XMPP Council - 2013-12-11

  1. jabberjocke has joined

  2. tato has left

  3. stpeter has left

  4. stpeter has joined

  5. stpeter has left

  6. Zash has joined

  7. tato has joined

  8. jabberjocke has left

  9. stpeter has joined

  10. stpeter has left

  11. Tobias has left

  12. tato has left

  13. Kev has joined

  14. Kev has left

  15. bear has left

  16. Lance has joined

  17. Kev has joined

  18. Kev has left

  19. Kev has joined

  20. Zash has joined

  21. Lance has joined

  22. Tobias has left

  23. Kev has left

  24. Lance has joined

  25. Tobias has joined

  26. Lance has joined

  27. Lance has joined

  28. Tobias has left

  29. Tobias has joined

  30. Lance has joined

  31. jabberjocke has joined

  32. stpeter has joined

  33. Zash has left

  34. stpeter has left

  35. Peter Waher has joined

  36. stpeter has joined

  37. jabberjocke has left

  38. Kev has joined

  39. winfried has joined

  40. Peter Waher

    Anybody knows when the council meeting will start?

  41. Peter Waher

    confused about time zones and summer/winter time in different hemispheres

  42. stpeter

    Peter Waher: should be in ~30 minutes

  43. Peter Waher


  44. stpeter is on a conference call but should be done by then

  45. Dave Cridland has joined

  46. bear has joined

  47. Kev

    Trying to review protoXEPs while exhausted is almost more fun than I can describe :)

  48. Tobias

    why did we get rid of pipelining for BOSH?

  49. fippo

    kev: get over to paris and listen to people talking about RCS and IMS!

  50. Kev

    AIUI, because no-one did it and it's not legal.

  51. Kev

    fippo: Revision Control System? :)

  52. fippo

    rich communication suite

  53. Kev

    I like mine better.

  54. Tobias

    Kev, pidgin did it at one point, if darkrain didn't remove it....will ask him about that :)

  55. Kev

    I think I need to review colibri some time that's not now.

  56. Tobias

    quite a big agenda this tiem

  57. Tobias

    quite a big agenda this time

  58. Tobias

    Kev, will there be a LMC update?

  59. Dave Cridland

    Kev, Pipelining POST, you mean? That's a SHOULD NOT in the spec, and we had reasons aplenty - I don't think we were breaking the spec with that.

  60. winfried

    @Tobias: BOSH makes POST requests and you may not pipeline POST

  61. Tobias

    winfried, ah..okay

  62. Kev

    Dave Cridland: Ignoring a SHOULD NOT /is/ breaking the spec, IMHO.

  63. Tobias

    wasn't always a should not, at least not in the BOSH spec...but don't know for sure...i implemented it eons ago

  64. Kev

    No, we used to say in bosh that you should.

  65. stpeter

    'tis time?

  66. Tobias

    hammer time

  67. Kev

    'tis time.

  68. Kev

    1) Roll call.

  69. Dave Cridland

    Kev, Well, *ignoring* is not the same as acknowledging but doing it anyway. The rule is there for good reason - start pipelining POSTs at something that's not expecting it and all manner of things can go boom. But between consenting adults it's fine.

  70. Lance


  71. Tobias


  72. Kev

    fippo was in doubt.

  73. Kev

    Matt sends apologies.

  74. Kev

    fippo: You here?

  75. stpeter

    fippo is in Paris for WebRTC stuff right now, no?

  76. Kev

    stpeter: Yes, he didn't know if he'd be Councilling.

  77. Kev

    When I spoke to him earlier.

  78. Kev

    But he doesn't seem to be here.

  79. Kev

    2) EventLogging http://xmpp.org/extensions/inbox/eventlogging.html

  80. Kev

    There's been some amount of confusion over there. I'm not opposing objecting.

  81. Kev


  82. Kev

    Not opposing *publishing*.

  83. Lance

    +1 for going experimental

  84. Tobias

    what's the expected locale if the XEP says one shouldn't localize?

  85. Tobias

    regardless of that i'm +1 for experimental

  86. Kev

    Tobias: Then I suggest asking on list :)

  87. Kev

    3) http://xmpp.org/extensions/diff/api/xep/0124/diff/1.11rc1/vs/1.11rc2 http://xmpp.org/extensions/diff/api/xep/0124/diff/1.10/vs/1.11rc2 With changes since last meeting.

  88. fippo

    kev: here, but not physically. will vote on list :-/

  89. Kev

    I'm +1 on this.

  90. Kev

    fippo: Thanks.

  91. Lance

    +1 on the changes

  92. Tobias

    +1 on XEP-0124

  93. Kev

    4) http://xmpp.org/extensions/diff/api/xep/0156/diff/1.1rc1/vs/1.1rc2 Changes since last meeting.

  94. Kev

    I'm +1 here too.

  95. Lance

    We do still need a legend/explanation from m&m for the chart though in 124

  96. Lance

    +1 on 156

  97. stpeter

    are some patches still missing / issues not addressed for BOSH specs? Winfried's message suggested so

  98. Peter Waher

    Tobias: Sorry, all very quick... What do you mean with "what's the expected locale if the XEP says one shouldn't localize"?

  99. stpeter is still on his conference call

  100. Tobias

    wonder why XEP-0156 defaults to unsecure HTTP and unsecure DNS for retrieval of connection methods

  101. Tobias

    Peter Waher, it says you shouldn't localized messages, does that mean that all are supposed to be in english? or in the language of the original software but never translated? or what exactly?

  102. Kev

    Tobias / Peter Waher: If this isn't blocking publication, I suggest we take it to the list to move things along.

  103. Tobias

    wouldn't it be sensible to expect lookup of those via HTTPS/DNSSEC if possible?

  104. Peter Waher

    you can localize messages. What you shouldn't do is localize event IDs, for instance

  105. Peter Waher

    "event IDs should never be localized"

  106. Peter Waher

    "tag names should never be localized"

  107. Tobias

    +1 on 156, will disuss it with lance later, if he wants

  108. Peter Waher

    everything else can be localized

  109. Kev


  110. stpeter

    Tobias: yes, it would, but the security considerations say: Entities that use these connection methods need to ensure that they conform to the security considerations of each method (e.g., by preferring to use 'https' or 'wss' URLs that are protected using Transport Layer Security).

  111. Lance

    Tobias: k

  112. Kev

    5) http://xmpp.org/extensions/inbox/jingle-grouping.html

  113. Tobias


  114. Lance


  115. Kev

    I'm -1 on this.

  116. Tobias

    Kev, why?

  117. Kev

    But only because we cannot take RFC content and include it in XEPs.

  118. Kev

    See the recent discussion on w3c examples in XEPs.

  119. fippo

    kev: thanks, I was in doubt about that

  120. stpeter

    you mean "a=group:LS voice webcam"?

  121. Kev

    fippo: XEP submission is copyright assignment. You can't copyright assign an RFC to the XSF, so ...

  122. Kev

    stpeter: Yes, so it's trivial to fix.

  123. Kev

    But it says at the bottom that it's doing it, so we should fix it.

  124. fippo

    kev: will do.

  125. Kev

    fippo: Ta. You can tell what I'm going to say about a later submission too :)

  126. Kev

    6) http://xmpp.org/extensions/inbox/peptzo.html

  127. Kev

    This looked fine to me.

  128. Lance

    There was discussion on list that this should be a change to XEP-0080 GeoLoc instead

  129. Tobias

    +1 on peptzo

  130. m&m has joined

  131. stpeter

    I don't see ""a=group:LS voice webcam" in RFC 5888

  132. Lance

    Does council think updating 80 is a better approach?

  133. Kev

    Yeah. I didn't really think that was conclusive, but I'm happy for you to retract this instead if you like :)

  134. Kev

    Lance: I've not formed an opinion yet.

  135. Kev

    Shall we put this onto the next meeting agenda?

  136. Lance

    Yeah, so a -1 from me today

  137. fippo

    stpeter: I think i adapted to 0167 already... but need to check again

  138. Kev


  139. Kev

    7) http://xmpp.org/extensions/inbox/colibri.html

  140. Kev

    I have to vote on this one on-list, I don't have the cycles to review it today.

  141. Tobias

    will vote on list for this one

  142. Kev


  143. Lance

    i'm +1 for exerimental

  144. Kev


  145. Kev

    8) http://xmpp.org/extensions/inbox/jingle-sources.html

  146. Kev

    I'm -1 just for the RFC examples reason, again.

  147. Tobias

    here i was surprised by the urnietf:rfc:5576

  148. Tobias

    here i was surprised by the urn:ietf:rfc:5576

  149. Tobias

    does that have to be registered somwhere?

  150. stpeter

    Tobias: we already do urn:ietf:rfc:3264

  151. Tobias

    stpeter, ahh..ok. didn't know about that

  152. Lance

    +1 once the rfc legal stuff is resolved

  153. Tobias

    same as lance...+1 then

  154. stpeter

    Tobias: http://tools.ietf.org/html/rfc2648

  155. Kev

    9) Board requests for liaisons.

  156. fippo

    tobias: rfc 2648 defines that

  157. stpeter


  158. Kev

    bear / stpeter: This one's for one of you.

  159. stpeter

    I have been in communication with the UPnP Forum about a liaison relationship

  160. stpeter

    their spec-in-progress references the core XMPP stuff as well as various pubsub-related specifications

  161. stpeter

    they *might* also hope for some input regarding Jingle

  162. stpeter

    that's less clear right now

  163. stpeter

    I can work with the Council regarding a call for volunteers

  164. Kev

    stpeter: How many people in this liason? One or more?

  165. stpeter

    can be more than one

  166. Kev

    And does this happen in public or private?

  167. stpeter

    in this case, I might say "should be more than one"

  168. stpeter

    this work happens within the UPnP Forum, and their work is not public -- they have a working group made up up UPnP members and invited "observers" (which would include the people we name)

  169. stpeter

    I think it would be best for now if we name only XSF members, too

  170. stpeter

    not just general people we find on the street :-)

  171. Tobias


  172. stpeter

    i.e., we are treating this liaison group as a "Work Team" per http://xmpp.org/about-xmpp/xsf/xsf-bylaws/

  173. stpeter

    I think that I can send a PDF of the proposed liaison agreement to the membership

  174. Kev

    I'd be inclined to say that it'd be sensible to try to have someone from Council, and someone not.

  175. stpeter

    I will check on that

  176. Kev

    But let's ask for volunteers and see what happens.

  177. stpeter

    Kev: sure

  178. Kev

    So, date of next?

  179. Peter Waher

    and dynamic forms?

  180. stpeter

    Kev: IMHO the process is, Council asks for volunteers, chooses the liaison team, and proposes it to the Board for approval

  181. Kev

    stpeter: Right.

  182. stpeter

    (keeping in mind that we're going to have liaison relationships with UPnP Forum, ISO, and IEC by the looks of it, so we can't burden the same people with all the work IMHO)

  183. Kev

    Peter Waher: Has been covered in previous meetings, no objections.

  184. Kev

    stpeter: Yes.

  185. Kev

    So, date of next?

  186. Peter Waher


  187. Lance

    next week, usual time is good for me

  188. Kev

    I'm inclined at this point to suggest we go for the new year, but we can do next week if people like.

  189. Kev

    Yeah, ok, let's do that.

  190. Kev

    Any other business?

  191. stpeter


  192. Tobias

    Kev, next week wfm

  193. stpeter

    no AOB here

  194. Peter Waher

    so both can have numbers and be published as experimental?

  195. Kev


  196. stpeter

    Peter Waher: I think so

  197. Peter Waher

    excellent :)

  198. Peter Waher


  199. Kev

    Peter Waher: Need the two people not present to express an opinion for logging.

  200. stpeter

    my other conf call just finished (went 30 minutes over), sorry about the divided attention

  201. Kev

    Right, we're done.

  202. Kev

    Thanks all!

  203. Kev bangs the gavel.

  204. Tobias

    thank you

  205. stpeter

    thanks, Kev!

  206. Peter Waher has left

  207. Lance

    Tobias: what was the issue you had with 156?

  208. Peter Waher has joined

  209. stpeter

    Lance: that it should be done over HTTPS or DNSSEC if possible

  210. stpeter

    I think the security considerations talk about that, but perhaps not strongly enough for his taste

  211. Tobias

    stpeter, i think they basically say that if you originally intended to do a secure connection you should also only choose secure alternative methods

  212. Tobias

    but i doesn't say, at least i haven't read it that way, that you should use secure methods to discover the alternative methods

  213. stpeter

    Tobias: that does make some sense

  214. Tobias

    i mean sure, DNSSEC isn't here....but HTTPS has some availability ^^

  215. stpeter

    "Entities that use these connection methods need to ensure that they conform to the security considerations of each method (e.g., by preferring to use 'https' or 'wss' URLs that are protected using Transport Layer Security)."

  216. stpeter

    that could be worded more strongly

  217. Tobias

    stpeter, that still only talks about the choice among the provided methods, right?

  218. Dave Cridland

    Tobias, You're talking about using https to do the XEP-0156 discovery, right?

  219. Tobias


  220. Dave Cridland

    Tobias, Not merely using https for BOSH.

  221. Tobias

    requesting the json file via HTTPS

  222. Tobias

    or requesting that TXT record via DNSSEC

  223. stpeter

    Tobias: yes, agreed

  224. Lance

    ah, right. yeah, adding a sentence for that should be done

  225. Lance

    technically that should bubble up from RFC 6415 for the host-meta stuff

  226. stpeter

    Lance: right, let's check what the RFCs say for sure

  227. Lance

    stpeter: 6415 says if authentication is necessary for what's in the host-meta file, HTTPS only MUST be used

  228. Tobias

    "Applications utilizing the host-meta document where the authenticity of the information is necessary MUST require the use of the HTTPS protocol and MUST NOT produce a host-meta document using other means. In addition, such applications MUST require that any redirection leading to the retrieval of a host-meta document also utilize the HTTPS protocol." they have this in their sec. considerations

  229. Tobias

    but it wouldn't hurt to also mention it in the XEP, and that way we can add DNSSEC to it too

  230. Lance

    Tobias +1

  231. stpeter

    Tobias: agreed, thanks for pressing the issue

  232. Peter Waher has left

  233. m&m has left

  234. MattJ has joined

  235. Zash has joined

  236. Kev has left

  237. Lance has joined

  238. winfried has left

  239. Lance has joined

  240. Tobias has left

  241. Tobias has joined

  242. Dave Cridland has left

  243. stpeter has left

  244. Dave Cridland has joined

  245. Neustradamus has left

  246. Lance has joined

  247. Neustradamus has joined

  248. Lance has joined

  249. Neustradamus has left

  250. Lance has joined

  251. Dave Cridland has left

  252. stpeter has joined

  253. Lance has joined

  254. stpeter has left

  255. fippo

    stpeter: "no burden the same people" means you cant be on it :-)

  256. Zash has left

  257. Zash has joined

  258. Zash has left