jdev - 2023-12-22

  1. nicoco

    I'd like to add "room config" support for my bridged rooms. Most muc#roomconfig fields will be unused. What would be the legal approach here, when a client requests the muc#roomconfig form? - do not specify a FORM_TYPE? - omit fields that cannot be modified? - use 'fixed' type for fields that cannot be modified? - option #4?

  2. lovetox

    Omit fields I would say

  3. lovetox

    A form is there to fill out

  4. lovetox

    What's not there cannot be filled out

  5. lovetox

    Label is a bad idea it will make UI look wrong

  6. singpolyma

    Either omit or fixed depending if you want to display that info or not

  7. lovetox

    Ah I misread fixed

  8. Zash

    Do we have any mandatory fields?

  9. singpolyma

    TBF I think gajim renders fixed as a label and ignores the label attribut on it at the moment

  10. lovetox

    Bur is fixed not used for categories?

  11. lovetox

    I think prosody uses it for that

  12. singpolyma

    There is a whole xep for that (data from layout)

  13. singpolyma

    There is a whole xep for that (data form layout)

  14. Zash

    https://xmpp.org/extensions/xep-0004.html#table-2 says "[type=fixed] is intended for data description"

  15. lovetox

    The field is intended for data description (e.g., human-readable text such as "section" headers) rather than data gathering or provision.

  16. singpolyma

    A fixed field with no label can be used as a degenerate label, but imo when it has a label both should display

  17. Zash

    Is it dataforms confusion time of the year again? :D

  18. singpolyma

    Dataforms is not as good as it should be at forms that both provide data and ask for more. It's on my short list of deficiencies

  19. Zash

    If we're listing dataforms peeves, I'm missing an array-of-strings type field that isn't JIDs and isn't picked from <options>

  20. Zash

    text-multi isn't it

  21. singpolyma

    You mean some options but you can add more?

  22. Zash


  23. singpolyma

    This is list-multi with validation type open (from validation xep) we support this and use it a lot

  24. Zash

    https://xmpp.org/extensions/xep-0122.html#usercases-validation.open I guess but who implements that? And the fallback behavior would be poor.

  25. singpolyma

    Fallback behavior for single is that you have to pick from the list. How poor that is depends on how often you want something not on the list

  26. nicoco

    thanks for the replies :) I wasn't sure (because I have not read it all 😱️) that it was legal to use a FORM_TYPE but not have all fields present, apparently it seems OK :)

  27. Zash

    nicoco, I think it's more of an xmlns attribute for the form.

  28. Zash

    Not sure if it applies to MUC but some automated tools might "blindly" submit forms with pre-defined fields they think should be there, so you should (as usual) ignore anything you don't understand.

  29. nicoco

    Ignoring is easy, cool!

  30. lovetox

    yes Gajim sends a form on creation of muc

  31. lovetox

    its not blind though

  32. Guus

    I have updated https://xmppnetwork.goodbytes.im/ . It is now only identifying XMPP domains that themselves provide data for this graph. That's less data in the graph (but more nodes, as unidentified nodes now are not de-duplicated), but it addresses privacy concerns that were raised this week.

  33. kapad

    ~/Just some thoughts... Maybe not the right place, but triggered here, so. While xmpp/pubsub/activity pub/ are not new things in tech, last years there is invitation to people to use these protocols/services/implementation for their social activity, for among other reasons more privacy and less personal attrs leakage. But, it is the implementation that actually try safe users' privacy and prevents leaks. So users for having reasons on more privacy, must take care of this, and blindly trust a service because uses `xmpp` or `activity pub`. For example, it's terrible easy for a script to build a servers,users graph of thousands or more (except press Ctrl+C), pubsub can easily even with a tune or avatar help to identify a user through `social engineering`. I know all that is not something new for people in this room, but for users that start use not mainstream services like fb, X, ..., maybe cant imagine that a decent activity pub server that is `open` not because of track and expose users, but because believe in freedom and free speech, can lead them to same exact privacy issues ...

  34. kapad

    In short, while the tech side of these protocols evolved, must also in parallel exist an education and information about the services, also service designers take a specific time to though all these, and not wait only for the users to filter/alllow/block things. It would be good, things gone right from the start, as so that possible... that's all.

  35. kapad

    (...) users must take care of this, and **not** blindly trust a service because uses `xmpp` or `activity pub`. ...

  36. Guus

    I'm sorry, but I am not understanding the details of your message.

  37. Guus

    As for xmppnetwork.goodbytes.im, it now accepts the new data format, in addition to it no longer showing domain names for domains not supporting the XEP. I believe that takes care of all privacy issues that were raised. I'm eagerly anticipating that server support in other servers. 😁