-
Peter Waher
Anybody knows when the council meeting will start?
-
Peter Waher
confused about time zones and summer/winter time in different hemispheres
-
stpeter
Peter Waher: should be in ~30 minutes
-
Peter Waher
thanks
- stpeter is on a conference call but should be done by then
-
Kev
Trying to review protoXEPs while exhausted is almost more fun than I can describe :)
-
Tobias
why did we get rid of pipelining for BOSH?
-
fippo
kev: get over to paris and listen to people talking about RCS and IMS!
-
Kev
AIUI, because no-one did it and it's not legal.
-
Kev
fippo: Revision Control System? :)
-
fippo
rich communication suite
-
Kev
I like mine better.
-
Tobias
Kev, pidgin did it at one point, if darkrain didn't remove it....will ask him about that :)
-
Kev
I think I need to review colibri some time that's not now.
-
Tobias
quite a big agenda this tiem✎ -
Tobias
quite a big agenda this time ✏
-
Tobias
Kev, will there be a LMC update?
-
Dave Cridland
Kev, Pipelining POST, you mean? That's a SHOULD NOT in the spec, and we had reasons aplenty - I don't think we were breaking the spec with that.
-
winfried
@Tobias: BOSH makes POST requests and you may not pipeline POST
-
Tobias
winfried, ah..okay
-
Kev
Dave Cridland: Ignoring a SHOULD NOT /is/ breaking the spec, IMHO.
-
Tobias
wasn't always a should not, at least not in the BOSH spec...but don't know for sure...i implemented it eons ago
-
Kev
No, we used to say in bosh that you should.
-
stpeter
'tis time?
-
Tobias
hammer time
-
Kev
'tis time.
-
Kev
1) Roll call.
-
Dave Cridland
Kev, Well, *ignoring* is not the same as acknowledging but doing it anyway. The rule is there for good reason - start pipelining POSTs at something that's not expecting it and all manner of things can go boom. But between consenting adults it's fine.
-
Lance
here
-
Tobias
hereo
-
Kev
fippo was in doubt.
-
Kev
Matt sends apologies.
-
Kev
fippo: You here?
-
stpeter
fippo is in Paris for WebRTC stuff right now, no?
-
Kev
stpeter: Yes, he didn't know if he'd be Councilling.
-
Kev
When I spoke to him earlier.
-
Kev
But he doesn't seem to be here.
-
Kev
2) EventLogging http://xmpp.org/extensions/inbox/eventlogging.html
-
Kev
There's been some amount of confusion over there. I'm not opposing objecting.
-
Kev
Uhm.
-
Kev
Not opposing *publishing*.
-
Lance
+1 for going experimental
-
Tobias
what's the expected locale if the XEP says one shouldn't localize?
-
Tobias
regardless of that i'm +1 for experimental
-
Kev
Tobias: Then I suggest asking on list :)
-
Kev
3) http://xmpp.org/extensions/diff/api/xep/0124/diff/1.11rc1/vs/1.11rc2 http://xmpp.org/extensions/diff/api/xep/0124/diff/1.10/vs/1.11rc2 With changes since last meeting.
-
fippo
kev: here, but not physically. will vote on list :-/
-
Kev
I'm +1 on this.
-
Kev
fippo: Thanks.
-
Lance
+1 on the changes
-
Tobias
+1 on XEP-0124
-
Kev
4) http://xmpp.org/extensions/diff/api/xep/0156/diff/1.1rc1/vs/1.1rc2 Changes since last meeting.
-
Kev
I'm +1 here too.
-
Lance
We do still need a legend/explanation from m&m for the chart though in 124
-
Lance
+1 on 156
-
stpeter
are some patches still missing / issues not addressed for BOSH specs? Winfried's message suggested so
-
Peter Waher
Tobias: Sorry, all very quick... What do you mean with "what's the expected locale if the XEP says one shouldn't localize"?
- stpeter is still on his conference call
-
Tobias
wonder why XEP-0156 defaults to unsecure HTTP and unsecure DNS for retrieval of connection methods
-
Tobias
Peter Waher, it says you shouldn't localized messages, does that mean that all are supposed to be in english? or in the language of the original software but never translated? or what exactly?
-
Kev
Tobias / Peter Waher: If this isn't blocking publication, I suggest we take it to the list to move things along.
-
Tobias
wouldn't it be sensible to expect lookup of those via HTTPS/DNSSEC if possible?
-
Peter Waher
you can localize messages. What you shouldn't do is localize event IDs, for instance
-
Peter Waher
"event IDs should never be localized"
-
Peter Waher
"tag names should never be localized"
-
Tobias
+1 on 156, will disuss it with lance later, if he wants
-
Peter Waher
everything else can be localized
-
Kev
Thanks.
-
stpeter
Tobias: yes, it would, but the security considerations say: Entities that use these connection methods need to ensure that they conform to the security considerations of each method (e.g., by preferring to use 'https' or 'wss' URLs that are protected using Transport Layer Security).
-
Lance
Tobias: k
-
Kev
5) http://xmpp.org/extensions/inbox/jingle-grouping.html
-
Tobias
+1
-
Lance
+1
-
Kev
I'm -1 on this.
-
Tobias
Kev, why?
-
Kev
But only because we cannot take RFC content and include it in XEPs.
-
Kev
See the recent discussion on w3c examples in XEPs.
-
fippo
kev: thanks, I was in doubt about that
-
stpeter
you mean "a=group:LS voice webcam"?
-
Kev
fippo: XEP submission is copyright assignment. You can't copyright assign an RFC to the XSF, so ...
-
Kev
stpeter: Yes, so it's trivial to fix.
-
Kev
But it says at the bottom that it's doing it, so we should fix it.
-
fippo
kev: will do.
-
Kev
fippo: Ta. You can tell what I'm going to say about a later submission too :)
-
Kev
6) http://xmpp.org/extensions/inbox/peptzo.html
-
Kev
This looked fine to me.
-
Lance
There was discussion on list that this should be a change to XEP-0080 GeoLoc instead
-
Tobias
+1 on peptzo
-
stpeter
I don't see ""a=group:LS voice webcam" in RFC 5888
-
Lance
Does council think updating 80 is a better approach?
-
Kev
Yeah. I didn't really think that was conclusive, but I'm happy for you to retract this instead if you like :)
-
Kev
Lance: I've not formed an opinion yet.
-
Kev
Shall we put this onto the next meeting agenda?
-
Lance
Yeah, so a -1 from me today
-
fippo
stpeter: I think i adapted to 0167 already... but need to check again
-
Kev
OK.
-
Kev
7) http://xmpp.org/extensions/inbox/colibri.html
-
Kev
I have to vote on this one on-list, I don't have the cycles to review it today.
-
Tobias
will vote on list for this one
-
Kev
s/don't/didn't/
-
Lance
i'm +1 for exerimental
-
Kev
Ta.
-
Kev
8) http://xmpp.org/extensions/inbox/jingle-sources.html
-
Kev
I'm -1 just for the RFC examples reason, again.
-
Tobias
here i was surprised by the urnietf:rfc:5576✎ -
Tobias
here i was surprised by the urn:ietf:rfc:5576 ✏
-
Tobias
does that have to be registered somwhere?
-
stpeter
Tobias: we already do urn:ietf:rfc:3264
-
Tobias
stpeter, ahh..ok. didn't know about that
-
Lance
+1 once the rfc legal stuff is resolved
-
Tobias
same as lance...+1 then
-
stpeter
Tobias: http://tools.ietf.org/html/rfc2648
-
Kev
9) Board requests for liaisons.
-
fippo
tobias: rfc 2648 defines that
-
stpeter
yes
-
Kev
bear / stpeter: This one's for one of you.
-
stpeter
I have been in communication with the UPnP Forum about a liaison relationship
-
stpeter
their spec-in-progress references the core XMPP stuff as well as various pubsub-related specifications
-
stpeter
they *might* also hope for some input regarding Jingle
-
stpeter
that's less clear right now
-
stpeter
I can work with the Council regarding a call for volunteers
-
Kev
stpeter: How many people in this liason? One or more?
-
stpeter
can be more than one
-
Kev
And does this happen in public or private?
-
stpeter
in this case, I might say "should be more than one"
-
stpeter
this work happens within the UPnP Forum, and their work is not public -- they have a working group made up up UPnP members and invited "observers" (which would include the people we name)
-
stpeter
I think it would be best for now if we name only XSF members, too
-
stpeter
not just general people we find on the street :-)
-
Tobias
heh
-
stpeter
i.e., we are treating this liaison group as a "Work Team" per http://xmpp.org/about-xmpp/xsf/xsf-bylaws/
-
stpeter
I think that I can send a PDF of the proposed liaison agreement to the membership
-
Kev
I'd be inclined to say that it'd be sensible to try to have someone from Council, and someone not.
-
stpeter
I will check on that
-
Kev
But let's ask for volunteers and see what happens.
-
stpeter
Kev: sure
-
Kev
So, date of next?
-
Peter Waher
and dynamic forms?
-
stpeter
Kev: IMHO the process is, Council asks for volunteers, chooses the liaison team, and proposes it to the Board for approval
-
Kev
stpeter: Right.
-
stpeter
(keeping in mind that we're going to have liaison relationships with UPnP Forum, ISO, and IEC by the looks of it, so we can't burden the same people with all the work IMHO)
-
Kev
Peter Waher: Has been covered in previous meetings, no objections.
-
Kev
stpeter: Yes.
-
Kev
So, date of next?
-
Peter Waher
(y)
-
Lance
next week, usual time is good for me
-
Kev
I'm inclined at this point to suggest we go for the new year, but we can do next week if people like.
-
Kev
Yeah, ok, let's do that.
-
Kev
Any other business?
-
stpeter
WFM
-
Tobias
Kev, next week wfm
-
stpeter
no AOB here
-
Peter Waher
so both can have numbers and be published as experimental?
-
Kev
Excellent.
-
stpeter
Peter Waher: I think so
-
Peter Waher
excellent :)
-
Peter Waher
thanks
-
Kev
Peter Waher: Need the two people not present to express an opinion for logging.
-
stpeter
my other conf call just finished (went 30 minutes over), sorry about the divided attention
-
Kev
Right, we're done.
-
Kev
Thanks all!
- Kev bangs the gavel.
-
Tobias
thank you
-
stpeter
thanks, Kev!
-
Lance
Tobias: what was the issue you had with 156?
-
stpeter
Lance: that it should be done over HTTPS or DNSSEC if possible
-
stpeter
I think the security considerations talk about that, but perhaps not strongly enough for his taste
-
Tobias
stpeter, i think they basically say that if you originally intended to do a secure connection you should also only choose secure alternative methods
-
Tobias
but i doesn't say, at least i haven't read it that way, that you should use secure methods to discover the alternative methods
-
stpeter
Tobias: that does make some sense
-
Tobias
i mean sure, DNSSEC isn't here....but HTTPS has some availability ^^
-
stpeter
"Entities that use these connection methods need to ensure that they conform to the security considerations of each method (e.g., by preferring to use 'https' or 'wss' URLs that are protected using Transport Layer Security)."
-
stpeter
that could be worded more strongly
-
Tobias
stpeter, that still only talks about the choice among the provided methods, right?
-
Dave Cridland
Tobias, You're talking about using https to do the XEP-0156 discovery, right?
-
Tobias
right
-
Dave Cridland
Tobias, Not merely using https for BOSH.
-
Tobias
requesting the json file via HTTPS
-
Tobias
or requesting that TXT record via DNSSEC
-
stpeter
Tobias: yes, agreed
-
Lance
ah, right. yeah, adding a sentence for that should be done
-
Lance
technically that should bubble up from RFC 6415 for the host-meta stuff
-
stpeter
Lance: right, let's check what the RFCs say for sure
-
Lance
stpeter: 6415 says if authentication is necessary for what's in the host-meta file, HTTPS only MUST be used
-
Tobias
"Applications utilizing the host-meta document where the authenticity of the information is necessary MUST require the use of the HTTPS protocol and MUST NOT produce a host-meta document using other means. In addition, such applications MUST require that any redirection leading to the retrieval of a host-meta document also utilize the HTTPS protocol." they have this in their sec. considerations
-
Tobias
but it wouldn't hurt to also mention it in the XEP, and that way we can add DNSSEC to it too
-
Lance
Tobias +1
-
stpeter
Tobias: agreed, thanks for pressing the issue
-
fippo
stpeter: "no burden the same people" means you cant be on it :-)