XMPP Council - 2020-05-06

  1. Ge0rG

    good morning everyone.

  2. Zash presses snooze

  3. Zash


  4. jonas’

    yikes sorry

  5. jonas’

    1) Roll Call

  6. jonas’

    I’m here but was deeply sunk in lua code

  7. Zash

    I'm tired but here.

  8. jonas’

    I join the "tired" club

  9. daniel


  10. jonas’

    I suppose Ge0rG is here too

  11. jonas’

    2) Agenda Bashing

  12. jonas’

    anything to add/modify?

  13. jonas’

    I suppose not

  14. jonas’

    3) Editor’s Update

  15. jonas’

    - Expired calls: - LC for XEP-0280 expired without feedback. - Calls in progress: - LC for XEP-0320 (ends at 2020-05-19) - LC for XEP-0339 (ends at 2020-05-19)

  16. jonas’

    + a protoxep

  17. jonas’

    4) Items for Voting

  18. Ge0rG

    I wonder why nobody commented on Carbons.

  19. jonas’

    4a) Decide on Advancement of XEP-0280: Message Carbons URL: https://xmpp.org/extensions/xep-0280.html

  20. jonas’

    everyone is worn out about that probably

  21. Ge0rG

    I'm torn about it.

  22. Zash

    I just started looking at carbons (the code) again recently

  23. daniel

    yes. i don’t even have an opinion on that anymore

  24. Ge0rG

    I like most of the XEP, except for this one line: > it contains payload elements typically used in IM (...)

  25. Ge0rG

    Personally, I'd rather roll back Carbons and fix message routing, than entrench the mess. But that's not going to happen, so... 🤷

  26. Zash

    It's already entrenched tho

  27. Zash

    IM-NG can obsolete it when it's ready :)

  28. daniel

    Ge0rG, well some time before the summit I thought so too. (see my emails from january) but after more discussions during summit I came to the conclusion that im-ng isn’t going to be easy either

  29. daniel

    and share a lot of the problems with carbons

  30. jonas’

    it won’t indeed

  31. Zash

    Is anything ever easy?

  32. jonas’

    though having clear semantics is a good start

  33. Ge0rG

    daniel: right. My hope was that we can invest some work into Carbons to make IM-NG profit from the rules later on

  34. Ge0rG

    jonas’: yes, the fallback rules would be only for legacy-interop

  35. daniel

    yes we won’t get around of defining some ruleset probably

  36. daniel

    or start over with the whole pubsub mess

  37. daniel

    sorry; rambling; all that is to say that i don’t know what to do with carbons status wise at the moment

  38. Zash

    With my Implementer Hat on, I have something slightly different from the rules in the XEP now, which might be better, or not. Going to need some time and deployment experinece with it I think.

  39. Ge0rG

    daniel: you could check whether §6.1 is sufficient and adequate for all your use cases.

  40. daniel

    does it cover jingle messages?

  41. Ge0rG

    Zash: that sounds like we should postpone advancing Carbons

  42. Ge0rG

    daniel: are jingle messages of type=chat?

  43. daniel

    well you can make everything type chat

  44. Zash

    And/or extend the LC, tho I'm not sure I'll have energy to post about it in the next to weeks either.

  45. daniel

    but usually (following the examples from the xep) they are not

  46. Ge0rG

    or is jingle one of the gazillion XEPs that don't define an appropriate message type?

  47. Ge0rG

    I want Carbons and MAM sync to become type=headline

  48. Zash

    One thing: The new mod_carbons acts on anything that's been archived.

  49. daniel

    Conversations makes them type chat to get around 6.1 rules

  50. daniel

    but arguably they probably maybe shouldn’t be?

  51. Ge0rG

    daniel: what about fixing §6.1 rules instead?

  52. Ge0rG

    Zash ~volunteered~ proposed to fix https://xmpp.org/extensions/xep-0226.html

  53. jonas’

    I wonder whether we need a routing-WG like we had (have) an E2EE WG

  54. daniel

    but yeah that's the point? so do we have to touch 280 every time there is a new xep around?

  55. Zash

    jonas’, good idea

  56. daniel

    and subsequently all implementations

  57. Ge0rG

    I suppose Carbons has no meaning outside of IM anyway, and Jingle is kinda-sorta-IM now

  58. jonas’

    daniel, supposedly, since you send to bare-JID (under IM-NG rules) this would be broadcast

  59. Ge0rG

    jonas’: that would be good

  60. jonas’

    daniel, supposedly, since you send to bare-JID (under IM-NG rules) this would be multicast to all resources

  61. Zash

    also, is there a Jingle WG that could comment on this batch of Jingle XEPs?

  62. jonas’

    which is one of the key reasons for IM-NG, so that we don’t have to touch things every time a new protocol comes aroundy

  63. daniel

    but because of backward compat you still have to have rules

  64. Ge0rG

    is there any single implementation of `urn:xmpp:carbons:rules:0` ?

  65. jonas’

    I see a few people who have a certain share in implementations (daniel, Holger, Zash, Ge0rG, someone from the Dino folks, lovetox) which could sit down for a sprint and work out rules for different use cases.

  66. Ge0rG

    daniel: yes, and we need to define those rules

  67. jonas’

    and who could drive IM-NG forward

  68. jonas’

    I think this is most direly needed

  69. Ge0rG

    jonas’: I agree.

  70. jonas’

    daniel, you have the compliance checker to pressure people to deploy an update

  71. Zash

    Ge0rG, I /think/ Prosody actually does something very close to the rules in the XEP

  72. Ge0rG

    most of the rules we sort out will apply equally to IM-NG, Carbons and MAM

  73. Zash

    As in, the stable release. Trunk now does something else.

  74. jonas’

    can someone of you folks take the hat for this sprint?

  75. Ge0rG

    Zash: the delta would be a good addition to the 0280 LC

  76. jonas’

    because we won’t solve this in this session.

  77. jonas’

    I’ll be happy to move 280 back to Experimental in that case

  78. Ge0rG

    I'm not good at organizing.

  79. Zash

    jonas’, sure

  80. jonas’

    Zash, thank you very much

  81. daniel

    +1 moving it back

  82. Ge0rG

    But I'm motivated to bring 0280 + IM-NG rules into a sane state

  83. jonas’

    I can offer a jitsi meet instance for a virtual meeting, though I suppose you’ll find other instances, too

  84. jonas’

    so Zash will organize a virtual(?) sprint on that one; please announce it on standards@ and also ping ejabberd, dino and gajim devs at least

  85. Zash

    jonas’, +1 for back to experimental.

  86. Zash

    also +1 to whoever invents <in-reply to=id/>

  87. jonas’

    Zash, was that in implicit "I didn’t want to volunteer for organizing this!!!"

  88. Zash


  89. jonas’


  90. jonas’

    ok, then I’ll step up to try to get everyone on a table, but I won’t actively participate most likely

  91. jonas’

    4b) Request LC for XEP-0393: Message Styling URL: https://xmpp.org/extensions/xep-0393.html Abstract: This specification defines a formatted text syntax for use in instant messages with simple text styling.

  92. jonas’


  93. daniel


  94. daniel grabs popcorn

  95. Zash


  96. Zash

    LC all the XEPs?!

  97. Ge0rG


  98. jonas’

    4c) Proposed XMPP Extension: Channel Binding Pseudomechanisms URL: https://xmpp.org/extensions/inbox/cb-pseudomechanisms.html Abstract: A method for advertising and negotiating types of channel binding supported by SCRAM based SASL mechanisms.

  99. jonas’

    even more so than with the previous spec about password storage, I’m fairly certain that this needs to be addressed on the IETF-level

  100. jonas’

    -1, even more so than with the previous spec about password storage, I’m fairly certain that this needs to be addressed on the IETF-level

  101. Zash

    I approve of the general goal tho.

  102. jonas’

    me too

  103. daniel

    > I approve of the general goal tho. +1

  104. Ge0rG


  105. jonas’

    hm, I’m changing my vote to on-list.

  106. jonas’

    I have to read it more closely

  107. SamWhited

    This will *never* be addressed at the IETF level, FWIW. The XMPP WG is shut down and this is protocol specific.

  108. jonas’

    SamWhited, yeah, I just realised that

  109. jonas’

    so going on-list, because I’m not sure that mangling the mechanism names is a great way to do that

  110. daniel

    But the approach feels wrong

  111. jonas’

    yeah, a lot wrong

  112. jonas’

    if only we had namespaced attributes

  113. Zash


  114. daniel

    If only we had namespace attributes

  115. daniel


  116. Zash

    I'd like to have Dave around to discuss this one

  117. jonas’

    let’s not discuss protocol specifics in this meeting; I’m assuming you’re on list too, daniel?

  118. daniel

    Yes on list

  119. jonas’

    5) Outstanding Votes I lied in the email, there are no outstanding votes.

  120. jonas’

    6) Date of Next

  121. jonas’

    +1w wfm

  122. Zash

    SamWhited, starting the XMPP WG up is a thing we can do if needed AFAIK

  123. jonas’

    +1w could be tricky for me

  124. daniel

    (pretty sure I'm -1 but I want to elaborate more on list)

  125. jonas’

    there is the RIPE General Meeting and I was appointed responsible for doing on behalf of my company which is a LIR there

  126. jonas’

    I’m not sure what the schedule is and when I’m expected to participate there, so I can’t say for sure I can chair the meeting here

  127. jonas’

    I’ll prepare an agenda on tuesday, who volunteers to chair?

  128. SamWhited

    Please let's have a discussion on list before you all finish voting if possible. I'm open to being convinced of alternative methods, but the ones I could think of were much more obnoxious to implement or required major modifications to our SASL profile (which is not likely to happen)

  129. jonas’

    SamWhited, I’m going to reply on-list soon

  130. SamWhited

    But I also knew this method would be an uphill fight :)

  131. Zash

    Something something XEP-0388

  132. SamWhited shuts up and lets you finish the meeting.

  133. jonas’

    yes, thanks

  134. jonas’

    we’re at Date of Next, and we need a chair for next week

  135. daniel

    i can chair

  136. jonas’


  137. Zash

    so +1w then

  138. jonas’


  139. jonas’

    7) AOB

  140. jonas’

    none from me

  141. Zash

    none here

  142. jonas’


  143. jonas’

    8) EOM

  144. jonas’

    thanks all

  145. Zash


  146. dwd

    Well, taken me all afternoon, but I can apparently get in this room again.

  147. jonas’


  148. Zash


  149. Ge0rG

    dwd: how many yaks did you shave today?

  150. dwd

    Not enough. I don't *think* I can connect outbound and establish TLS to this server, and I do not understand why.

  151. Zash


  152. Zash

    `locate iteam-hat`

  153. dwd

    Zash, As in xmpp.xmpp.org. But not just this one, cerdale.zash.se is the same.

  154. Zash

    If mine doesn't want to talk to you it should send you a <stream:error> with the reason

  155. dwd

    TLS negotiation fails, though, so no opportunity.

  156. Zash

    I see you → here connections, but unencrypted in the other direction

  157. dwd

    Right, because Openfire can actually fallback to retry without TLS.

  158. dwd

    Which is what's happened here I think.

  159. Zash

    for reverse connections?

  160. Zash


  161. jonas’

    May 06 15:12:15 s2sin5578e86691d0 debug Incoming s2s received <stream:stream xmlns='http://etherx.jabber.org/streams' version='1.0' to='xmpp.org' from='dave.cridland.net'> May 06 15:12:15 s2sin5578e86691d0 debug Sending[s2sin_unauthed]: <stream:stream id='3bdeff5f-b26a-4635-a2d6-1d37c1ab1db9' xml:lang='en' xmlns='jabber:server' to='dave.cridland.net' xmlns:db='jabber:server:dialback' version='1.0' xmlns:stream='http://etherx.jabber.org/streams' from='xmpp.org'> May 06 15:12:16 s2sin5578e86691d0 debug Incoming s2s received <stream:stream xmlns='http://etherx.jabber.org/streams' version='1.0' to='xmpp.org' from='dave.cridland.net'> May 06 15:12:16 x509 debug Cert dNSName dave.cridland.net matched hostname May 06 15:12:16 s2sin5578e86691d0 debug Sending[s2sin_unauthed]: <stream:stream id='57b0f2aa-5f41-4a53-ba20-3e5c8686952a' xml:lang='en' xmlns='jabber:server' to='dave.cridland.net' xmlns:db='jabber:server:dialback' version='1.0' xmlns:stream='http://etherx.jabber.org/streams' from='xmpp.org'> May 06 15:12:16 s2sin5578e86691d0 info Incoming s2s stream dave.cridland.net->xmpp.org closed: stream closed May 06 15:12:16 s2sin5578e86691d0 debug Destroying incoming session dave.cridland.net->xmpp.org

  162. jonas’

    that doesn’t seem useful

  163. dwd

    Sorry, distracted by Atlassian apparently having a dodgy cert on their cloud hosting.

  164. Zash

    I see some failed attepmts at dialback and some timeouts

  165. dwd

    That would have been earlier, I suspect.

  166. Zash

    after what jonas’ posted

  167. SamWhited

    I get a *lot* of errors from your server as well, dwd. Mostly useless things about being unable to connect.

  168. SamWhited


  169. dwd

    How bizarre.

  170. Zash

    May 06 15:13:46 s2sout5578e7a3df20 debug Destroying incomplete session xmpp.org->dave.cridland.net due to inactivity

  171. Zash

    May 06 15:12:17 s2sout5578e7a3df20 debug sent dialback key on outgoing s2s stream

  172. Ge0rG

    TLS version mismatch?

  173. Ge0rG

    something like TLS 1.0 vs TLS 1.2? dh keys?

  174. jonas’

    2020/05/06 17:54:43 failed to probe c2s to xmpp:cridland.net: dial tcp connect: connection refused

  175. dwd

    Yeah, not cridland.net

  176. dwd


  177. jonas’

    also, why does it write c2s

  178. dwd

    Anyway. More usefully:

  179. Zash

    Huh, but this one is TLS'd

  180. dwd

    XEP-0280 - I thought we'd discussed this in the Summit and come to some kind of conclusion abotu moving the routing rules themselves into a new XEP, that would be pointed to by IM-NG on the basis that IM-NG was Carbons with better PR^Wsyntax?

  181. Zash

    May 06 15:12:17 s2sout5578e7a3df20 debug Sending[s2sout_unauthed]: <stream:stream xml:lang='en' xmlns='jabber:server' to='dave.cridland.net' ... May 06 15:12:17 s2sout5578e7a3df20 info Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)

  182. dwd

    Yeah, from * -> dave.cridland.net it negotiates TLSv1.3 and AES etc.

  183. Zash

    Then it does dialback, which times out. Then some time later it tries again

  184. dwd


  185. dwd

    4a) On-list, I need to look at what was discussed at the Summit.

  186. dwd

    4b) +1

  187. jonas’

    I admit I speculated you’d take time to vote on 4b so that we don’t have three LCs starting within just 24 hours ;-)

  188. jonas’

    still, welcome back

  189. dwd

    4c) I'm somewhat torn about this. It's a revolting syntax, but I wonder if just listing channel bindings, and mandating that sorry, but if you offer it for one it's offered for all mechanisms, might be preferable. As to whether this lives here or IETF, I'm inclined to say it lives here - as Sam notes, XMPP-WG is dead, and KITTEN is probably not ideal, though definitely worth talking to Simon Josefsson there as he's discussed this kind fo thing before quite recently. So Sorta +1 but dear dog can we change this?

  190. jonas’

    dwd, I think quite similar as you do, and I think we should discuss those specifics on-list

  191. dwd

    By which I mean, on-list to give me some time to think, but if it weren't using pseudo-mechanisms I'd be a firm +1.

  192. pep.

    If only we had namespace attributes

  193. dwd

    I'm not sure those help here.

  194. dwd

    Scribbled that listwards, and I'll vote +1 on 4c).

  195. Zash

    I'm not sure how I feel about "(oh btw channel bindings in TLS 1.3 are undefined)" hidden away in an appendix in an RFC that doesn't update the channel binding document.

  196. dwd

    Zash, Channel bindings are in general a bit stalled. I think the XMPP community is the only group that really cares, sometimes, and we're not very vocal within the IETF, so they probably don't realise there's interest.

  197. SamWhited

    The two channel bindings it's talking about are broken anyways, and I assume even more broken on TLS 1.3 because they won't work in-0RTT mode (I think)

  198. SamWhited

    I'm only guessing, but I assume that's why they decided to just say that they're undefined. Libraries won't be able to give you the data half the time, or even worse, they will try to give you non-unique data

  199. Zash

    Found a single thread from 2015 discussing it

  200. SamWhited

    Link? I didn't find anything when I looked

  201. dwd

    SamWhited, And by the way, you're doing a great job in KITTEN, pushing this stuff. It probably feels like you're getting nowhere, but I think it's making an impact slowly - but the recent last-minute-virtual IETF meeting has probably drained people of energy.

  202. SamWhited

    dwd: thanks; I was worried I was beign a pest, I never know how the IETF works or how much I should stay on top of things

  203. SamWhited

    being, even

  204. Zash

    SamWhited, not sure which thread it was but a couple of threads from 2015-2016 pop up in https://mailarchive.ietf.org/arch/search/?qdr=a&start_date=&end_date=&email_list=tls&email_list=kitten&q=text%3A%28channel+binding%29&as=1

  205. SamWhited


  206. SamWhited

    Oh hey, if I filter by date and list there's a whole topic called "Deprecating tls-unique for TLS 1.3". Dunno why I never realized there was a convenient list-only search that doesn't involve Google or DDG or whatever.

  207. Zash

    This is a pretty great mailing list interface indeed. I wish we used it for our lists.

  208. SamWhited


  209. SamWhited

    Aha, and it mentions an old draft name I never found by searching either!

  210. SamWhited

    Hopefully I can find discussion on that and finally know what had been done towards this in the past. It's just about impossible to dig information out of the IETF.

  211. Zash

    I think I searched for the channel binding RFC number as well last time

  212. SamWhited

    This works almost exactly the same as how mine did originally, that's encouraging (or maybe not, since it just dissapeared in 2015 and I'm not sure why yet)

  213. Zash


  214. SamWhited

    sorry, the other draft I found in that email thread that expired in 2015: https://tools.ietf.org/html/draft-josefsson-sasl-tls-cb-03

  215. SamWhited

    The author amusingly responded to the other I-D I have out right now, but not the emails to KITTEN and TLS about the channel binding draft, so I pinged him to ask him about the history of it and what not.

  216. Zash

    Endless yaks probably.