Kev_There we go. For some reason I can't join with my usual account.
Kev_I repeat my question that didn't get through six hours ago - do we have agendums? :)
dwdHello, and no. But I don't think we have any agendums not to have.
ZashKev_: I think your servers cert expired, but that might be unrelated
Kev_The account that can't join is isode.com's - I think you mean doomsong's expired?
ZashKev_: Correct
Kev_'tis time?
dwdTis indeed.
dwd1) Roll Call
dwdGe0rG, Link Mauve jonas’ ?
Kev_Bacon
jonas’.
dwdDefintely a bacon day for me, as well.
jonas’tomorrow is bacon day
Link MauveHi, I’m here.
Kev_And I'm sorry for so much absense recently, life has been ... busy.
dwdKev_, Brown sauce?
Kev_Only if you're broken.
Kev_Ketchup all the way.
Kev_Stokes, if I get the choice.
dwdKev_, Philistine.
dwdOK, assuming a lack of Ge0rG.
dwd2) Agenda Bashing
dwdI'm blissfully unaware of anything requiring a vote.
dwdBut that is in part because of Stuff Happening, which means I've not really had the time or head-space to go look.
Ge0rGhas joined
Ge0rGHi
jonas’dwd, I’m not aware of anything either
dwdAwesome.
dwd3) Matter for a vote [Nothing]
dwd4) Outstanding Votes
dwdI think everyone's got some.
Kev_I'd like to gently encourage people to let that 308 PR through, given I think we've more or less got agreement that it's what the XEP intended to say, and future changes don't need to be blocked on this.
Kev_I think I've got nothing outstanding, and went through everything not-expired the other day, but I could be wrong.
Ge0rGI'd like to hear more voices on 0308 from Council
Link MauveI’m changing my vote on this one to +1, on the basis that once we reach the MAM companion table we discussed at the Summit, every correction does indeed pertain to the original message and not to a following correction.
dwdKev_, Did you vote on 412, ATT, and 308? If so I missed these.
jonas’I need to dig through the huge amount of emails you folks wrote on that. I read many of them, but I still don’t fully get the consequences of either choice
jonas’but I think there was nothing in it which’d change my +1
Kev_dwd: I did, yes. I -0d 412, -1d ATT (with justification) and +1d 308.
jonas’(the +1 I gave last week already)
dwdAh, yes, I see the email now, Kev_
Ge0rGKev_: do you have a solution for correction receipts already?
Kev_On the topic of 412, I'd quite like a serious discussion about the proposal I made yesterday, long before the next year's suite comes into being - maybe an agendum for next week?
dwdKev_, SOunds good.
dwdI'll move on for now.
dwd5) AOB
Ge0rGyes, please put that on the Agenda
jonas’AOB
jonas’the ominous "things" I’ve been working on go better than I expected them to go, so here’s a glimpse
Kev_Ge0rG: I'm happy to put some text in there about content vs ephemeral stuff, with the example of receipts, such that you don't put a receipt on for replacing the original, but for a receipt of the correction itself. Which I think addresses everything.
Ge0rGAOB: correction receipts
jonas’https://sotecware.net/files/noindex/xeptest/xep-0030.html (note that this is not pointing to xmpp.org)
jonas’after being a little underwhelmed with the readability of our documents on mobile this morning I thought I’d give this a shot
jonas’this is massively WIP
jonas’and I found scray^Wwonderful things when looking into the XSL
jonas’(and I found scrary^Wwonderful things when looking into the XSL)
Ge0rGKev_: will it also address MAM IDs?
Ge0rGKev_: and the fact that the most delayed correction "wins"?
dwdOh, crap. One thing at a time, please.
jonas’I guess Ge0rG was delayed and so we ran into a race condition
Kev_Ge0rG: I think so (MAM). I propose you give a tentative +0 or +1 to the PR, with the proviso that it not be merged until a subsequent PR doing receipt etc. stuff is written. For missing corrections, you can't avoid that, I think, if you allow multi-client edits simultaneously.
dwdGe0rG, Kev_ : Delighted to have a conversation about general 308 improvements, but perhaps taken offline? I don't think it's a Council matter (beyond acknowledging they're coming and approving them when they do)
Kev_jonas’: What would you like discussed on this?
jonas’Kev_, I’m just throwing this in here, and I probably could’ve done this right after End-Of-Meeting
Ge0rGdwd: I wanted to hear Council voices in context of the list discussion of 0308 and data vs meta data
Kev_In that case, I'm supportive of better stylesheets. ALthough not entirely sold on this one yet :)
dwdjonas’, I think giving our XEP rendering a massive overhaul is a good thing, and thoroughly support it. I think you should come up with a proposal with Editor hat on, and run it past members, Council, and probably approval by Board.
jonas’dwd, that sounds like a reasonable course of action
Kev_I'm not sure that's even needed, I think Editors could probably come up with something themselves.
Kev_Discussion is sensible, but I don't see any reason it should need Board approval.
dwdI'm not sure it does, but the decision on whether it needs Board approval probably rests with Board, so...
dwdOK.
Kev_Nothing in our bylaws suggests that Board owns the styling of the XEP series.
dwdKev_, No, but nothing in our bylaws suggests anything about the styling of the XEP series.
Kev_(Although removing idiot Editors does like with Board, IIRC)
dwdIn any case, the decision on styling doesn't rest with Council, for sure. :-)
dwdNext: 308 strategy.
Ge0rG+1 to jonas’ for picking up the ball on CSS
Ge0rGis heavily delayed today
Ge0rG(sorry to everyone)
Ge0rG308 strategy: I've written a very very long mail to standards@ outlinig why I think that correction of correction is superior to multiple competing corrections to one original.
dwdThe more I've looked into '308, the more I think this is a bit of a storm in a teacup. A strict interpretation of the rules is pretty difficult, but modulo which message you correct for multiple corrections, I don't think there's much conflict in interop terms, is there?
dwdGe0rG, I read your message. Not sure I agree - when correcting a message which you don't have twice, you'll still correct the same message either way.
dwdGe0rG, There's an interesting point over whether a correction of a correction means the original correction (eek) is formally superceded, but I think we're deep into philosophical questions.
Ge0rGdwd: yes. the point is rather about making a sequence of edits from different devices that get reordered
Kev_I suggest we just implement vector clocks for 308 and be done with it.
dwdGe0rG, "Doctor, it hurts when I..."?
Ge0rGdwd: I'd like to get philosophy out of the way and make the XEP explain the right way to do it, whatever we as Council decide is more right.
dwdKev_, That is, in effect, what correcting-the-correction does. But again, I'm nto sure it matters in any practical sense.
Ge0rGif my arguments are considered as unconvincing, and we have wording in the XEP that excludes MAM IDs and receipts from the "all child elements" initial rationale, I'll change to -0
dwdGe0rG, I'm happy for such clarifications to appear as a new PR, personally. I don't think they alter the need for clarification.
Ge0rGwe could also move forward with a spec that supports both ways.
Kev_I'm convinced that there are race conditions if you edit the same message from multiple devices at once, irrespective of whether you multi-correct one id, or correct a stream of ids.
Kev_So I think really that's a not entirely unrelated issue, but also not a core issue.
Ge0rGKev_: yes, but which ID you correct influences how the race condition is resolved
Kev_Plus, some amount of Dave's "Doctor it hurts when..." does apply.
Kev_Given we've got three +1s now, I'd go with the compromise of a -0 from Ge0rG in exchange for the MAM ID/Receipt thing, which I'm willing to write.
dwdCool.
dwdAny Other AOB?
Ge0rGAcceptable.
Ge0rGThus I Formally Change My Vote on the 0308 PR to -0.
Kev_Ta. Editor please don't merge it until my follow-up PR is in, to avoid two version pushes :)
Kev_Well, actually, I don't care, but it'd be more seemly to do it that way.
Ge0rG(it also looks like we lost two council members)
Ge0rGKev_: we will have to vote on the new PR anyway?
Kev_I'll try to do various other editorial text cleanups at the same time.
dwdGe0rG, Attrition via detail.
Kev_Ge0rG: Yes.
dwd6) Next Meeting
dwdNext week, same time?
jonas’I’m still heer
Ge0rG+1W WFM
jonas’I’m still here
jonas’+1 wfm
dwd7) Ite Meeting Est
dwdThanks all.
Kev_SBTSBC should work for me, as long as I don't decide to retire so I can spend 6 months constantly playing the Borderlands remaster :)
Ge0rGKev_: would you also volunteer to remove the full-JID-must-match rule out of 0308?
Ge0rGAh, the good old times of Borderlands coop.
Kev_Can we have a distinct discussion on that one, please?
dwdWHat, on Borderlands?
Kev_Yes. BL1 was awesome and we should have it as AOB.
Kev_Or even ALB (all the business)
Ge0rG+1
dwdI'd be generally up for a suggestion that Council Meetings should occur on Borderlands.
Ge0rGclaptrap will agree.
Kev_This ATT thing seems to be heavily broken to me. Not just a little bit, but completely.
Ge0rGI think it's not broken per se, it is merely operating under the constraints that were set up by the broken OMEMO
Kev_Unless I completely don't understand it, it treats a web of trust as completely flat.
ZashBrokenness all the way down
Kev_Ge0rG: I might be misreading it, but as far as I can see, a revoked device will be re-added across the tree again automatically.
Ge0rGKev_: it does. That can be fixed by requiring auth messages to be either from your own JID or from the JID that is authenticated (and obviously to cross-check the signing identity with those JIDs)
Kev_And the idea that I know that Dave's device belongs to Dave being enough for Dave to be able to authenticate Cath's devices is bizzarre.
Ge0rGKev_: good point. I was going to complain about a single auth operation merging two meshes into one, and the revocation of that link only removing one device.
Kev_Yes, only allowing an entity to effectively cross-sign their own devices would help greatly.
dwdKev_, I don't think it allows that.
Kev_Although you /still/ have an issue with revoked devices being re-added to the tree.
Ge0rGbut your point one-ups that.
Ge0rGalso xmpp: URIs in the body payload make my eyes hurt.
Kev_dwd: I may have completely missed the point where it doesn't. I did find the bit where you can't cross sign my devices for me, but not the bit where you can't Cath's.
dwdKev_, I think you can have your devices "authenticating" your other devices to your contact, and your contact's device to your other devices.
Ge0rGdwd: yes, but there are no constraints on who may authenticate whose devices.
Kev_That would be a significant improvement over my reading. I didn't see that.
Ge0rG"who's"?
Kev_whose, yes.
Ge0rGalso there is no strong coupling between devices and JIDs.
Kev_But I think that even with that, the lack of a chain is broken.
Kev_Let's assume that the reason you steal someone's device is precisely so you can communicate as them, the first thing you do is cross-sign another key.
Ge0rGAnd in a cryptographically sane protocol, I'd require a more explicit bond between the signing key and the signed message than the fact that a JID is in the body.
Kev_The user then revokes the stolen device's key. Oh well, who cares?
Kev_So this Dot of Trust thing seems to fundamentally not work, to me.
Kev_I was joking about vector clocks earlier, but in this case something like that seems needed for the sync issues, and trust chains seem needed for the other issue.
dwd"End-to-end encryption is based on the assumption that the devices are
not compromised."
dwdThat is literally the funniest thing I've ever read.
ZashHm, I wonder what's most likely, my server gets broken into or I forget my phone somewhere...
Kev_Zash: You don't even need to forget it. You only need to look away long enough to cross-sign :)
dwdZash, Device security is pretty good, these days, in fairness.
Kev_(I realise it isn't technically cross-signing, but the end effect works)
Kevhas left
Kev_has left
Ge0rGcross-signing happens by scanning a QR code, right? What if I pretend that you cross-sign me, but then inject a device-key for your identity through your compromised server?
dwd"I followed the current
version of the XEP. Thus, it is possible to implement the XEP by
following it." - this would be a lot more convincing if it were not the author of the ProtoXEP writing this...
Ge0rGThere are very many mails on the list about ATT, and it is -1, so I feel very inclined to just 'D' the whole thread
Ge0rGalso the fact that it involves OMEMO, with which I have a beef of my own.
Ge0rGBut maybe the least destructive way forward is to put SEX into the XEP template.
pep."Kev_> And the idea that I know that Dave's device belongs to Dave being enough for Dave to be able to authenticate Cath's devices is bizzarre." ATT doesn't allow Dave to tell you anything about Cath's device
Ge0rGpep.: where is that restriction?
Ge0rGBecause I am apparently not the only one to have missed it
pep.In the XEP I don't remember, I get my info from the source, and I agree it's confusing and can be improved greatly. The intent of ATT is to authenticate your own devices, and the devices or your contacts (only one hop away from you, as in your contact and all their devices are one hop)
Ge0rGpep.: if Berlin isn't written down, it hasn't happened.
pep.Ge0rG, that's why I sent all of that on the list :)
Ge0rGDamn.
Ge0rGpep.: in the ATT thread?
pep.And as I understand the author is currently replying to all the thread
pep.yeah
pep.This precision that I made above isn't said by me in the list. I only complaining about stuff in the body.
vanitasvitaeYes, I'd also prefer to read your feedback on the list, rather than in this muc where the author isnt even joined, Ge0rG ;)
pep.Also there is another issue with revocation that daniel mentions
Ge0rGvanitasvitae: it would be unwise to send my feedback before reading all the thread.
pep.Not exactly the same as Kev, but similar
pep.Ge0rG, :p
Ge0rGvanitasvitae: and I barely got through the XEP in the last week
pep.Ge0rG, see we're slowly improving in trying to include people that are not in sprints :)
Ge0rGpep.: that's a great thing, although the cynic in me wonders whether this is praise-worthy.
pep.;)
pep.It's not always easy to stir people that way, they're all excited about actually doing things
vanitasvitae:D
Ge0rGI'm also excited about actually doing things without telling anybody what or why or how.
Ge0rGI think there is a pseudo-medicinal term for that.
XMPP Council - 2019-04-03