XMPP Council - 2021-11-10

1) Roll Call

sorry for the slight delay, I had to fight an OOM

Here.

Ge0rG sent apologies (to me)

do we get a daniel or dwd?

(If there was a delay then it is equally reflected in my clock)

Hello!

Zash, "16:00:12 jonas’> 1) Roll Call"

Oh. It's Wednesday again

that's 12 seconds off!

Shame! Roll back time and try again!

Zash, didn't work, sorry

2) Agenda Bashing

I am sure I missed something, but I don't know what

if anyone knows, let me know :)

3) Editor's Update

We advanced XEP-0459 to Stable!

4) Items for Voting

I don't know of any, but I'll pause for a moment in case anyone comes up with something.

:crickets:

seems like it

5) Pending Votes

None.

I feel bad for going to date of next before even the first five minutes are over, as we sometimes take longer to gather or so, so I'll give everyone a chance to come back with their coffee ;)

alright

My coffe is COLD

6) Date of Next

We're all here aside from Ge0rG, though.

+1w wfm, though it's a public holiday here, so hopefully I'm not going to forget about it :)

Works for me as well.

works for me too

that's going to be our second-to-last meeting

+1w wfm

excellent

7) AOB

7a) Elections

I am glad that there are *at least* five candidates, a bit unhappy about it being *only* five candidates.

Is there anything to do about it now?

no

just a note

Without time travel

Nothing can be done.

I'm really happy to see two entirely new ones in the list, so that's nice.

(I'm not going to mention board...)

Yes, Board is worse.

any other AOB?

There's some stuff around 2FA and SASL going on in Kitten (IETF WG).

7b) something about kittens by dwd

Miaow.

dwd, what's the overlap to our SASL2 construct?

Loosely, people are looking at the framework I put together and deciding not to go anywhere near it.

which was also intended to do 2FA at some point

Does already.

Been implemented, no less.

nice

so what's their direction re SASL+2FA?

terrible or great? ✏

The problem is that if you've an existing IMAP server (or database), changing the SASL profile is expensive and difficult.

is it?

I only know of issues between SCRAM profiles

So the current approach in I-D is to extend SCRAM to include optional TOTP codes.

Alexeys ID?

I'm suggesting a nested SASL mechanism which encapsulates SASL2, in effect.

Zash, Yes.

"All problems in computer science can be solved by adding another proxy"?

jonas’, Changing a SASL profile means changing the code of (say) PostgreSQL. Adding a mechanism could be done without even a new PostgresSQL build.

Zash, More or less, yes.

"profile" as in the way SASL is carried over the other protocol, or something else?

dwd, ah!

Anyway, one to keep an eye on.

Zash, A way to build SASL into your protocol, yes.

ohh

okay

I understood profile as set of mechanisms and got confused

terms and definitions...

No, there's a specific meaning to it.

too long since I touched SASL specs it seems

anything to add to this topic?

Also of potential interest in the IETF world is some new DANE stuff.

oho?

7c) IETF DANE Stuff

the DANCE WG, gonna look at client authentication, as in s2s clients and the likee

I was briefly excited but ran out of energy, so I'll just be idling there too.

generally interesting

well thank for the hint

any other AOB?

Not from me.

well then

8) Ite Meeting Est

Thanks everyone, Thanks Tedd.

Thanks jonas’, thanks Tedd, thanks all!

Thanks!

Thanks jonas’, Thanks everyone