XMPP Council - 2020-05-06

good morning everyone.

Time?

yikes sorry

1) Roll Call

I’m here but was deeply sunk in lua code

I'm tired but here.

I join the "tired" club

Hi

I suppose Ge0rG is here too

2) Agenda Bashing

anything to add/modify?

I suppose not

3) Editor’s Update

- Expired calls: - LC for XEP-0280 expired without feedback. - Calls in progress: - LC for XEP-0320 (ends at 2020-05-19) - LC for XEP-0339 (ends at 2020-05-19)

+ a protoxep

4) Items for Voting

I wonder why nobody commented on Carbons.

4a) Decide on Advancement of XEP-0280: Message Carbons URL: https://xmpp.org/extensions/xep-0280.html

everyone is worn out about that probably

I'm torn about it.

I just started looking at carbons (the code) again recently

yes. i don’t even have an opinion on that anymore

I like most of the XEP, except for this one line: > it contains payload elements typically used in IM (...)

Personally, I'd rather roll back Carbons and fix message routing, than entrench the mess. But that's not going to happen, so... 🤷

It's already entrenched tho

IM-NG can obsolete it when it's ready :)

Ge0rG, well some time before the summit I thought so too. (see my emails from january) but after more discussions during summit I came to the conclusion that im-ng isn’t going to be easy either

and share a lot of the problems with carbons

it won’t indeed

Is anything ever easy?

though having clear semantics is a good start

daniel: right. My hope was that we can invest some work into Carbons to make IM-NG profit from the rules later on

jonas’: yes, the fallback rules would be only for legacy-interop

yes we won’t get around of defining some ruleset probably

or start over with the whole pubsub mess

sorry; rambling; all that is to say that i don’t know what to do with carbons status wise at the moment

With my Implementer Hat on, I have something slightly different from the rules in the XEP now, which might be better, or not. Going to need some time and deployment experinece with it I think.

daniel: you could check whether §6.1 is sufficient and adequate for all your use cases.

does it cover jingle messages?

Zash: that sounds like we should postpone advancing Carbons

daniel: are jingle messages of type=chat?

well you can make everything type chat

And/or extend the LC, tho I'm not sure I'll have energy to post about it in the next to weeks either.

but usually (following the examples from the xep) they are not

or is jingle one of the gazillion XEPs that don't define an appropriate message type?

I want Carbons and MAM sync to become type=headline

One thing: The new mod_carbons acts on anything that's been archived.

Conversations makes them type chat to get around 6.1 rules

but arguably they probably maybe shouldn’t be?

daniel: what about fixing §6.1 rules instead?

Zash ~volunteered~ proposed to fix https://xmpp.org/extensions/xep-0226.html

I wonder whether we need a routing-WG like we had (have) an E2EE WG

but yeah that's the point? so do we have to touch 280 every time there is a new xep around?

jonas’, good idea

and subsequently all implementations

I suppose Carbons has no meaning outside of IM anyway, and Jingle is kinda-sorta-IM now

jonas’: that would be good

daniel, supposedly, since you send to bare-JID (under IM-NG rules) this would be multicast to all resources ✏

also, is there a Jingle WG that could comment on this batch of Jingle XEPs?

which is one of the key reasons for IM-NG, so that we don’t have to touch things every time a new protocol comes aroundy

but because of backward compat you still have to have rules

is there any single implementation of `urn:xmpp:carbons:rules:0` ?

I see a few people who have a certain share in implementations (daniel, Holger, Zash, Ge0rG, someone from the Dino folks, lovetox) which could sit down for a sprint and work out rules for different use cases.

daniel: yes, and we need to define those rules

and who could drive IM-NG forward

I think this is most direly needed

jonas’: I agree.

daniel, you have the compliance checker to pressure people to deploy an update

Ge0rG, I /think/ Prosody actually does something very close to the rules in the XEP

most of the rules we sort out will apply equally to IM-NG, Carbons and MAM

As in, the stable release. Trunk now does something else.

can someone of you folks take the hat for this sprint?

Zash: the delta would be a good addition to the 0280 LC

because we won’t solve this in this session.

I’ll be happy to move 280 back to Experimental in that case

I'm not good at organizing.

jonas’, sure

Zash, thank you very much

+1 moving it back

But I'm motivated to bring 0280 + IM-NG rules into a sane state

I can offer a jitsi meet instance for a virtual meeting, though I suppose you’ll find other instances, too

so Zash will organize a virtual(?) sprint on that one; please announce it on standards@ and also ping ejabberd, dino and gajim devs at least

jonas’, +1 for back to experimental.

also +1 to whoever invents <in-reply to=id/>

Zash, was that in implicit "I didn’t want to volunteer for organizing this!!!"

yes

darn

ok, then I’ll step up to try to get everyone on a table, but I won’t actively participate most likely

4b) Request LC for XEP-0393: Message Styling URL: https://xmpp.org/extensions/xep-0393.html Abstract: This specification defines a formatted text syntax for use in instant messages with simple text styling.

+1

+1

+1

LC all the XEPs?!

+1

4c) Proposed XMPP Extension: Channel Binding Pseudomechanisms URL: https://xmpp.org/extensions/inbox/cb-pseudomechanisms.html Abstract: A method for advertising and negotiating types of channel binding supported by SCRAM based SASL mechanisms.

-1, even more so than with the previous spec about password storage, I’m fairly certain that this needs to be addressed on the IETF-level ✏

I approve of the general goal tho.

me too

> I approve of the general goal tho. +1

on-list

hm, I’m changing my vote to on-list.

I have to read it more closely

This will *never* be addressed at the IETF level, FWIW. The XMPP WG is shut down and this is protocol specific.

SamWhited, yeah, I just realised that

so going on-list, because I’m not sure that mangling the mechanism names is a great way to do that

But the approach feels wrong

yeah, a lot wrong

if only we had namespaced attributes

on-list

If only we had namespace attributes

Lol

I'd like to have Dave around to discuss this one

let’s not discuss protocol specifics in this meeting; I’m assuming you’re on list too, daniel?

Yes on list

5) Outstanding Votes I lied in the email, there are no outstanding votes.

6) Date of Next

SamWhited, starting the XMPP WG up is a thing we can do if needed AFAIK

+1w could be tricky for me ✏

(pretty sure I'm -1 but I want to elaborate more on list)

there is the RIPE General Meeting and I was appointed responsible for doing on behalf of my company which is a LIR there

I’m not sure what the schedule is and when I’m expected to participate there, so I can’t say for sure I can chair the meeting here

I’ll prepare an agenda on tuesday, who volunteers to chair?

Please let's have a discussion on list before you all finish voting if possible. I'm open to being convinced of alternative methods, but the ones I could think of were much more obnoxious to implement or required major modifications to our SASL profile (which is not likely to happen)

SamWhited, I’m going to reply on-list soon

But I also knew this method would be an uphill fight :)

Something something XEP-0388

yes, thanks

we’re at Date of Next, and we need a chair for next week

i can chair

Thanks

so +1w then

excellent

7) AOB

none from me

none here

alright

8) EOM

thanks all

ACK, FIN, RST

Well, taken me all afternoon, but I can apparently get in this room again.

\o/

Äntligen!

dwd: how many yaks did you shave today?

Not enough. I don't *think* I can connect outbound and establish TLS to this server, and I do not understand why.

_this_?

`locate iteam-hat`

Zash, As in xmpp.xmpp.org. But not just this one, cerdale.zash.se is the same.

If mine doesn't want to talk to you it should send you a <stream:error> with the reason

TLS negotiation fails, though, so no opportunity.

I see you → here connections, but unencrypted in the other direction

Right, because Openfire can actually fallback to retry without TLS.

Which is what's happened here I think.

for reverse connections?

crazy

May 06 15:12:15 s2sin5578e86691d0 debug Incoming s2s received <stream:stream xmlns='http://etherx.jabber.org/streams' version='1.0' to='xmpp.org' from='dave.cridland.net'> May 06 15:12:15 s2sin5578e86691d0 debug Sending[s2sin_unauthed]: <stream:stream id='3bdeff5f-b26a-4635-a2d6-1d37c1ab1db9' xml:lang='en' xmlns='jabber:server' to='dave.cridland.net' xmlns:db='jabber:server:dialback' version='1.0' xmlns:stream='http://etherx.jabber.org/streams' from='xmpp.org'> May 06 15:12:16 s2sin5578e86691d0 debug Incoming s2s received <stream:stream xmlns='http://etherx.jabber.org/streams' version='1.0' to='xmpp.org' from='dave.cridland.net'> May 06 15:12:16 x509 debug Cert dNSName dave.cridland.net matched hostname May 06 15:12:16 s2sin5578e86691d0 debug Sending[s2sin_unauthed]: <stream:stream id='57b0f2aa-5f41-4a53-ba20-3e5c8686952a' xml:lang='en' xmlns='jabber:server' to='dave.cridland.net' xmlns:db='jabber:server:dialback' version='1.0' xmlns:stream='http://etherx.jabber.org/streams' from='xmpp.org'> May 06 15:12:16 s2sin5578e86691d0 info Incoming s2s stream dave.cridland.net->xmpp.org closed: stream closed May 06 15:12:16 s2sin5578e86691d0 debug Destroying incoming session dave.cridland.net->xmpp.org

that doesn’t seem useful

Sorry, distracted by Atlassian apparently having a dodgy cert on their cloud hosting.

I see some failed attepmts at dialback and some timeouts

That would have been earlier, I suspect.

after what jonas’ posted

I get a *lot* of errors from your server as well, dwd. Mostly useless things about being unable to connect.

FWIW

How bizarre.

May 06 15:13:46 s2sout5578e7a3df20 debug Destroying incomplete session xmpp.org->dave.cridland.net due to inactivity

May 06 15:12:17 s2sout5578e7a3df20 debug sent dialback key on outgoing s2s stream

TLS version mismatch?

something like TLS 1.0 vs TLS 1.2? dh keys?

2020/05/06 17:54:43 failed to probe c2s to xmpp:cridland.net: dial tcp 74.125.28.125:5269: connect: connection refused

Yeah, not cridland.net

dave.cridland.net

also, why does it write c2s

Anyway. More usefully:

Huh, but this one is TLS'd

XEP-0280 - I thought we'd discussed this in the Summit and come to some kind of conclusion abotu moving the routing rules themselves into a new XEP, that would be pointed to by IM-NG on the basis that IM-NG was Carbons with better PR^Wsyntax?

May 06 15:12:17 s2sout5578e7a3df20 debug Sending[s2sout_unauthed]: <stream:stream xml:lang='en' xmlns='jabber:server' to='dave.cridland.net' ... May 06 15:12:17 s2sout5578e7a3df20 info Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)

Yeah, from * -> dave.cridland.net it negotiates TLSv1.3 and AES etc.

Then it does dialback, which times out. Then some time later it tries again

So:

4a) On-list, I need to look at what was discussed at the Summit.

4b) +1

I admit I speculated you’d take time to vote on 4b so that we don’t have three LCs starting within just 24 hours ;-)

still, welcome back

4c) I'm somewhat torn about this. It's a revolting syntax, but I wonder if just listing channel bindings, and mandating that sorry, but if you offer it for one it's offered for all mechanisms, might be preferable. As to whether this lives here or IETF, I'm inclined to say it lives here - as Sam notes, XMPP-WG is dead, and KITTEN is probably not ideal, though definitely worth talking to Simon Josefsson there as he's discussed this kind fo thing before quite recently. So Sorta +1 but dear dog can we change this?

dwd, I think quite similar as you do, and I think we should discuss those specifics on-list

By which I mean, on-list to give me some time to think, but if it weren't using pseudo-mechanisms I'd be a firm +1.

If only we had namespace attributes

I'm not sure those help here.

Scribbled that listwards, and I'll vote +1 on 4c).

I'm not sure how I feel about "(oh btw channel bindings in TLS 1.3 are undefined)" hidden away in an appendix in an RFC that doesn't update the channel binding document.

Zash, Channel bindings are in general a bit stalled. I think the XMPP community is the only group that really cares, sometimes, and we're not very vocal within the IETF, so they probably don't realise there's interest.

The two channel bindings it's talking about are broken anyways, and I assume even more broken on TLS 1.3 because they won't work in-0RTT mode (I think)

I'm only guessing, but I assume that's why they decided to just say that they're undefined. Libraries won't be able to give you the data half the time, or even worse, they will try to give you non-unique data

Found a single thread from 2015 discussing it

Link? I didn't find anything when I looked

SamWhited, And by the way, you're doing a great job in KITTEN, pushing this stuff. It probably feels like you're getting nowhere, but I think it's making an impact slowly - but the recent last-minute-virtual IETF meeting has probably drained people of energy.

dwd: thanks; I was worried I was beign a pest, I never know how the IETF works or how much I should stay on top of things

being, even

SamWhited, not sure which thread it was but a couple of threads from 2015-2016 pop up in https://mailarchive.ietf.org/arch/search/?qdr=a&start_date=&end_date=&email_list=tls&email_list=kitten&q=text%3A%28channel+binding%29&as=1

Thanks

Oh hey, if I filter by date and list there's a whole topic called "Deprecating tls-unique for TLS 1.3". Dunno why I never realized there was a convenient list-only search that doesn't involve Google or DDG or whatever.

This is a pretty great mailing list interface indeed. I wish we used it for our lists.

+1

Aha, and it mentions an old draft name I never found by searching either!

Hopefully I can find discussion on that and finally know what had been done towards this in the past. It's just about impossible to dig information out of the IETF.

I think I searched for the channel binding RFC number as well last time

This works almost exactly the same as how mine did originally, that's encouraging (or maybe not, since it just dissapeared in 2015 and I'm not sure why yet)

This?

sorry, the other draft I found in that email thread that expired in 2015: https://tools.ietf.org/html/draft-josefsson-sasl-tls-cb-03

The author amusingly responded to the other I-D I have out right now, but not the emails to KITTEN and TLS about the channel binding draft, so I pinged him to ask him about the history of it and what not.

Endless yaks probably.