XMPP Council - 2021-05-26

’tis time (nearly)

Uh-oh!

1) Roll Call

Hi

dwd maybe?

2) Agenda Bashing

I forgot a point, we have to vote on a new protoxep

I’ll inject that then

any other amendments?

taking it as a no

3) Editor’s Update * CVE number things in XEPs * Compliance Suites 2020 ProtoXEP published

4) Items for Voting

Sorry, caught up in an offboarding meeting.

4a) XEP-0292: Recommend using contact bare JIDs as item IDs URL: https://github.com/xsf/xeps/pull/848 This has been idling for a looong time now, and pinging stpeter did not help. Let us do something about it.

dwd, still caught up or will you attend here?

just so that I know whether to block on you :)

Can I interject and ask what ‘pinging’ means here? I get the impression that sometimes people have just mentioned me in a MUC or @me on a PR and expect me to notice it.

(Which I frequently won’t)

Kev, I don’t know whether any explicit email pings have been made in this case

So if that was all that was done to ask Peter for input, it’s conceivable it wouldn’t be effective on him either :)

it’s been a while

"2020"?

I’m all in for pinging via email (possibly again) if that makes sense, but if the default is that authors do not listen in for pings on github PRs, we need to find a better process.

It's been almost a decade. I think we should make another attempt to contact stpeter and by then it will be October, a ten-years-anniversary of the suggestion.

Pinging on github has never been our process has it?

Our process has always been explicitly that no important discussion only happens via github.

(Other than submitting XEP updates - but any discussion on them happens onlist)

Kev, that’s true, but I lack the energy currently to bring everything to the list

as you might’ve noticed with that PR of yours :)

either way, I guess I’ll just ping stpeter

via email this time

4b) Proposed XMPP Extension: Compliance Suites 2022 URL: https://xmpp.org/extensions/inbox/cs-2022.html

+1, let’s get this under the roof for proper discussion and further development

+1

+1

+1

Thanks. I assume that we have lost dwd to the offboarding again, so moving on.

5) Date of Next

+1w wfm

+1w wfm

+1w wfm

+1W WFM

excellent

6) AOB

anyone got anything?

Are there any old XEPs we could YOLO-LC or deprecate or something?

Or have we completed the list we had?

Xep12?

I think there was something about 0280

but -EBUSY

the shortlist is cleared out excetp for '390 and '313

oooh, I have a list somewhere

daniel, what’s with XEP-0012? ✏

uh-oh.

Zash wanted to randomly deprecated xeps

sorta replaced by https://xmpp.org/extensions/xep-0256.html ?

or the <idle> one

No let's not randomly deprecate xeps today

Killjoy :)

I guess we could make another call of "things which need to be advanced" to the list.

Sounds good

it brought a bit of activity for sure

I nominate XEP-0054 and 0055 for the ax!

gonna write that email then

any other AOB?

taking that as a no

7) Ite Meeting Est

thanks everyone

thanks jonas’

Thanks jonas’

Thanks all

Speaking of compliance suites, these are still draft (but so are 2021): https://xmpp.org/extensions/xep-0423.html

Shall we have another go at how compliance suites are weird and deserve their own xep-1 flow? 🙂

I tend to agree, but I'm not willing to wade into the impossible task of making more work for ourselves when we could just agree to actually put them out on time even if they're not perfect and tell the editor they can deprecate the old ones when the new ones come along

So let's deprecate 2020 and move 2021 to final?

Please and thank you

Here was the list I mentioned, FYI. Some of them probably need replacements, some need deprecation, some need to be obsoleted, etc. the list is just "I feel like something needs to be done with these": https://bin.disroot.org/?83e148f7d618ae4f#G9aWQqLYnBLgAoQw6dgci39SEnFhnoT9ExWsNexCH6ib

Some of them are probably doing no harm if we just leave them alone, it just makes me nervous that they're still there and not being looked at by anyone.

153 is *gaining* popularity because it's the only way to do it in MUC 🙁

Yah, 153 I want to kill just because we'll never make a better way as long as it exists and I hate working with vcards.

And all attempts at something sane for MUC was rejeced by previous councils

At least vcard4+xep84 is picking up now

I seem to have left off 0229, I guess I should go back through the extensions list.

Some new safer compression method might be nice to have

zstd with a fixed dictionary or something

Yah, I could see that being obsoleted because we've been going back and forth over the security issues since I've been here at least, or actually updated with something newer

> Some new safer compression method might be nice to have > zstd with a fixed dictionary or something Zash: and compress each stanza individually?

Unless I got it all wrong, by "fixed dictionary" I mean the mode where there are no backreferences, only references to a pre-defined dictionary of common strings

Backreferences are fine as long as they don’t cross trust boundaries, aren’t they?

One of the problems is, how do you enforce that?

Zash: I think zstd does both?

supports both, yes.

Unless it can explicitly disabled?