FYI for https://github.com/xsf/xeps/pull/1158 I intend to vote +0 and unless everyone else thinks it should go through as-is change it up to not Obsolete it, just remove DNS method (and mention it in security considerations for posterity) and change it to only add urn:xmpp:alt-connections:xbosh, I'd appreciate a indication whether you all think this is the right way forward or not
ncahuillahas joined
ncahuillahas left
daniel
i literally just now walked into my hotel room and got connected to the internet...
Ge0rG
Yay!
daniel
1) roll call
moparisthebest
o/
Ge0rG
/o\
Wojtekhas left
moparisthebest
(that shoulder injury looks painful!)
daniel
the lady at the check in desk asked me to give a sales pitch for Conversations. that was unexpected and slowed me down...
jonas’
present
moparisthebest
haha awesome
daniel
do we have a larma?
larma
Somewhat
Ge0rG
daniel: did you arrive with a huge poster?
daniel
i did not unfortunatly. but i was registered as a business travel to not pay tourism tax
daniel
2) Agenda bashing
daniel
none
daniel
3) Editors update
daniel
jonas’, published the xep4 and 60 changes we voted on last week
daniel
and a new proto xep that we are going to vote on later
jonas’
do we need to add ownership changes for muji to the agenda, larma?
jonas’
i.e. did you get a reply from the authors in that regard?
daniel
i have not seen public emails? did i miss them?
larma
I haven't had time to write a mail to ML yet, which we agreed to do first.
jonas’
ack, I was confused then. carry on.
daniel
4) Items for voting
daniel
a) Obsolete XEP-0156 and add warnings
https://github.com/xsf/xeps/pull/1158
jonas’
I can live with that. +1
Wojtekhas joined
Ge0rG
We are removing DNS but also HTTP Lookup Method, right?
daniel
just to be clear. this essentially makes bosh obsolete?
moparisthebest
so http lookup is already defined in the RFC
jonas’
no, HTTPS is delegated to RFC 7395
daniel
because you can’t discover bosh any more?
moparisthebest
but this removes bosh, so my alternate proposal is remove everything else but adding bosh
jonas’
ah
moparisthebest
hence my +0 vote
jonas’
I did not realize this removes BOSH, I thought that was also covered by RFC 7395
moparisthebest
(see my comment right before the meeting)
jonas’
in that case, -1, because we should keep BOSH discoverable
moparisthebest
I didn't either until it was pointed out
Ge0rG
yeah, -1 because of BOSH
daniel
i'm on board with getting rid of dns and getting rid of http
moparisthebest
cool, I'll rework the PR for next week
daniel
but i do think we need to keep bosh
daniel
-1
jonas’
moparisthebest, thank you :)
daniel
do you want to vote on this as well larma ?
Ge0rG
maybe we can get rid of 0156 if we put BOSH into some other adequate place?
larma
I don't think we need to keep BOSH forever, but probably still need it today, so -1
daniel
thank you
daniel
wrt BOSH i think it's interesting that w3c eventsource is still around too (even though websocket exist)
daniel
but that's a discussion for another day probably
daniel
b) Obsolete and update Security Considerations for XEP-0138 and XEP-0229
https://github.com/xsf/xeps/pull/1159
moparisthebest
I think I'll remove httppoll too unless people think it's useful..
moparisthebest
+1 on this one
larma
+1 on b)
jonas’
(I would like to point out that writing a MUST NOT in an obsolete document seems kinda pointless :))
Ge0rG
I agree with obsoleting, but "this method is deemed insecure and MUST NOT be used" is a normative change and we MUST NOT enforce policy with protocol
daniel
ironcially we just deployed compression on a big project last week
Sam
I'm torn on this; I get the reasoning, but I also have deployed it on large projects and found it *extremely* beneficial
larma
Ge0rG: if you implement it, you must not use it ;)
moparisthebest
lots of insecure things are useful
jonas’
moparisthebest, I think I would be happier if, instead of changing the normative text, we add a huge security notice to the top of the document and the place where you'd change the normative text instead
jonas’
otherwise, it seems that the "MUST NOT" thing is, in fact, obsolete.
moparisthebest
the rationale behind putting the "MUST NOT" in regard to the *method* specifically is because I expect a new compression method to come along and resurrect the negotiation
jonas’
right, but at the same time, you're obsoleting that standard, including the MUST NOT
jonas’
that seems off
Ge0rG
-1 because of the MUST NOT
moparisthebest
I'm not married to it, happy to change as you all see fit
Ge0rG
I'd be okay with just obsoleting and adding a fat red warning in the security considerations
jonas’
what Ge0rG says.
daniel
yeah i think i'm -1 too. either just obsolete it (and put exi or zstd or whatever in a new xep). or just add a security warning
jonas’
-1 to b: what Ge0rG says :).
Sam
*thinks outloud* maybe it would be good to have an "editorial notes" section at the top of the XEP that's non-normative and doesn't require any update to the version because it's not actually part of the xep.
jonas’
Sam, unrelated to this, because stuff like that should definitely be versioned (thinking attic)
moparisthebest
I'll update this one too for next week :)
Sam
Nah, it would be versioned in Git and would be something the editor or council or whomever could update. Maybe call it "Editor Notes" and "Council Notes" or something. We don't version every website page in the attic
Sam
But anyways, not a discussion fo rhere
ncahuillahas joined
Sam
Just throwing the idea out while a relevant thing is being discussed.
jonas’
moparisthebest, thank you very much
daniel
c) XEP-0045: Remove some more mentions of GC 1.0
https://github.com/xsf/xeps/pull/1163
daniel
on list
daniel
it'll probably be fine. just want to double check later
Ge0rG
I think that "[citation needed]" is not appropriate in a XEP
Ge0rG
also on-list
larma
Same as daniel
jonas’
on list, also what Ge0rG says, I'll leave an editorial note
daniel
d) Obsolete some deferred XEP (0008, 0038, 0051)
https://github.com/xsf/xeps/pull/727/
moparisthebest
yea I'd be +1 if not for [citation needed]
jonas’
daniel, can we split that vote?
daniel
yes we can
jonas’
I'd like to vote +1 on obsoleting 0008, but I don't have an immediate opinion on the other two
Ge0rG
on-list
daniel
right. let me call them seperatly
Ge0rG
but I agree we should vote per-XEP
daniel
your votes on obsoleting 0008
daniel
on list
larma
I'm +1 on all of them
Ge0rG
+1
moparisthebest
+1 on obsoleting 0008
jonas’
+1 on obsoleting 0008
jonas’
(using the silence: I also have an AOB)
daniel
yes give me a second. i'm live editing the spreadsheet on a notebook screen :-)
jonas’
shall I take over?
jonas’
(for editing, that is)
jonas’
(well, I just filled in a few blanks)
daniel
ok. your votes on obsoleting 0038 now please
jonas’
on-list
daniel
larma's vote has been recorded already
moparisthebest
+1 on obsoleting 0038
Ge0rG
+1, but I'd like to have a XEP for mapping ASCII smiley to Unicode
daniel
i'm on list
jonas’
Ge0rG, that sounds more like a thing for modernxmpp / client UI
pep.
Ge0rG, jabber:x:data
daniel
next vote: obsolete 0051
moparisthebest
I'm +1 with prejudice on obsoleting 0051 because it needs major security considerations and just has "To follow" yikes.... fyi the very important security considerations are covered by https://datatracker.ietf.org/doc/html/rfc6120#section-4.9.3.19
Ge0rG
it's been deferred for over a decade, but is there anybody using it?
jonas’
+1, I think this is best addressed with <see-other-host/> stream error in RFC 6120, which also talks about the corresponding security considerations.
jonas’
(which I've actually seen in the wild)
daniel
i'm on list for this one too
Ge0rG
alright, given <see-other-host> I'm +1 on obsoleting
moparisthebest
I sure hope no one is using it, or if they are, I hope they are using it in a secure way... :/
last time there was a huge debate about them. but i dont recall the outcome
pep.
Yes
daniel
pep where?
jonas’
the outcome is that some people whose XML library can't deal with them don't like them
pep.
103? Referenced in the stickers thing
Sam
FWIW, I have seen multiple implementations (not just my own) that this will break even though technically I'm using an XML parser with namespace read support
jonas’
on-list for the protoxep
larma
I'm +1 on this
Ge0rG
can't we put a child element into the <x/>?
moparisthebest
I'm on-list, my gut reaction is to run from attribute namespaces
pep.
I'm not sure why that would be a blocker for experimental anyway
Ge0rG
on-list as well
daniel
attribute namespaces aside i'm thinking that we might want to think this bigger and version presences/roles as well
jonas’
pep., I agree, it shouldn't be a blocker for experimental
daniel
and not just affiliations?
Ge0rG
daniel: fully agree
pep.
daniel, there's already two XEPs for presence, doing about the same thing
larma
daniel, for presences there are 311 and 436
Ge0rG
it'd be awesome to get a differential membership update mechanism for huge MUCs
daniel
but yes personal opinions aside I agree that those aren’t blockers for experimental
daniel
i'm +1
Ge0rG
on-list
jonas’
I still need to read it, so I'll stay with on list
daniel
ok. thank you everyone
daniel
5) Pending votes
daniel
a) Georg on 'Proposed XMPP Extension: PubSub Type Filtering'
Ge0rG
+1
daniel
6) Date of Next
daniel
+1w wfm
moparisthebest
+1w wfm
jonas’
+1w wfm
daniel
7) AOB
larma
+1w wfm
daniel
jonas’, mentioned one but we are out of time
daniel
is everyone fine with extending by 10mins?
moparisthebest
Yes
jonas’
we can also move it to next week, it's not urgent
Ge0rG
I'm still semi-here, so ok
jonas’
ok, really quick
daniel
ok jonas’ go ahead
jonas’
the past two years with pandemic and so on have advanced the A/V technology and probably increase most of ours exposure to that.
jonas’
I was thinking whether we should or want to migrate this meeting to an audio-by-default, video-if-desired, chat-as-fallback format
jonas’
you can think on that in the week until the next meeting and maybe we can have a discussion then
jonas’
infrastructure won't be a problem (I have a Jitsi to spare)
Ge0rG
I'm very much -1, not only for auditability reasons
daniel
jonas’, i was actually considering proposing the same. although maybe on a monthly basis
daniel
like every first meeting in a month or something
Zash
Try Dino? 😉
larma
I wouldn't be entirely against, but I kinda don't like the idea of using not-standardized XMPP for this and I also don't think everyone wants to use Dino
Sam
The minutes would have to be written as the meeting goes on unless it's being recorded for auditability; that seems desirable though. Stuff gets missed when people do them afterwards.
jonas’
I'd volunteer to write proper online minutes for auditability
jonas’
(I've been doing that for various work meetings in the past two years and it's not a problem for me)
Kev
Didn't want to derail the meeting, but for 'editorial notes', I think they're a fine idea, but I also think there's no reason not to version them - numbers are cheap and we already have an editorial numbering scheme (the last number).
pep.
Judging by what minutes looked like in board (at the time) I'd hope that'd be worth it :/
moparisthebest
I also prefer text format as a standard, but I'm fine with audio if everyone else wanted it, or on a monthly basis or whatever
daniel
ok Ge0rG seems to be a hard no. but thank you for the suggestion. maybe something to think about or reconsider at a later date
Sam
I guess that's fine; versioning them as part of the XEP just means we have to bump a 10 year old final xep just because the editor wanted to add the note "by the way, this typo is incorrect in the example, please ignore it" or something
jonas’
I'd like to have a proper discussion including Ge0rG next week when we are not running out of time :)
daniel
ok
daniel
Close
daniel
thank you everyone
jonas’
thanks daniel!
moparisthebest
Thanks!
pep.
Not in council but that'd be a -1 from the floor. Maybe there can be trials to see how that'd go :x
Kev
re: Video/Voice/Text - High bandwidth is useful for Council themselves, if it's the only thing they're doing at the time and not e.g. on trains etc., while text is really useful for people following along, or reading up later. Maybe a poll of non-Council to see how many people actually take advantage of being able to read the raw logs would reveal that I'm the only person who does it, and there wouldn't be much value in keeping that if video was better for Council.
Sam
FWIW re video calls: I also thought about proposing something like this a few times when I was on the council. Having a face to face chat once a month or more would probably make things go smoother the rest of the time.
daniel
two years into the pandemic i figured out that i can hook up my full frame mirror less camera over usb and use it as a webcam (i had always assumed i needed a hdmi->usb capture device). but with gphoto it just works
jonas’out
moparisthebest
Also Zash some badxmpp that sends https://datatracker.ietf.org/doc/html/rfc6120#section-4.9.3.19 or 0051 before auth or where the target has a bad certificate would be interesting
Zash
moparisthebest, topic for somewhere else, probably jdev@ tho
Kev
> I guess that's fine; versioning them as part of the XEP just means we have to bump a 10 year old final xep just because the editor wanted to add the note "by the way, this typo is incorrect in the example, please ignore it" or something
That's true, but it's a bump where we already encode in the version number that the change was meaningless :)
moparisthebest
Just brought it up re: our vote here :)
Sam
Does bumping the version mean council has to weigh in for final XEPs? That seems to defeat the purpose
moparisthebest
I used to be strictly against audio and especially video in preference to text chat, but the last 2 years have shown me they can add some value when used periodically
pep.
« Kev> [..] how many people actually take advantage of being able to read the raw logs » I also do that often. Many things that get missed in minutes
moparisthebest
Sam: editorial changes don't need council, even if versions get bumped I think...
daniel
yes if anything we should probably start doing 1 in 4 meetings with A/V or something. see how people like it
daniel
(instead of every week)
Zash
(and do a Summit, so we remember there are actual humans attached to these nicknames/avatars)
Kev
> Sam: editorial changes don't need council, even if versions get bumped I think...
This.
Sam
Hmm, I thought final couldn't be bumped at all and draft required council.
Sam
Anyways, the whole point in my mind is that it's *not* part of the XEP, it could just as easily be a separate wiki page it's just included at the top for convenience, but I don't really care either way.
Kev
And, I realise this might be a pointless idea, but I wonder if there are services where people will transcribe video meetings for you, and if the XSF might be willing to pay for such a service for Council meetings if they went video - that way those of us who like to read up would be no worse off than now, and Council could enjoy the extra bandwidth.
Sam
There are; I forget what the one I used in the past was called but it cost <a lot> (I forget that too, just that it was expensive)
ncahuillahas left
pep.
A/V for crappy links isn't exactly great either fwiw. It'd be the case for me (if I were in council) but how many times have we heard Ge0r.G complain about his link :)
Sam
Although that was live transcription actually, so maybe it would be cheaper after the fact
larma
https://cloud.google.com/speech-to-text/pricing first 60 minutes free per month 😀
pep.
yay another google service
Sam
Seems reasonable
Sam
I forget this can be automated now.
moparisthebest
How do those do with accents I wonder?
moparisthebest
There are some even British accents that are completely incomprehensible to me
Sam
The robots are probably better at this than you, they have a larger training set :)
Sam
(that's a serious statement, not a joke)
marc0shas left
marc0shas joined
moparisthebest
Very possible, I never know if that's the case or whether 100% of their training data were people with California accents
marc0shas left
marc0shas joined
mdoschhas left
mdoschhas joined
Ge0rG
moparisthebest: I think the problem won't be the accents but rather the slang.
Ge0rG
translation services are horrible at technical slang
moparisthebest
Probably true
pep.
Too Many TLAs
jonas’
I'll see if I can get a demo of a minutes file I created from an A/V meeting