-
Zash
Hm, memberbot doesn't tell me what I'm voting for
-
Zash
Huh, xhtmlim bug?
-
ralphm
Worked fine for me (Conversations).
-
Zash
Not a client issue it seems
-
Zash
It's sending <b> and <i>. Those aren't allowed per https://xmpp.org/extensions/xep-0071.html#def-text
-
jonas’
that should only lead to them not having any effect
-
jonas’
I think?
-
jonas’
unsupported tags should be replaced with their content
-
ralphm
Yes
-
Zash
I can't do that.
-
ralphm
Huh?
-
ralphm
That's the most basic of HTML handling
-
jonas’
although I’d argue that disallowed tags ≠ unsupported tags and disallowed tags should be dropped altogether. however, I’d go with replace with content even for disallowed.✎ -
ralphm
Ignore what you don't know
-
ralphm
Right
-
Zash
No, I'm saying that my sanitizing code can't do that.
-
jonas’
although one could argue that disallowed tags ≠ unsupported tags and disallowed tags should be dropped altogether. however, I’d go with replace with content even for disallowed. ✏
-
Zash
It's not possible to replace tags with text.
-
Zash
It must replace tags with tags or nothing.
-
ralphm
So you found two bugs
-
Zash
Now, the real question is: Where does the plain text <body> go?
-
jonas’
Zash, it’s even worse, you need to be able to replace tags with mixed content
-
jonas’
if you get sent <p>something <b>foo<i>bar</i>baz</b> something</p>, the result should be <p>something foobarbaz something</p> (assuming p is allowed)
-
ralphm
If a client supports XHTML-IM, it will ignore the body
-
Zash
But there was no <body>
-
Zash
or a message at all
-
Zash
I only received the "Approve (yes/no)" messages and I don't see where the others went
-
ralphm
I'd check out the bot and try out. I'd be surprised if it didn't send body
-
Zash
Lookl like Link Mauve already noticed this and https://github.com/linkmauve/memberbot/commit/4f539b8571c48f84129c284517f6bb692352247e
-
ralphm
Also note the body
-
Zash
Sure, but I didn't receive those at all for some reason
-
Zash
So either my firewall ate them or my XHTML-IM filter ate them
-
jonas’
tasty
-
dwd
Afternoon, all.
-
ralphm
hi dwd
-
ralphm
set the topic to
XSF Board Meeting | Logs: http://logs.xmpp.org/xsf/ | Agenda https://trello.com/b/Dn6IQOu0/board-meetings
- ralphm bangs gavel
-
ralphm
0. Welcome + Agenda
-
ralphm
Welcome!
-
ralphm
Who do we have?
-
nyco
Hey
-
Guus
hi
-
ralphm
dwd asked us to discuss Compliance Suites, so there might be some Council members around to join for that item.
-
Seve
Hello :)
-
dwd
All things are possible.
-
ralphm
MattJ?
-
Guus
You can summon MattJ by mentioning him...
-
dwd
Ge0rG and Link Mauve?
-
Guus
normally
-
dwd
Guus, You have to say MattJ three times in front of a mirror, I think.
-
Guus
My name has a similar, but different effect: the mirror breaks.
-
ralphm
Mirror, mirror, who's the luast of all?
- dwd is on minutes, by the way.
-
Guus
thanks
-
Seve
dwd, thank you very much
-
ralphm
1. Appointment of officers
-
ralphm
Alex has agreed to serve for another year as Secretary. I motion we reconfirm Alex Gnauck as our Secretary.
- Ge0rG is there for purposes of the Compliance Suite
-
Guus
+1
-
Guus
(you're here for many purposes, Ge0rG )
-
Seve
+1
-
nyco
+1
-
ralphm
Yay!
-
ralphm
Peter has agreed to serve for another year as Treasurer. I motion we reconfirm Peter Saint-André as our Treasurer.
-
Guus
+1
-
Seve
+1
-
ralphm
nyco?
-
ralphm
Since we already have 3 votes, I'll say Yay again.
-
Guus
Thank you, Alex and Peter, for putting in the effort once again. Appreciated!
-
ralphm
Missing votes to follow
-
ralphm
On our Executive Director, Peter mentioned he didn't have time last week, but could this week. I haven't picked up on that, yet.
-
nyco
+1
-
ralphm
(thanks nyco)
-
Guus
(do we need the missing votes to confirm them? We have quorum, don't we?)
-
nyco
sorry
-
ralphm
Guus: we don't but I think it is nice if we have votes from all Directors.
-
Seve
I agree
-
ralphm
And chiming in with Guus thanking Peter and Alex.
- Seve as well
-
ralphm
2. Compliance Suites
-
MattJ
Hey
-
nyco
ho
-
MattJ
Sorry, here now
-
Guus
(wow, sloooow mirror!)
-
ralphm
Hi MattJ, feel free to put in your votes.
-
ralphm
Meanwhile, dwd: go!
-
MattJ
+1 to Alex for Secretary, +1 to Peter for Teasurer
-
ralphm
dwd?
-
dwd
Oh, sorry - Ge0rG would be best to lead here.
-
nyco
I'll have to leave at 16:00
-
Ge0rG
We had a discussion in Council regarding what form Compliance Suites should take, but I'm not even sure what we wanted to escalate to Board
-
nyco
naming?
-
dwd
TThe thing to escalate was in terms of using them as a marketing tool, perhaps filtering the software the XSF lists, etc.
-
nyco
"XMPP 2019"?
-
Ge0rG
Ah, so compliant software. Yeah.
-
Guus
I don't think council needs board to approve naming?✎ -
nyco
please define "marketing tool"
-
Guus
I don't think council needs board to approve naming (of XEPs)? ✏
-
nyco
agree with that, naming can be left to the Council
-
Ge0rG
We had a discussion about badges some years ago. So that compliant software can be marked as such with nifty labels
-
ralphm
Guus: some, most are Council's business
-
Ge0rG
I think the current technical form of CS is appropriate, if we can have a prominent link on the top of the XEP list
-
dwd
nyco, Well, that's it, isn't it? The Council merely noted that we don'tt do much as an organisation with the compliance suites - what marketing could we do with them?
-
nyco
badges can be cool, very visual, understandable in one eye shot, impactful I like that idea
-
ralphm
Badges comes up every time Compliance Suites are discussed
- jonas’ wants to enqueue himself for the Any Other Business section of the board meeting
-
ralphm
The problem is that someone needs to check, right?
-
Ge0rG
nyco: that opens the question of whether badges will be issued by XSF after some formal/automatic verification, or if everybody can just assign them on their own
-
Ge0rG
and what kind of abuse management mechanism we have then
-
MattJ
This same conversation :)
-
MattJ
There is no way we can verify who complies and who doesn't, so either the badges are free for everyone or we shouldn't have them
-
jonas’
just like with trademarks, spot an infringement and sue them?
-
nyco
yep, qualification, certification, etc.
-
jonas’
(of course, we can’t do that because manpower)
-
MattJ
I'd be totally fine with prominent links to the compliance suites, and treating them purely as guidance for developers
-
ralphm
I don't feel like being in the business of certifying
-
Ge0rG
"business" is a rather correct analogy, I fear
-
dwd
Sure, but we can also let people self-certify and pull this from them if they are clearly taking the piss.
-
Ge0rG
So what can we do, short of a certification business, to promote XMPP 2019?
-
nyco
I like this: https://www.coreinfrastructure.org/programs/badge-program/
-
ralphm
If someone claims their software complies with the suite, and they don't, well, let the intarntubes' scorn be on them.
-
nyco
it's declarative, but promote good/best practices
-
MattJ
dwd, "clearly" is still subjective, unfortunately
-
Guus
I think we, as the XSF should pace ourselves a bit here.
-
nyco
"intarntubes" 😉
-
dwd
Perhaps. But given that if people don't even claim a free thing, then that's a valuable signal in itself...
-
Guus
I'd not object to run some sort of compliance checker in our domain, akin to what we do with xmpp.net (of which the state is itself somehwat unclear)
-
Ge0rG
xmpp.net is broken, not unclear ;)
-
jonas’
although at the moment the only thing broken is the DNSSEC verification
-
jonas’
which means that SRV records are not honoured for 99% of services
-
ralphm
And also not an XSF effort
-
Guus
Ge0rG part of the reason why it remains broken is that we don't know who's responsible, I thik.
-
jonas’
MattJ did a lot of good work on it.
-
Ge0rG
Guus: I think it's because the intersection of people who have the knowledge, the time and the power to fix is is empty.
-
MattJ
I have some time, I've put some work into it, fixed some stuff, but it still needs a little bit more - I'll get to it soon (but probably not before next week)
-
Kev
Isn't it mostly that it's abandoned upstream?
-
nyco
so the intersection of people who have the knowledge, the time and the power to do badges is empty as well?
-
ralphm
I'd be ok with someone designing an official badge, and letting people use that when they feel like they should show it.
-
MattJ
Kev, I've forked the repo and am fixing stuff, so happy to be the new upstream
-
ralphm
I'd have to be convinced to have compliance testing itself be an XSF activity
-
MattJ
ralphm, +1
-
nyco
let's ask lead devs: if they were badges, would you use them?
-
MattJ
Yes, probably
-
Kev
I doubt it.
-
Ge0rG
ralphm: it would probably make sense to have badges according to the compliance suite blocks, i.e. "core|advanced" "web|im|mobile" "client|server"✎ -
Guus
Ralph, I think that making the tools to do the checking available, could be an XSF activity
-
ralphm
Ge0rG: sure
-
Ge0rG
ralphm: it would probably make sense to have badges according to the compliance suite blocks, i.e. "core|advanced" "web|im|mobile" "client|server" *2019* ✏
-
dwd
My advice to the Board would be: Make the badges, and if they're useless, drop them.
-
MattJ
Guus, no, the checking is next to impossible I'm afraid
-
Guus
But I'm not in favor of us doing the checking / publishing it, etc, other than to the extend what xmpp.net does for anyone that uses the tool.
-
Ge0rG
I'd use badges, except my client doesn't qualify because I don't consider Avatars a must-have.
-
ralphm
Guus: I think that building such tools is ambitious project
-
ralphm
an
-
MattJ
I stick to "impossible" :)
-
Ge0rG
large parts of CS can't be usefully tested automatically.
-
Guus
ralphm , I"m not saying 'build it'
-
Guus
I'm suggesting: host one, if someone builds it.
-
ralphm
MattJ: I'm a positive guy :-D
-
Ge0rG
But it would be awesome to have a client/server test suite that I could run my code against.
-
nyco
we can "test"/"validate" appetite for badges, with only a small prototype
-
MattJ
compliance.conversations.im is a good example. It's a great tool, but anyone could easily pass 100% by cheating
-
ralphm
Guus: oh, I mistook 'making' for 'building', then.
-
dwd
nyco, Right. You don't even need a checker. Maybe people won't take the piss.
-
ralphm
Let's do this, as dwd also mentioned, ask if someone would like to design such badges.
-
MattJ
+1
-
Ge0rG
I'd say developers should be allowed to use the badge on their own, with a way for users to complain and the XSF to revoke badges.
-
Seve
I'm not sure about this. Badges should be something you can trust. And nobody is going to endorse those, from what I understand.
-
Guus
but, to address dwd's suggestion: I don't see anything wrong with linking a set of badges to the compliance suite xeps
-
nyco
maybe we should not start with the design, which is costly
-
ralphm
Then, if we have such a person, they can work with Council regarding what they should include.
-
MattJ
nyco, it may be possible to find someone willing to donate time
-
ralphm
nyco: we've already have had the Suites themselves. I don't see people putting the text around their clients, so a badge is then what we can do. If we don't start with design, what then?
-
nyco
for example, instead instead of an automated testing system, we can start with a crowdsourced testing system
-
Ge0rG
yeah, we shouldn't start out with tasking a commercial designer, rather ask for volunteers
-
ralphm
nyco: while I am not against that idea, I don't think it should be an XSF activity.
-
ralphm
And I didn't mention paying for a design.
-
nyco
16:01
-
nyco
"costly" does not forcefully mean "money", can mean time, effort, delay...
- dwd is now in another meeting, and will catch up with Minutes later...
-
MattJ
If we don't have anyone in the community, there are people I'd be happy to reach out to
-
ralphm
So far I've seen two +1 (me and MattJ) and one +0 (Guus).
-
ralphm
What do we do?
-
Guus
for what: create a batch?
-
Ge0rG
I think the Board should decide whether such implementation badges should be hosted on xmpp.org or if they can be hosted by the respective implementations.
-
ralphm
Ge0rG: I'd be ok with hosting it themselves, and adding to our lists when they do
-
Ge0rG
And then whether Badges are assigned explicitly by the XSF, or whether implementations can claim a badge and we have a way to retract that.
-
Guus
ralphm, "adding to our lists" <-- what do you mean, exactly, with that?
-
ralphm
Ge0rG: I am not in favor of assigning them explicitly
-
MattJ
I'd like them to still be within the control of the XSF, and enforce some basic constraints on their use... like linking them to a specific place
-
ralphm
Guus: https://xmpp.org/software/
-
Ge0rG
Something like: "Developers are allowed to display the respective badge if they are in good belief that their implementation complies with the respective part of CS. This can be disputed by users, upon which the XSF may retract this right from a developer"
-
nyco
if Compliances Suites are a responsibility/duty of the XSF, I see badges as the same
-
ralphm
MattJ: like we had with Jabber Powered?
-
MattJ
Yes
-
Ge0rG
The list that contains Pidgin as an endorsed XMPP client.
-
MattJ
Yes
-
Guus
I'm not in favor of adding badges to our lists of software. I am +1 of having badges created that can be used freely by others.
-
ralphm
I like that
-
Ge0rG
Guus: "freely" is too free for me, personally.
-
Guus
Ge0rG we won't be able to enforce anything anyway
-
nyco
I'm gone, sorry
-
Guus
Thanks nyco
-
ralphm
Guus: my idea was that a project wants to, when they register their software, we could include a way to say if they want to carry the badge in their entry. It wouldn't be an endorsement.
-
Ge0rG
Guus: we will be if badges are only shown on the XSF pages ;)
-
Guus
badges can very easily be copied.
-
Ge0rG
Using a trademark on the badges will allow control over how they may be used.
-
ralphm
Guus: we would if the XSF retains the rights on the badge and have a policy.
-
Ge0rG
We don't need hundreds of pages of legalese for that.
-
Ge0rG
But e.g. the Bluetooth logo is managed in that way.
-
Guus
ralphm I'm pretty sure that people we don't want to use the badge, won't care about our policy.
-
Guus
They'd simply use it in their software / download page, whatever.
-
Kev
I think the XSF being in a position to revoke would be a painful thing for us.
-
Kev
We /know/ that people tend to ... exaggerate compliance with things.
-
Ge0rG
Kev: what's your alternative suggestion?
-
ralphm
Guus: let scorn be on them
-
Ge0rG
Guus: having the legal right to enforce doesn't mean making use of that right.
-
jonas’
don’t you lose trademark rights if you don’t enforce them?
-
Guus
ralphm exactly - which is why I'm fine with _having badges_ to be used by others. I'm against us assigning specific badges to specific projects though (on our site)
-
Kev
It does unless you want it to be useless.
-
Seve
I don't see the point of the badges if we cannot make people trust the badges.
-
Kev
If you want badges (and I'm not convinced they're adding any value at all, but whatever), I think the best you can hope for is the same as claiming compliance at the moment. It's a claim.
-
Ge0rG
I see the point, but there are really only three options here: 1. explicitly white-list badge-bearers (can be still worked around) 2. have a policy for self-assessment and retraction 3. allow everyone to claim everything and ignore violations
-
Seve
Unless the badges are just for guidance and we don't endorse it officially
-
ralphm
https://web.archive.org/web/20060307012614/http://jabberpowered.org:80/
-
Kev
But it's not clear to me what problem the badges are solving, either.
-
Guus
if someone wants to fly a banner, claiming compliancy with a certain XEP, I'd be OK for us to provide a uniform design to that. I want to prevent us from listing things as 'compliant' though.
-
ralphm
I suggest everybody here has a look at that, think about whether we want something like it for badges and continue this discussion next week.
-
ralphm
Guus: I can see that
-
Kev
Guus: Which is exactly the state at the moment with saying you support CS2018, I think.
-
Guus
before we hammer off - @jonas' had an AOB.
-
Guus
Kev, exactly, but with a fancy colorful badge.
-
Guus
(which might add a uniform way of recognizing things, at best)
-
jonas’
is this intended to have Approving Body Council? https://xmpp.org/extensions/xep-0381.html
-
jonas’
it doesn’t make sense to me, but maybe that’s just me
-
ralphm
3. AOB
-
Ge0rG
> and will not alter the official Logo in any way, including its size 🤔
-
ralphm
Ge0rG: we can modify all the terms, it just something we did before, and might be a good start for the rest of the discussion
-
Guus
@jonas' at first glance, I think you're right. Council does not approve SIGs.✎ -
Guus
jonas' at first glance, I think you're right. Council does not approve SIGs. ✏
-
ralphm
jonas’: agreed, Board should be the approving body
-
jonas’
suggestion: I change the approving body to board and re-issue the LC
-
ralphm
Given this has been in the queue for two years, I'm not sure if it still makes sense
-
Ge0rG
ralphm: I really like it
-
ralphm
jonas’: ok
-
jonas’
the LC might be a good way to figure it out -- and to move it to rejected if not needed.
-
ralphm
indeed
-
Guus
jonas’ : agreed.
-
ralphm
And whether its authors still want it
-
ralphm
Anything else?
-
ralphm
4. Date of Next
-
ralphm
+1W
-
ralphm
5. Close
-
ralphm
Thanks all!
-
Guus
do we need a formal third +1 for Jonas' question?
- ralphm bangs gavel
-
ralphm
Guus: I don't think so. Clearly a typo
-
Seve
Thank you very much everybody :)
-
ralphm
And we just missed it on our radar. Also nobody asked about it.
-
ralphm
set the topic to
XSF Discussion | Logs: http://logs.xmpp.org/xsf/ | Agenda https://trello.com/b/Dn6IQOu0/board-meetings
-
Guus
I don't think it works that way, even if it's a typo, but, fine. 🙂
-
ralphm
Guus: well, Council cannot approve SIGs
-
ralphm
so...
-
Guus
that's true
-
ralphm
So the logical conclusion is that we are the approving body
-
ralphm
It just popped up on the radar because Council has been listing all the open LCs
-
jonas’
s/Council/Editor/, but yeah
-
ralphm
I stand corrected
-
jonas’
need to re-issue them for this term
-
ralphm
aye
-
Guus
MattJ : thanks for taking over the upstream stuff for xmpp.net - would you mind putting it all in one place?
-
Guus
meaning: clone everything, even if you didn't modify it yet, in one account under either github or bitbucket (or whatever)?
-
Guus
It's somewhat confusing (to me) to figure out what part of the software lives where, and who's maintaining it. I'd love to have one account where this all is listed.
-
Guus
I'd not be against creating an xmpp.net github repo, just for this, outside of XSF control.
-
Guus
(my board hat was off, there)
-
Guus
Also, feel free to add me to any such org.
-
Ge0rG
I've heard there is an org called JabberSPAM now.
-
Ge0rG
Oh, I think that org would actually need an XSF seal of approval.
-
jonas’
JabberSPAM?
-
jonas’
certainly for TM use
-
Guus
We'll get you the T-Shirt, Ge0rG
-
Guus
when its approved, obviously.
-
ralphm
Ge0rG: can you send an email to Board about this?
-
jonas’
trademark@✎ -
ralphm
Because indeed, that might be a TM issue
-
ralphm
jonas’: that, too, yes
-
jonas’
trademark@jabber.org is the official address for TM issues AFAIK ✏
-
ralphm
jonas’: I also wanted Board, because Peter isn't our ED anymore, and I'm unsure who's handling this now
-
jonas’
I see
-
Ge0rG
We need to fix https://xmpp.org/about/xsf/jabber-trademark/license-decision-process.html then
-
ralphm
I'll include this in the chat with Peter
-
Ge0rG
ralphm: AFAIR, board@ is moderators-only
-
ralphm
Good point
-
Ge0rG
eh, members-only
-
Ge0rG
So there is no way to contact Board.
-
Ge0rG
ralphm: also mention his comment on https://github.com/xsf/xmpp.org/pull/200
-
ralphm
Just send it to that address and me. There's also info@xmpp.org, but that's probably also Peter, so we need to figure that out.
-
ralphm
Since he's still an officer of the corporation, I'm sure it is fine
-
Ge0rG
ralphm: sent to info@ and to you
-
lnj
Is here someone who could create me an account on the wiki?
-
Ge0rG
lnj: yeah
-
lnj
Ge0rG, Could you create one for me or how does that work?
-
Ge0rG
lnj: I need your email address and the desired CamelCase username.
-
Ge0rG
lnj: via PM is alright
-
lnj
... wait a sec .. need to start gajim for pms
-
Ge0rG
lnj: xmpp:georg@yax.im if that's better
-
Guus
assuming that your email address is the first thing that you'll post on the public wiki, maybe a PM isn't that important?
-
jonas’
Kev, nudge nudge https://github.com/xsf/xeps/pull/718
-
Kev
I don't think I was aware of that, let me mail myself.
-
Neustradamus
Jabberspam -> Safety Jabber, you can search on ML
-
Neustradamus
https://safetyjabber.com/ https://android.safetyjabber.com https://sj.ms/ https://safetyapps.zone/sjim.html http://safetyjabbercom.blogspot.com/ https://sjsoftwaredev.com/sj-im/ ...
-
Ge0rG
Neustradamus: I can't even...
-
ralphm
Uhm https://safetyjabber.com/trademarks.php
-
genofire
Neustradamus: Skype usw PGP ? 🤣
-
Ge0rG
ralphm: it's an interesting question whether you can enforce trademark on a substring.
-
ralphm
I'm sure that Cisco has ways
-
moparisthebest
Ge0rG, write a new RDBMS named SafetyOracleDatabase and let us know how it goes :)