-
edhelas
hello everyone
-
edhelas
I've implemented xep-0153 this weekend, quite simple, I was wondering what is the recommended XEP for handling avatars (with xep-0084) ?
-
jonasw
XEP-0084 is preferred, but XEP-0153 required for backward compatibility and MUCs
-
edhelas
okay
-
daniel
Publish your own with pep, provide read access for vCard avatars and let your server do the conversion
-
lovetox
daniel, what do you mean with "provide read access"
-
lovetox
how would i do this from a client
-
jonasw
lovetox, if you don’t find an avatar in PEP, try vcard transparently
-
lovetox
ah, only read support, i get it
-
lovetox
i do it the other way around, read/write vcard, only read for 0084 (for servers that dont support conversion
-
daniel
I mean technically you don't _try_ because both are pushed to you. Either via pep or via hash in vCard
-
daniel
So you pretty much know ahead
-
daniel
But yes
-
jonasw
I don’t think we rely on pep notifications to work
-
jonasw
we use it to build a local cache, but when asked for an avatar && we haven’t seen a pep notification, we’ll still try
-
daniel
I wouldn't consider it good practice to fire 300 avatar request on launch
-
daniel
I rather rely on pep
-
daniel
Which is kinda working OK most of the time
-
lovetox
displaying a avatar is not so critical that i would start requesting it
-
lovetox
different story with a omemo key for example 🙂
-
jonasw
daniel, avatars aren’t requested until in-view, so there’s some time for pep to fill the gaps
-
pep.
When is the next gdpr event again. If it was today I'm sorry I'm sick in bed. I don't know about tomorrow..
-
jonasw
pep.: next is tomorrow, 12:30 CEST
-
SaltyBones
gdpr event?
-
MattJ
*GDPR Party
-
MattJ
General Data Protection Rave
-
MattJ
SaltyBones, there have been a series of meetings discussing the impact of GDPR on XMPP operators
-
Zash
Groovy Drunken Party Rave
-
SaltyBones
oh cool
-
SaltyBones
that's a great idea I hope the results are documented somewhere? :D
-
MattJ
They are
-
MattJ
https://wiki.xmpp.org/web/GDPR
-
SaltyBones
<3
-
moparisthebest
so that page says "The GDPR is applicable to anyone offering services from EU, or to EU citizens, paid or non-paid and to anyone explicitly targeting EU inhabitants. "
-
moparisthebest
which directly contradicts https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/application-regulation/who-does-data-protection-law-apply_en
-
moparisthebest
which says "Provided your company doesn't specifically target its services at individuals in the EU, it is not subject to the rules of the GDPR."
-
moparisthebest
right?
-
moparisthebest
cc pep. jonasw winfried ^
-
Holger
The first link on https://xmpp.org/about/xsf/jabber-trademark/whats-required.html ("actual license language") is dead, FWIW.
-
Zash
RIP
- Zash guesses https://xmpp.org/about/xsf/jabber-trademark/trademark-license-agreement.html
-
moparisthebest
but as far as anyone knows right now, there is no actual document from cisco granting that, at least last time I talked to peter he said he would look for it
-
Holger
moparisthebest: So the last sentence on https://xmpp.org/about/xsf/jabber-trademark/background is wrong?
-
Neustradamus
A lot of links are dead since the XMPP.org server crash
-
Zash
Wasn't there a giant issue collecting them all?
-
moparisthebest
Holger, so if you read it, it was a trial agreement for 12 months, at which time they would make another agreement
-
moparisthebest
that other agreement either 1) never happened or 2) no one knows where it is
-
moparisthebest
peter said he would look for it, I haven't followed up
-
moparisthebest
oh right, and after the 12 months JINC was supposed to transfer the trademark to the JSF, which obviously never happened, right?
-
Holger
moparisthebest: Can't find any of this in https://xmpp.org/docs/Trademark_License_Agreement.pdf but whatever.
-
moparisthebest
Holger, https://xmpp.org/docs/Trademark_Enforcement_Agreement.pdf section 3. Term and Termination
-
Holger
So the Enforcement Agreement supersedes the License Agreement?
-
moparisthebest
it came after?
-
Holger
It's not about a different topic (using the trademark vs. administering it)?
-
moparisthebest
I'm not a lawyer, it's just clear https://xmpp.org/docs/Trademark_Enforcement_Agreement.pdf is no longer in effect right?
-
Holger
Maybe, but I thought you were saying nothing is in effect.
-
moparisthebest
I don't know, it all seems very questionable though
-
moparisthebest
I'd kind of wager no one currently at cisco knows anything about it
-
Holger
Legal stuff always feels fragile to me.
-
Zash
It is
-
Zash
It's code that runs on PEOPLE
-
moparisthebest
I feel like the XSF should probably look into it and answer these questions before handing out any more sublicenses or recommending using the term
-
moparisthebest
is there an official way to pester the board about this? :)
-
Zash
Haxxor the Trello?
-
moparisthebest
hmm seems easier to just crash the next board meeting
-
moparisthebest
if I happen to be lurking at the same time
-
moparisthebest
Holger, it says it 'conteplates the grant to the JSF by JINC of a perpetual royalty-free license to use the jabber trademark'
-
moparisthebest
and it's no longer in effect
-
moparisthebest
seems to me unless there is another agreement the JSF lost that license after a year?
-
moparisthebest
again who knows, I'm a programmer, meh
-
moparisthebest
OH wait I think I get it
-
moparisthebest
https://xmpp.org/docs/Trademark_License_Agreement.pdf allows the JSF to *use* the trademark, it explicitly says it is NOT allowed to sublicense it
-
moparisthebest
then https://xmpp.org/docs/Trademark_Enforcement_Agreement.pdf allows sublicensing for a trial period of 12 months
-
moparisthebest
is that right?
-
Ge0rG
moparisthebest: IIRC that trial is automatically converted into a full license after the year
-
moparisthebest
Ge0rG, where does it say that?
-
moparisthebest
Upon termination of this Agreement other than in connection with the transfer of the ownership of the mark to the JSF, JINC shall again become soley responsible for administration of the mark.
-
moparisthebest
that's section 3 of https://xmpp.org/docs/Trademark_Enforcement_Agreement.pdf
-
moparisthebest
so I think we can all agree the ownership did not transfer right?
-
Ge0rG
moparisthebest: I've read through all of these documents last year, and I wanted to make the sub license process easier. I failed on stpeter
-
moparisthebest
which I think means that agreement is no longer in effect
-
Ge0rG
moparisthebest: but my reading is that the xsf is actually legally allowed to sublicense
-
moparisthebest
as I read it, XSF has no right at all to sub license, after May 2nd, 2004
-
moparisthebest
where Ge0rG ? not saying you are wrong, just that I don't see that part
-
Ge0rG
moparisthebest: stpeter will know
-
moparisthebest
we talked about it in here, he said he'd look for the next agreement
-
moparisthebest
but in the meantime, handing out sublicenses based on "we think someone has the contract in a filing cabinet" is pretty shaky
-
Ge0rG
moparisthebest: that's a Board topic. I tried it multiple times and failed, but with different questions
-
winfried
moparisthebest: old question, three ways you can be subject to the GDPR: 1) you are EU based 2) you target EU citizens 3) you collect on a large scale (millions) data on EU citizens
-
Zash
Ge0rG for board?!
-
moparisthebest
winfried, so the xmpp wiki is wrong, you aren't subject if you provide services to EU citizens as long as you aren't specifically targetting them?
-
moparisthebest
that would be good to correct, as then it wouldn't affect basically any xmpp servers outside EU
-
moparisthebest
Ge0rG, I agree with you re: board topic, maybe an email to members@ would get it on their radar? idk
-
winfried
moparisthebest: if you aren't targeting them and AND you don't collect on a large scale data on them, then it wouldn't affect you. Thanks for pointing out the issue with the wiki!
-
moparisthebest
that's great news for small friends+family xmpp servers
-
SamWhited
If it's a small friends+family server it doesn't matter anyways unless you think your friends or family are likely to file a complaint about your handling of their data.
-
moparisthebest
well I've given random xmpp devs accounts to test stuff
-
moparisthebest
I don't really want to even consider GDPR there, turns out I don't have to, which is good
-
SamWhited
You probably don't either way unless you're worried that they'll ask you to delete your data, you'll say no, and then they'll report you.
-
winfried
SamWhited: personal use is not subject to the GDPR, and the GDPR is *way* more relaxed to small scale data processing. If your name is Google, Facebook or Palantir, you should worry.
-
SamWhited
Right, but not if you're hosting a server for friends and family and a few random devs.
-
winfried
SamWhited: exactly
-
Ge0rG
SamWhited: family and friends are exempt, unless you take money