta-data is not sensitive.
-
jonasw
note that "storing" is a subset of processing.
-
Ge0rG
and we have the actual data that's sent by the user, which is stored / processed. As long as we don't do racial profiling on that, it's not sensitive either.
-
pep.
jonasw, true
-
jonasw
I’m not convinced
-
jonasw
Ge0rG, I think it must still be declared and the user must still consent for storage at least, because of the risk of data breaches.
-
Ge0rG
jonasw: wait, are you still talking of art9?
-
jonasw
I think so
-
Zash
Analyzing for SPAM, does that matter?
-
Ge0rG
jonasw: I agree regarding the general requirements of the GDPR, but not art9
-
winfried
Zash: yes
-
Ge0rG
Zash: not for art9, I'd say. Unless your SPAM detector is a Jew detector in practice.
-
jonasw
Ge0rG, it might be a sexual content detector in practice.
-
jonasw
for email at least.
-
pep.
or a cyrillic detector
-
pep.
:-°
-
Ge0rG
jonasw: I think the only viable reason to run a sexual content detector is to block the latter, in which case GDPR does not apply?
-
winfried
Ge0rG: not 'in practice' but explictely
-
winfried
I have a feeling that as long as we don't analyse data (content AND metadata) on patterns that indicate categories from art 9.1, 9.1 is not appliccable
-
jonasw
winfried, I like that idea. I’m not sure on that though. It would be good to get legal advice on this.
-
jonasw
this might be focused enough to actually get an answer to.
-
jonasw
but what do I know.
-
winfried
pep.: I see a to-do ;-)
-
pep.
yep
-
pep.
so any kind of mod_firewall trickery will probably get us off that safe land?
-
pep.
What's meant by "analyse" here exactly
-
pep.
Also, "from art 9.1, 9.2", right?
-
jonasw
analyze to an extent where you could say "this person would elect Democrats in the next election"
-
jonasw
(or similar statements about the other sensitive attributes mentioned in 9.1)
-
winfried
or 'this person has sex once a month'
-
pep.
k
-
Zash
Not the things needed for routing, right
-
winfried
Zash: exactly
-
pep.
Zash, depends? Maybe you'll route differently if they have sex more often
-
pep.
Anyway, going on?
-
winfried
yes
-
pep.
That's b and c "sorted"?
-
pep.
For the C2S case
-
pep.
Maybe c not entirely "what processing is done", we could maybe list a few common cases
-
winfried
I think we can safely say a XMPP server operator is a controller (not the hoster)
-
jonasw
I think what we *at the very minimum* learn from this given the technical means in the Jabber network is: you absolutely must not do any kind of data mining on message content which might come from federation.
-
pep.
winfried, agreed on that
-
winfried
jonasw: agree
-
pep.
jonasw, why especially federation
-
jonasw
pep., because federated users cannot consent
-
jonasw
you could get consent from your local users
-
pep.
I see
-
winfried
do we have a clear idea of the data collected and processed in a xmpp server?
-
jonasw
and operators might fall for "I got consent from my users, so I’m fine with processing their messages" but that’s in fact false because you’d need consent from the senders too
-
jonasw
winfried, I think Ge0rG gave a list earlier
-
pep.
I have listed: - JID - login credentials - roster content (with names) - bookmarks - "history" (offline/MAM)
-
jonasw
roster, timestamp of last available presence, mam, offline messages, http upload, in-flight messages
-
jonasw
ah
-
pep.
Ah right presence
-
jonasw
pep., add "timestamp of last available presence"
-
jonasw
and in general presence is saved transiently to anwser probes
-
winfried
logfiles with connection data
-
pep.
winfried, as in? IP? (re private data)
-
jonasw
http upload, too
-
jonasw
pep., timestamps and IP, yes
-
pep.
jonasw, or any kind of server-side component storage files?
-
pep.
storing*
-
jonasw
pep., yeah
-
jonasw
MUC history, too
-
winfried
also PEP data
-
pep.
MUC history, only applying to private MUCs?
-
jonasw
PEP is by default public
-
Ge0rG
would it make sense to put all that under "user content"?
-
jonasw
probably
-
winfried
except for the logfiles
-
jonasw
login credentials are hardly user content, too
-
Ge0rG
what about the roster?
-
winfried
jonasw: agreed, they may have a different legal status
-
Ge0rG
I think that roster / bookmarks are special, but (actual) PEP, MAM, offline, HTTP-Upload is all user content
-
jonasw
why are roster and bookmarks special?
-
Ge0rG
jonasw: PII, passwords
-
jonasw
are bookmarks PII?
-
Ge0rG
"Georg's private Sex Toys Chat"
-
jonasw
ah, I forgot about that one ;-)
-
jonasw
but isn’t that like message content?
-
Ge0rG
jonasw: not sure.
-
winfried
jonasw: I think so
-
jonasw
Ge0rG, why would it be different from message content?
-
Ge0rG
so we have: - credentials - user content (roster, bookmarks, PEP, messages, files) - server logs
-
winfried
+1
-
jonasw
Ge0rG, timestamp of last presence isn’t user content though
-
Ge0rG
jonasw: "server logs"?
-
jonasw
kinda, but it’s shared to peers
-
Ge0rG
so we have: - credentials - user content (roster, bookmarks, PEP, messages, files) - user metadata (IPs, last activity, ...) - server logs
-
jonasw
yeah, I’d like to have this separate, because you’re not "safe" as operator just because you turned off logging.
-
winfried
user metadata also includes data on the xmpp client
-
pep.
server logs can include all the above though✎ -
Ge0rG
winfried: what does an xmpp server store about the client?
-
pep.
server logs do include all the above though ✏
-
jonasw
Ge0rG, entity caps, which may allow mapping to disco#info, which may inclued software and OS version
-
jonasw
probably neither sensitive nor PII
-
jonasw
pep., not credentials, I hope :)
-
winfried
jonasw: it can show when I am at home, at my laptop or only on the mobile
-
Ge0rG
I'd argue that server logs fall under http://www.privacy-regulation.eu/en/r49.htm
-
winfried
it may also show when my connected sex toy is online...
-
pep.
jonasw, if scram then no, otherwise I could imagine it being in there
-
Ge0rG
winfried: your resource string is either user-data or user-metadata
-
jonasw
winfried, I think that’s user content/message content though because clients usually do that by themselves by asking for your disco#info. nothing special is done by the server here.
-
jonasw
(unless it does caps optimization, in that case see above)
-
jonasw
pep., if a server ever logs a password sent with PLAIN, report that as a bug
-
jonasw
even a SCRAM exchange shouldn’t be logged imo.
-
pep.
For debug purposes, for example
-
jonasw
pep., there’s no reason to log passwords for debug reasons.
-
jonasw
but we digress I thnik
-
jonasw
Ge0rG, but only for limited time. a proper logrotate would have to be in pace✎ -
jonasw
Ge0rG, but only for limited time. a proper logrotate would have to be in place ✏
-
winfried
I think: - credentials - user content (roster, bookmarks, PEP, messages, files) - user metadata (IPs, last activity, ...) - server logs is a good devision, because it devides the data in different legal categories
-
jonasw
winfried, I agree (not that I knew about which legal categories there are)
-
Ge0rG
jonasw: I don't see a time limitation in R49
-
jonasw
Ge0rG, to the extent strictly necessary and proportionate
-
jonasw
I think it’s hard to argue that you need to store full prosody debug logs for 2y for example.
-
Ge0rG
jonasw: good point
-
winfried
credentials: by creating these, you may implilcitly give permission for processing pii by the service
-
jonasw
I don’t think there’s such a thing as implicit consent
-
Ge0rG
So we have (b) covered as well now.
-
jonasw
in GDPR at least
-
winfried
user content: limit discussed earlier
-
winfried
user metadata: as user contant, possible different limitations
-
winfried
server logs r49, with limitations as above
-
pep.
what's this r49 exactly, let me find it
-
Ge0rG
winfried: what about (c), what processing is done? is that implicitly clear?
-
Ge0rG
pep.: http://www.privacy-regulation.eu/en/r49.htm
-
jonasw
Ge0rG, https://gdpr-info.eu/art-30-gdpr/
-
jonasw
that’s probably most relevant regarding (c)
-
jonasw
wait, I might be confused
- winfried is waiting
-
jonasw
ah
-
jonasw
don’t wait though
-
jonasw
in any case, taht article is relevant, probably not for (c) though
-
jonasw
or maybe it is :)
-
jonasw
i just lost all context
-
winfried
jonasw: I don't understand the coffee cup my client is showing me...
-
Ge0rG
winfried: your client is broken, it replaces letters in braces by pictures of things
-
jonasw
'( c )'
-
Ge0rG
winfried: b = beer, c = coffee
-
Ge0rG
dunno about a=(a)
-
pep.
c) is what processing is done. For that atm I have a quote from winfried, "we should not analyse data (content and metadata) on patterns that indicate categories from art 9.1 and 9.2", and then jonasw's "you absolutely must not do any kind of data mining on message content which might come from federation"
-
pep.
We haven't done b) for the S2S case, we'll get to that afterwards?
-
winfried
pep.: correct
-
winfried
you can leave out the 'might come from federation' part
-
jonasw
winfried, you *can* do data maning if you got consent from your users -- but not on federated messages
-
jonasw
unless you do some captcha thing
-
jonasw
I feel that’s important to mention
-
pep.
jonasw, more details on the captcha thing?
-
Ge0rG
my take: - credentials: stored as long as the account exists, limited further processing (check user JID against well-know spammer patterns) - user content: stored as long as the account exists (roster, bookmarks, PEP) / for a limited time (messages, http upload)
-
jonasw
not that I’d condone data mining of any kind, but if an operator chooses to do so with consent of their users, they have to restrict to non-federated.
-
winfried
jonasw: I can also ask for consent from federated users
-
jonasw
pep., like, on the first message from a federated user, hold that message and make the federated user click a button on a website with terms of services for all messages sent to that domain.
-
jonasw
winfried, yes, but harder
-
jonasw
because they don’t sign up.
-
jonasw
and it might not be obvious
-
Ge0rG
I think we should focus on what processing is technically required, what is typical and not focus on special cases of user-targeting
-
winfried
jonasw: yes, so it is an administrative / technical issue, but legally it seems the same to me
-
jonasw
Ge0rG, +1
-
Ge0rG
also please keep federation out yet
-
winfried
Ge0rG: +1
-
jonasw
I think that federation is the most tricky part though ;-)
-
winfried
jonasw: +1
-
Ge0rG
jonasw: maybe it's not.
-
Ge0rG
so can we get back to minimal and typical please?
-
pep.
agreed with Ge0rG's split for b)
-
Ge0rG
credentials: minimal = store as long as the account exists | typical = spam bot detection user metadata: minimal = store during connection | typical = store with account, spam detection, expose to other users (last activity)
-
jonasw
"typical = spam bot detection" for credentials?
-
jonasw
do you store plaintext passwords to detect spam bot??✎ -
jonasw
do you store plaintext passwords to detect spam bots? ✏
-
pep.
localpart or server I guess
-
pep.
Ah wait, not server, just localpart for c2s
-
Ge0rG
user content: minimal = roster,bookmarks with account, PEP in RAM only, offline messages until first client connects | typical = with account, MAM/files for a given amount of time
-
Ge0rG
jonasw: I'm checking usernames against patterns
-
jonasw
Ge0rG, right
-
jonasw
I was thinking about storage only, you were (rightfully so) thinking about processing
-
pep.
(brb, 1 minute)
-
winfried
Ge0rG: I like that list
-
Ge0rG
- server logs: minimal = no logs | typical = some days / weeks of logrotate, maybe with IP addresses / message metadata. I'm storing debug logs for two weeks plus additional spam detection logs
-
Ge0rG
addenum for user metadata/typical: IP address of registration / of last login
-
Ge0rG
storage of ^
-
winfried
and I nothing that is disproportional or outside reasonable user expectation
-
Ge0rG
Somebody should wifiky that. Or put it into a proper table
-
winfried
Ge0rG: our notekeeper is afk ;-)
-
Ge0rG
Sorry, I've vastly exceeded my timebox for this conference, and I need to catch up. I'm semi-AFK now while you figure out the legal grounds beyond R49
-
pep.
!
-
pep.
I'm also usually storing debug logs on the server, and rotating them
-
winfried
lets see where we are now, I have to leave in 20 minutes too
-
winfried
we have come quite far with the c2s part of Q1.1
-
pep.
Yeah, this last bit was d)
-
pep.
For C2S
-
winfried
still have the tough issue of s2s (federation) open
-
pep.
Ge0rG, "PEP in RAM", some server provide persistency here, and soon(tm) prosody as well. I would just put that with roster/bookmarks✎ -
pep.
Ge0rG, "PEP in RAM", some servers provide persistency here, and soon(tm) prosody as well. I would just put that with roster/bookmarks ✏
-
Ge0rG
winfried: I have some information on federation, but I think we should make a follow up appointment
-
winfried
Ge0rG: +1
-
pep.
Agreed for the follow-up, I think we can summarize quickly and call it a day
-
pep.
There's already quite a lot of stuff to digest
-
Ge0rG
pep.: you volunteered to create a page on the wiki with the content table, I've heard... 😀
-
pep.
heh
-
winfried
pep.: I can help building the wiki page
-
winfried
can we set a new date?
-
Ge0rG
winfried: yes please
-
pep.
This week? Next week? How quick do you want to figure this out
-
Ge0rG
This week, some day, same time
-
winfried
pep.: I prefer a short, compact, traject
-
pep.
+2 days? (wed)
-
winfried
pep.: works for me
-
Ge0rG
WFM
-
pep.
jonasw,
-
pep.
I'll try to send minutes soon
-
winfried
pep.: great, thanks a lot
-
Ge0rG
pep.: yay!
-
jonasw
wednesday doesn’t work for me
-
jonasw
sorry, I was distracted
-
pep.
+3 days? +4 doesn't work for me
-
jonasw
I can’t make reliable statements about any day after wednesday until next weeks thursday
-
Ge0rG
Friday is so temptingly empty on the calendar...
-
jonasw
so the closest thing which would work would be tomorrow, ohterwise it’ll be best-effort on my side.
-
winfried
tomorrow works for me
-
pep.
I can do +4 but after 13CET. I can do +1 yes
-
Ge0rG
WFM too
-
jonasw
okay
-
pep.
ok, +1 day, 12CET
-
jonasw
12:15 CEST would be easier for me
-
jonasw
(as I learnt today)
-
pep.
ok, 12:15CET.
-
jonasw
CEST please
-
winfried
+1
-
jonasw
not CET.
-
jonasw
(like today)
-
pep.
Ah, oh
-
pep.
DST.
-
Ge0rG
pep.: CET will be again in half a year
-
jonasw
yeah.
-
pep.
Cool, +1 day 12:15CEST then.
-
pep.
*bang*
-
jonasw
thank you
- winfried applauses
-
Ge0rG
Thank *you*!
-
winfried
nice work guys!
-
jonasw
obligatory XKCD: https://xkcd.com/1883/
-
pep.
Wait so what time is now now in CEST land
-
Ge0rG
pep.: CEST
-
winfried
14:00
-
Zash
> 14:00:18 pep.> Wait so what time is now now in CEST land
-
pep.
cool
-
pep.
is it*
-
pep.
jonasw, :D
-
winfried
yeah, had a laugh on that one too... though I like the idea of california drifting of the mainland :-P
-
Seve/SouL
Was this meeting announced somewhere? I think I missed some information on this, didn't know this was going to happen
-
winfried
Seve/SouL: no, we just made the appointmet in this muc after last boardmeeting
-
winfried
Seve/SouL: do you want to be involved?
-
Seve/SouL
Thank you winfried, it's not like I can help on this topic :) Just wondering if I was missing important events. Do not worry, thank you very much :)
-
jonasw
It *should* have been announced on members@
-
jonasw
in the board meeting minutes
-
jonasw
but apparently the minutes haven’t been sent yet
-
pep.
btw, anybody knows where I can find more info about the derogation mentioned in https://gdpr-info.eu/recitals/no-13/
-
jonasw
pep., https://gdpr-info.eu/art-30-gdpr/ 30.5
-
pep.
jonasw, thanks
-
pep.
Now I'm not sure most services will fall under that derogation though.
-
pep.
"[..] unless [..] the processing is not occasional"
-
pep.
Ok I'll keep that for next time
-
pep.
> jonasw> some risk management articles: 5, and consent in 7 and 8, with proof What did you mean with "with proof"?
-
Zash
> 2. This Regulation does not apply to the processing of personal data: > (c) by a natural person in the course of a purely personal or household activity;
-
Zash
How does that relate to self-hosting?
-
pep.
Yeah I was wondering as well. Will add that to the questions. I guess that's good when you do it for yourself, or with people that also have access to the machine and take care of it (xmpp service)? And doesn't qualify if you start giving accounts to people who don't?
-
jonasw
pep., you probably need proof for consent
-
Zash
Has anyone figured out how to get consent over the Internet yet?
-
Ge0rG
Zash: [ ] I accept that you'll bend me over and take my virgi^W data
-
jonasw
my virginia drivers license? no way!
-
winfried
Self hosting is an interesting case too!
-
Ge0rG
winfried: self-hosting for yourself or for others?
-
winfried
> Has anyone figured out how to get consent over the Internet yet? Yes, there are quite clear cut rules for, technically not too complicated in matter of facts, de hardest part is asking the right question...
-
moparisthebest
that's been solved a long time, you just pop up a 15,000 word EULA asking for everything in a tiny window and an 'Accept' button right?
-
winfried
Ge0rG: both are interesting! Though when it among a collective of friends or family it will probably be the same case, but good to check
-
winfried
moparisthebest: that one has never been valid in the netherlands, if you can't download it in plain text or PDF, it was not legal and standard Dutch law applies!
-
moparisthebest
ctrl+c/ctrl+v downloaded in plain text and therefore legal
-
Ge0rG
reminds me of the first generation of Facebook export, where you got a 500 page PDF file containing all your data.
-
winfried
moparisthebest: nope, not valid here 😃
-
edhelas
Ge0rG you can add &exportformat=xml-xmpp to the FB export URL
-
Ge0rG
edhelas: I can't.
-
Ge0rG
edhelas: because I don't have a Facebook account, I will never know what Facebook logs about me.
-
edhelas
time to subscribe!
-
Zash
The mysterious Shadow Ge0rG
-
flow
https://tools.ietf.org/html/draft-tenoever-hrpc-research-05#section-5.2.6
-
flow
did the authors of this reach out to "us" (i.e. the xmpp community)?
-
Zash
-rfc 8280
-
Bunneh
Zash: Research into Human Rights Protocol Considerations. N. ten Oever, C. Cath. October 2017. (Status: INFORMATIONAL) https://tools.ietf.org/html/rfc8280
-
Zash
https://tools.ietf.org/html/rfc8280#section-5.2.3.4
-
edhelas
https://takeout.google.com/
-
Zash
Wait what
-
Zash
> While the protocol does not specify that the resource must be exposed by the client's server to remote users, in practice this has become the default behavior.
-
Zash
Well I suppose you can do without presence, but uh
-
daniel
Wait. So telling your contacts that you are available is a bad thing now?
-
Zash
flow: I'm not sure I immediately associate any of the authors or thanked people to XMPP
-
Ge0rG
daniel: doesn't your client show a GDPR disclaimer before you accept a subscription?
-
daniel
The death of pars
-
Ge0rG
j.o is still down.
-
Zash
-ping jabber.org
-
Bunneh
Zash: Pong from jabber.org in 4.463 seconds
-
Ge0rG
What? Why?
-
Ge0rG
Oh, poezio won't auto-rejoin on its own. Sorry.
-
Zash
Because IPv6
-
Zash
Only Legacy IP is affected.
-
Ge0rG
Zash: s2s IPv6 failed today as well. I blame prosody
-
Ge0rG
| -> conference.jabber.org [s2sout56531a7fbce0] (authenticated) (encrypted) (IPv6) | <- conference.jabber.org [s2sin5653218deb10] (authenticated) (encrypted)
-
Ge0rG
There is an interesting discrepancy.
-
moparisthebest
firewall is blocking incoming ipv4 but not outgoing ipv4
-
Zash
DoS protection or something?
-
Ge0rG
DoS-by-DoS-protection.
-
intosi
No, firewall blocks ipv4 the main address, both ingress and egress.
-
intosi
I added temp a secondary IP.
-
Ge0rG
Ah, that also explains why it didn't work at all in the beginning.
-
Ge0rG
I suppose the fallback to IPv6 egress didn't happen?
-
intosi
It kinda did, but not entirely.
-
Ge0rG
We really need better debugging tools. Something like a dynamic log where we can easily filter by JID
-
Ge0rG
Maybe I need to dump all my prosody logs into something like kibana or elasticsearch.
-
MattJ
I was looking into elasticsearch for MAM...
-
MattJ
I think it's overkill though
-
Ge0rG
MattJ: not for MAM, for log analysis
-
MattJ
I know, my message was semi-unrelated
-
Kev
I put my logs into elasticsearch for a while and didn't find any use for it so stopped.
-
Ge0rG
it would be great to have a mod_log_json which would dump structured records of each event via some socket interface
-
Zash
Was dog-something related to logs, or just stats?
-
Ge0rG
Kev: yesterday I sent a message to a MUC on my server from my mobile client, and it was rejected. As I don't have logs from the mobile, there is no way to find out what happened now.
-
MattJ
Zash, Datadog added log support recently (it might still be in beta, not sure)
-
Kev
Ge0rG: Me not finding a use for something and it not being useful aren't quite the same thing. Despite me obviously being the center of the world.
-
Ge0rG
Kev: let me remind you of H2G2.
-
Maranda
H2G2
-
Maranda
🤔 🤔 🤔 🤔
-
Ge0rG
-EEMOJIOVERFLOW
-
edhelas
let's remove emojis support from XMPP ;-)
-
Ge0rG
let's remove Maranda support from xsf@ :PP
-
Zash
ASCII-only
-
intosi
stty -emoji ?
-
Maranda
-E_STOPUSINGCONSOLECLI_PROBLEM_SOLVED
-
Maranda
:P
-
edhelas
with XHTML-IM I can send images to all the XMPP clients, so ASCII-only will do
-
Ge0rG
My console has a perfect two-way mapping of Unicode Emoji to ASCII. It only ever failed on foo:iq:bar
-
Maranda
Ge0rG, and male emojis *coughs*
- Maranda has good memory.
- Maranda ... for now :P
-
pep.
Zash, can you reply to the minutes I just sent for your question earlier?
-
pep.
Under Q1.1.a I guess
-
pep.
(re personal/household activity)
-
Ge0rG
Are <stanza-id> elements mandatory in MUC history playback on a MAM-enabled MUC?
-
Zash
Please wait for food coma to subside✎ -
Zash
pep.: Please wait for food coma to subside ✏
-
Ge0rG
pep.: to the time machine! 😁 > Date of Next: 2018/03/17
-
pep.
ah merde
-
Ge0rG
pep.: let me read the whole thing before you send out an update :D
-
pep.
k
-
pep.
We do cover c) with some stuff in b), I guess I could have split that
-
Ge0rG
pep.: okay, everything else is fine with me :)
-
Ge0rG
pep.: thanks for taking minutes, and it's nice to see the conscise form of the discussion
-
pep.
:)
-
Ge0rG
pep.: maybe members@ is not the right venue, though
-
jonasw
I feel it is the righter venue than standards@
-
pep.
Yeah I was wondering, I'm not sure
-
Ge0rG
jonasw: what do you feel is the most rightest one?
-
pep.
But I don't think it should be in standards. if any I would have put that in operators as well maybe
-
jonasw
I think members@ is a good start for now
-
jonasw
we might want to cross-post to operators@ at some point.
-
pep.
:)
-
jonasw
pep., hmm, now that I think of it, getting people from operators@ on board could be a good idea
-
jonasw
pep., could you forward the mail to operators@ with a fixed dat?✎ -
jonasw
pep., could you forward the mail to operators@ with a fixed date? maybe someone will show up. ✏
-
pep.
Sure
-
Zash
Phew
-
Ge0rG
Zash: you are the one with the conversion magic skills. I'm looking for a way to convert https://datatracker.ietf.org/doc/draft-ietf-mile-xmpp-grid/ into something I can read on a mobile device
-
Zash
Ge0rG: How is the HTML?
-
jonasw
Ge0rG, xml2rfc --raw?
-
Ge0rG
Zash: it sucks.
-
Ge0rG
It's like ASCII text, but with added references.
-
Zash
And the text/plain?
-
Zash
Hm
-
jonasw
hm, --raw isn’t great
-
Zash
xml2rfc had a better html output when I tried it the other day
-
Ge0rG
I want something like epub, where the text reflow is controlled by the client UI in accordance with my font settings and viewport size.
-
MattJ
It has ASCII diagrams in it
-
Ge0rG
MattJ: I can live with horizontal scrolling on those.
-
Zash
Ge0rG: How is this on your device? https://xmpp.org/rfcs/rfc6120.html
-
jonasw
Ge0rG, xml2rfc --html
-
Zash
That's (I think) what you get from `xml2rfc --html`
-
jonasw
Ge0rG, https://sotecware.net/files/noindex/draft-ietf-mile-xmpp-grid-05.html example
-
jonasw
the width is set dynamically
-
jonasw
(it is just a max-width)
-
Ge0rG
https://upload.yax.im/upload/2D5IcQiw14tuMVQa/Screenshot_20180326-174545.png
-
jonasw
which is good
-
MattJ
"Using the XMPP publish-subscribe extension [XEP-0030],"
-
Ge0rG
jonasw: your rendering sets the width to 75% of my screen, but at least I can zoom in the other 25%, making the size almost bearable
-
jonasw
m(
-
jonasw
I tried it on my device
-
jonasw
stupid
-
jonasw
Ge0rG, interestingly, the ctrl+shift+m thing on firefox which is supposed to emulate mobile devices does it better than the actual mobile firefox.
-
Ge0rG
Really, can't we just have epub/mobi? With HTML, browser vendors haven't figured out to remember the screen position I stopped reading at. In 2018. It's a shame.
-
Ge0rG
Almost as bad as XMPP.
-
pep.
Ge0rG, they do? don't they?
-
pep.
FF does that for me
-
jonasw
Ge0rG, reload mine
-
Ge0rG
pep.: sometimes they do, but as soon as they have to rerender the page, all bets are off
-
jonasw
oh reader mode actually works fine
-
jonasw
on that rendering
-
jonasw
so maybe just use that
-
jonasw
meh,e xcept for the ascii diagrams of course
-
Ge0rG
The Debian man page for xml2rfc is awesome as well: > The xml2rfc script requires python 2, with a version of 2.6 or higher. Can't proceed, quitting.
-
Zash
Can haz xml2rfc2epub ?
-
jonasw
Ge0rG, re-try my rendering. you have to zoom in because of the diagrams, but otherwise it should be fine
-
moparisthebest
I've pretty much given in to the fact that I'll always be required to have python 2 and 3 on every computer forever
-
Zash
Ge0rG: pandoc can turn html into epub, but it's usually kinda messy
-
jonasw
it’s xml2rfc with <meta name="viewport" content="width=device-width, initial-scale=1" /> added
-
Ge0rG
jonasw: how do I do "Reader mode" on mobile FF?
-
jonasw
it’s next to the address bar
-
Zash
gah, forgot to enter my email password
-
Ge0rG
Ah. Thanks. It even supports changing the font size. Almost awesome.
-
jonasw
Ge0rG, yeah, aside from the ascii art diagrams :(
-
Ge0rG
But still not epub. I don't trust it to remember my reading position over the next OOM kill.
-
jonasw
it won’t probably
-
Zash
Whoever thought having the same keybinding for "back" and "quit" in mutt ...
-
jonasw
you should’ve said that at the beginning, Ge0rG
-
jonasw
:(
-
Ge0rG
And it's grey on grey.
-
jonasw
it’s black on white here
-
Zash
Ge0rG: pandoc blah.html -o blah.epub ?
-
Zash
or -s -o b blah.markdown and tweak it a bit then -o epub
-
Zash
Basically how I read blags these days
-
Ge0rG
Okay, epub has great text rendering, but the ASCII diagrams are unusable :D
-
Ge0rG
Thanks everyone.
-
Ge0rG
jonasw: FF reader mode is light-grey on dark-grey. I have no idea who thought that's a good idea.
-
jonasw
Ge0rG, switch the color scheme
-
jonasw
it defaults to auto
-
jonasw
maybe something is weird on your device
-
jonasw
(it’s in the same menu as the font size)
-
Ge0rG
jonasw: mine is "dark", and that's a low-contrast theme.
-
jonasw
switch to light.
-
Ge0rG
it's better contrast, but I actually wanted a dark theme.
-
Ge0rG
okay, my FBReader might be a bit extreme, 50% red on 100% black
-
Maranda
Infamous "Disco Pub(Sub)" xep
-
Ge0rG
but it's great for OLED display reading at night
-
Maranda
Now I understand Yaxim's colour scheme reason.
- Ge0rG &
-
jonasw
Ge0rG, I feel you might actually want redshift instead.
-
jonasw
(or LiveDisplay how LineageOS calls it)
-
jonasw
the most amazing thing invented for displays
-
jonasw
(also known as f.lux or xflux)
-
jonasw
pep., I forgot to say it, thanks a lot for taking the minutes :-)
-
pep.
You're welcome
-
pep.
I forgot to specify maybe we haven't treated S2S cases yet, and that's going to come later on. Will indicate that tomorrow
-
Zash
How's jabber.org doing?
-
jonasw
I’m joined in jdev@
-
jonasw
so I assume I got lucky with ipv6?
-
jonasw
v4 still blackholes
-
pep.
yay presence-less clients. andrey.g is spamming the room with join/parts :x
-
moparisthebest
TLS 1.3 approved https://www.ietf.org/mail-archive/web/ietf-announce/current/msg17592.html
-
pep.
Woohoo
-
Zash
So, does it hide SNI and ALPN or did the firewall vendors manage to block that?
-
Zash
Seemed to go back and forth a bit on that IIRC