-
larma
daniel: can we add https://github.com/xsf/xeps/pull/1188 to the Agenda?
-
daniel
ok
-
moparisthebest
Now that's a list to vote on!
-
moparisthebest
o/
-
Ge0rG
/o\
-
larma
šļø
-
jonasā
o/
-
moparisthebest
moooommmm the ecosystem is moving again!!!
-
Ge0rG
don't moxie me!
-
daniel
Either my Dino or my notebook has connection issues
-
daniel
Give me one second
-
moparisthebest
perhaps both!
-
daniel
It's time
-
daniel
1) roll call
-
daniel
is jonasā around?
-
daniel
aehm
-
daniel
wonder if they are fixed now...
-
moparisthebest
well that message came through but that's all I can be confident about
-
jonasā
two generals?
-
daniel
yes plus a few delayed ones
-
daniel
ok. I think we are good now
-
daniel
2) Agenda bashing
-
daniel
larma wanted to add https://github.com/xsf/xeps/pull/1188 - I suggest we just do that as an aob
-
daniel
3) Editors update
-
daniel
- Proposed XMPP Extension: PubSub Social Feed (https://xmpp.org/extensions/inbox/pubsub-social-feed.html) - Proposed XMPP Extension: OpenPGP for XMPP Pubsub (https://xmpp.org/extensions/inbox/pubsub-encryption.html) - Proposed XMPP Extension: SASL SCRAM Downgrade Protection (https://xmpp.org/extensions/inbox/xep-downgrade-prevention.html)
-
daniel
4) Items for voting
-
daniel
we have a long list today
-
daniel
a) Proposed XMPP Extension: PubSub Social Feed (https://xmpp.org/extensions/inbox/pubsub-social-feed.html)
-
daniel
lgtm on first glance but want to take a closer look. on list
-
moparisthebest
I'm +1 here I don't even have nits
-
jonasā
I note it references XEP-0071 (XHTML-IM)✎ -
jonasā
I note it references (and uses) XEP-0071 (XHTML-IM) ✏
-
Ge0rG
on-list
-
jonasā
which I'm not opposed to, nowadays I believe the deprecation of XHTML-IM was a mistake
-
jonasā
I'm +1
-
jonasā
this seems like a reasonable embedding of Atom
-
Ge0rG
can we de-deprecate it?
-
jonasā
Ge0rG, we can do everything, if need be, if we can get Board on board
-
jonasā
the only thing I'm missing is words on how this relates to ActivityPub
-
jonasā
but that's no blocker
-
Ge0rG
sorry, I wasn't being very serious.
-
larma
I'm on-list
-
tmolitor
just my 2 cents: I thnik deprecating it for pure IM cases was a good thing, but for other things like social feeds, it should still be possible to use it...
-
daniel
b) Proposed XMPP Extension: OpenPGP for XMPP Pubsub (https://xmpp.org/extensions/inbox/pubsub-encryption.html)
-
daniel
on list
-
jonasā
let's not go into that rabbithole :)
-
Ge0rG
on-list
-
jonasā
on-lits✎ -
jonasā
on-list ✏
-
moparisthebest
I have some comments like it should probably specify at least some PGP algorithms that should *not* be supported, but so should OX, generally lgtm though, I'll bring it up on-list
-
daniel
is this a +1?
-
moparisthebest
on-list :) sorry
-
daniel
ok :-)
-
larma
+1, although I'd love if it was mentioned that this only supports encrypted content (it can't be signed only). Also I started to dislike OX in general (from original being a fan) but that's another story š✎ -
jonasā
the signature thing has been raised on-list already, and there's something in the making for that IIRC
-
larma
+1, although I'd love if it was mentioned in title/abstract that this only supports encrypted content (it can't be signed only). Also I started to dislike OX in general (from original being a fan) but that's another story š ✏
-
daniel
c) Proposed XMPP Extension: SASL SCRAM Downgrade Protection (https://xmpp.org/extensions/inbox/xep-downgrade-prevention.html)
-
larma
on-list
-
daniel
I have mixed feelings about that. I'm not really sure it fills a gap in the xmpp protocol
-
moparisthebest
yuck, another "try to protect password from MITM'd TLS" set of hoops, which I'm opposed to on principle, though the spec itself looks fine :/
-
daniel
the use case or the scenarios where this provides additional security is super niche
-
jonasā
(filling a gap is only a requirement for moving on to Stable :))
-
tmolitor
no, it does not try to protect passwords, but to detect such MITMs and it tries to protect the list of channel-bindings as well
-
daniel
mitm detection is not necessarily about protecting the password; but about protecting against mitm
-
moparisthebest
right that's fair
-
daniel
which i generally think is a good thing. not sure this one is the correct approach though
-
tmolitor
I think the main usecase is to protect the channel-binding list
-
Ge0rG
on-list
-
daniel
on-list too
-
jonasā
I have words on list I think
-
moparisthebest
same, on-list
-
larma
tmolitor, maybe then don't put requirements in if they are not really requirements š
-
tmolitor
larma: they are requirements, but both requirements are not equally important
-
daniel
d) Should this go into XEP-0198? XEP-0198: Add section defining SASL2 and BIND2 interaction https://github.com/xsf/xeps/pull/1215 this one is not about merging the PR; because this depends on other things; but getting an idea if council would like this in 0198 or in a new xep
-
tmolitor
if you have proper channel-binding in place, you won't need to protect the SASL mechanism list...but if you don't have channel-binding, protecting the SASL mechanism list is of value
-
daniel
to me the change is backward compatible enough that the discoverability of putting it into 198 is worth it
-
moparisthebest
I agree putting it into 198 is best
-
jonasā
tmolitor wants to see the world burn and writes verbatim `/>` in XML cdata :D
-
larma
I think we first should talk about the updates to xep-0386/xep-0388 before considering this PR
-
moparisthebest
good :)
-
jonasā
yeah, works for me✎ -
jonasā
yeah, integrating this in '198 works for me ✏
-
Ge0rG
larma: I agree with that, both are Deferred, and adding them into 0198 as-is seems counterintuitive
-
jonasā
please see what daniel wrote.
-
jonasā
(and I, in the xeps issue tracker)
-
jonasā
> [ā¦] but getting an idea if council would like this in 0198 or in a new xep
-
jonasā
this is not about merging, just figuring out if I need to tell tmolitor to put it in a new XEP, so that they can go ahead and do that
-
daniel
I think it's likely that some updates to bind2 and sasl2 will pass (soon-ish) to un-defer them and to actually allow for what this PR is doing
-
jonasā
(instead of blocking on dwd to accept the changes to bind2 and sasl2, and then blocking again on rewriting the update to '198 as protoxep)
-
daniel
without consequences to the questions if we want something like this in 198
-
Ge0rG
For discoverability, it would suffice to have a short list with the XEP titles.
-
Ge0rG
is #1215 adding new content that's not found in 0386/0388?
-
daniel
both bind 2 and sasl2 are extensible. the question is should 198 say "i'm a bind 2 extension" or should there be a new xep that says hey you can use 198 as a bind 2 extension
-
larma
I think it would be fine to put this into 0198 IIF it's reasonable to assume that 0386/0388 are moving to stable soonish.
-
Ge0rG
larma: +1 to that
-
Ge0rG
I was just trying to understand if it's adding new protocol or just new examples of documented protocol
-
tmolitor
Well #1215 does not add new content strictly speaking, one could infer the details of '198 and '388 interaction themselves, but #1215 makes these things more discoverable and concentrated to one point
-
Ge0rG
conceptually speaking, I think making 0198 say "I'm a bind2 extension" is more logical than making bind2 say "this is the 0198 bind2 extension btw"
-
daniel
i donāt think bind2 would say that. if anything there would be a third xep - I think
-
tmolitor
it tries to explain some uncertainties one may have when implementing '0198 for SASL2 and BIND2
-
daniel
but I think we have enough of an answer here
-
larma
Even if 0386/0388 changes are merged, it is not a given that they are going to stable soonish and I wouldn't like to see a stable xep pointing to experimental/deferred xeps and thereby confusing implementors of 0198
-
jonasā
larma, what if a note is added which explains the why?
-
Ge0rG
larma: I think the Ā§9 intro is clear enough to not confuse readers
-
larma
I think it would be fine to just not have it in 0198 while 0386/0388 are experimental. Because IMO it's fine if the experiments are partially underspecified (that's how things typically have been in experimental in the past anyway)
-
Ge0rG
but yeah, having a note in Ā§9 saying that you only need to implement the respective subsections when you implement xep-0386/xep-0388 would probably be good
-
tmolitor
I can add such a note, if that's what council wants
-
daniel
a note like this certainly wonāt hurt
-
jonasā
larma, would that be sufficient so that it's ok to include to '198?
-
jonasā
mind that we cannot fully control *when* things go to stable, so it must also be ok if that won't happen immediately
-
Ge0rG
I think it would be premature to add it now, but I'm not sure what amount of activity around 0386/0388 would warrant the merge
-
larma
I think this belongs in 0198 and if it makes things much easier to everyone we can add it "early", but I'd rather see to have at least some delay between merging 0386/0388 and adding this when it's not strictly required to get the experiments roling
-
moparisthebest
perhaps a good % of clients and servers implementing an update to them and a ton of traffic on the mailing list ?
-
Kev
Logically I think bind2 provides a mechanism, and then other xeps can say that they use that mechanism, so saying in 198 how 198 interacts with bind2 makes sense to me. Similarly anything else that may fit into the bind2 exchange.
-
Kev
For a future XEP that does something during bind it makes much more sense for the future XEP to say "And this is what happens during bind" than BIND2 mention every possible XEP that could be used with it.
-
daniel
ok we are running up on a time limit. I donāt think we are going to fully answer the question today and it all depends on bind 2 and sasl 2 changes to be merged anyway
-
jonasā
(though it seems there are no strong arguments against having this as a '198 update *eventually*)
-
larma
moparisthebest, ton of traffic on mailing list IMO rather indicates that there are likely going to be changes which is rather an indication to not touch 198 yet
-
Kev
(bind2 will be merged, presumably, as it's Experimental and the Author is happy with it. SASL2 may be another matter)
-
daniel
I'm taking away that 198 is the right place. it's only a matter of figuring out the correct time
-
larma
daniel, +1 š
-
moparisthebest
larma, right just that it's indicitive of the "amount of activity", and +1 on what daniel just said
-
tmolitor
I've just added a note: https://dyn.eightysoft.de/xeps/xep-0198.html#inline
-
daniel
are people ok with extending the meeting by 10mins?
-
moparisthebest
yep!
-
jonasā
I am
-
daniel
(I would like to start voting on the other two items today)
-
larma
sure
-
jonasā
quorum, let's go
-
daniel
e) XEP-0045: Remove more of GC1 (https://github.com/xsf/xeps/pull/1213)
-
daniel
+1
-
moparisthebest
+1
-
jonasā
+1
-
larma
+1
-
Ge0rG
+1
-
Kev
We're sure this doesn't open the door to people not including the payload?
-
daniel
passed. thank you
-
daniel
f) XEP-0167: Release version 1.2.2 (https://github.com/xsf/xeps/pull/1212)
-
daniel
+1
-
jonasā
Kev, > In order to inform occupants of room roles and affiliations, and to make it easier for clients to track the current state of all users in the room, MUC service implementations MUST provide role and affiliation data (and, if allowed by the room configuration, full JID) in all presence stanzas, including presence stanzas of type "unavailable" sent when a user exits the room for any reason.
-
jonasā
that requires the <x/> element, IIRC
-
Kev
(ok)
-
moparisthebest
+1 on f)
-
jonasā
+1 on f)
-
Ge0rG
+1
-
larma
I don't think f) needs council (schema is non-normative IIRC), but +1 anyway
-
daniel
5) Pending votes: none
-
daniel
6) Date of next
-
daniel
+1w wfm
-
moparisthebest
+1w wfm
-
larma
+1w wfm
-
jonasā
+1w probably wfm
-
Ge0rG
+1w wf✎ -
jonasā
(RIPE GM is in parallel, but past experience says I can attend the council meeting nontheless)
-
Ge0rG
+1w wfm ✏
-
daniel
7) AOB larma said something about https://github.com/xsf/xeps/pull/1188 - can you repharse this is an action council should consider taking?
-
jonasā
I suppose making dwd react
-
larma
what jonasā said š
-
larma
or decide without him
-
jonasā
(and or making larma co-author officially)
-
jonasā
but given that dwd is reactive elsewhere, we should try poking him first
-
jonasā
though that is strictly the editor's job
-
jonasā
so I'll shoot him a mail now
-
daniel
ok. thank you jonasā
-
daniel
any other aob?
-
larma
not from me
-
moparisthebest
none here
-
larma
(and thanks jonasā )
-
jonasā
(mail sent)
š„°ļø 1 -
jonasā
and no AOB here
-
daniel
ok. assuming none then
-
daniel
8) Close
-
jonasā
thanks daniel, thanks all
-
daniel
thank you all
-
Ge0rG
thanks!
-
moparisthebest
thanks all
-
tmolitor
thanks
-
Zash
Oh look, reactions! https://logs.xmpp.org/council/2022-10-19?p=h#2022-10-19-8d7503edf14921df
-
jonasā
whaaat
-
larma
Now the only thing we need is stickers!
-
moparisthebest
Hey, get off my lawn
-
moparisthebest
(seriously though, neat :))
-
Zash
No, now it's inline custom emojis apparently
-
larma
custom reactions
-
moparisthebest
:yes-indeed-mountain-man-nodding:
-
Zash
<reaction>lol</reaction>