XMPP Service Operators - 2021-07-01

tom, Licaon_Kter, I wrote two things: https://linkmauve.fr/extensions/xep-0280.html and https://linkmauve.fr/software/clients.html

The first one is for when you are interested in a particular XEP, to see which clients/servers you can expect to interoperate with, and which libraries you can use to not have to implement it yourself, and as an author or security researcher who to ping for issues.

The second one is more directed towards users, it exposes the implementation level for the current Compliance Suite so that users can make an informed choice.

It’s currently blocked for inclusion on xmpp.org by me (or someone else, please help pretty please!) having to integrate with their docker thingy.

Wow, really nice 👍

Link Mauve, if you need help with something there, can you make an issue on the xsf/infrastructure repo? I kinda use it as my iteam todo list (and I have a block of time set aside for XSF infra work every month)

Sure, I will!

The imbricated nginx thingy was a bit too complex for me to understand the last time I looked, plus it filled me with disgust which didn’t help with my work. ^^'

:)

> Wow, really nice 👍 +1

Link Mauve: https://linkmauve.fr/software/clients.html is very hard to read and compare clients.

rozzin, what would you suggest as an improvement?

Link Mauve: a client/feature matrix (or a client/featureset matrix, since you're listing featuresets instead of features there).

rozzin, ah, a change that was planned but never done (so far) was to use images for the Compliance: line.

https://aws1.discourse-cdn.com/standard17/uploads/opensourcedesign/original/1X/8fe36f85fa8baad7728d48f692d6703574aaa85c.png

Like those maybe.

rozzin, that’s not the role of this page, and would make it look very complex while it isn’t.

But a feature matrix would be useful for a different kind of user/developer.

Link Mauve: orthogonal question: "core core"?

This new client page puts the focus on the screenshot, because that’s what I expect users ending there to pick their client based on.

rozzin, I couldn’t figure a better name for that. ^^'

Link Mauve: what do any of those terms even mean? It looks like the terms are all hyperlinked, but the links all go to the client websites instead of a glossary.

rozzin, see https://xmpp.org/extensions/xep-0443.html

Link Mauve: if you expect whatever class of people reading your client featureset listing to read that XEP, you should link to it 😃

Really?

My target here is end users who end up on xmpp.org because of our (bad) marketing, not people who’d read specifications.

Link Mauve: I did say "if"....

I think the "Core" compliance level should be named "Basic" or just not included. "Core Core" -> "Core (Basic)" or just "Core"

The idea of putting the compliance here is that it is a somewhat objective (haha, as if) way of ordering clients from “best” to “worst”.

MattJ, ideally that’d be up to the designer of the logos.

Ok, so waiting for logos :)

But s/Core/Basic/ might be an idea, in the XEP too.

Link Mauve: my point is that *nobody* is going to want to *go search for a XEP* to figure out what those labels mean.

Right.

Images.., eh I can't search for an image?

rozzin, you mean using Ctrl+F? Nobody does that anyway...

But I'm sure PRs are welcome. You seem to have lots of ideas for improvement :)

My code is self-hosted, not at GitHub!

So no PR supported since gitea was too heavy for my server.

git clone https://git.linkmauve.fr/xmpp-doap.git/

Link Mauve, it generates some intermediate machine-readable files, iirc?

MattJ: obviously some do.... and even if "nobody does"..., that's a big difference from "nobody should be able to".... I think maybe if there's just alt text for the images it fixes that problem, though.

Yes, but only for the XEP pages, not for the client list.

The client list is pure HTML.

Ok

I did it that way for the XEP page because the tooling was kind of incompatible with XSLT.

And I couldn’t figure how to generate a HTML page from two XML files using XSLT.

But if someone manages to do so, it would be a better solution than my current JS imo.

For instance, because it wouldn’t rely on JS being supported in the browser.

rozzin, once we have logos for the compliance suite, I’ll make sure to keep the current text as @alt, this is a basic accessibility concern.

Link Mauve: > that’s not the role of this page, and would make it look very complex while it isn’t. > But a feature matrix would be useful for a different kind of user/developer. All you really need to do is put the words/logos into a "stack" with fixed locations....

rozzin, if you feel like doing the CSS work, I can generate the HTML.

Link Mauve: I'll give it a shot.

Thanks. :)

You could base it on https://people.freedesktop.org/~imirkin/glxinfo/#v=Mesa%2013.0.0&p=compat or https://mesamatrix.net/

Link Mauve: huh—I was actually thinking of something like https://linkmauve.fr/software/clients.html just with different layout of the "Compliance" section within each client box.

Would you be able to make a mockup, so that I could understand what you mean?

Link Mauve: that's what I meant by "I'll give it a shot" 😃

Thanks. :)

The first change is to pin the "compliance" subsection to the bottom of the client cell 😃

so the eyes don't have to go up-and-down to find things while scanning across a row.

That’d be nice indeed, but… how does one do that in CSS? :x

And if there's no client logo do put a placeholder of the same size so our eyes don't flicker :)

I expect client devs to priorise DOAP higher once this change goes live on xmpp.org.

So missing logos won’t stay missing for too long.

I hope...

DOAP all the things!

uggh, as always I'd like to publicly register my objection to using more over engineered XML on the web. This will just lead to clients where the devs have the capacity to maintain lists or who can generate them being recommended and everyone else left in the lurch.

Your objection has been successfully registered.

If you as a client dev can not host and maintain a XML file, you will just give a worse presentation of your client than your competitors on xmpp.org.

Not worse than the current one though, just worse than other clients.

That's what Sam is concerned about :)

resistance is futile

obey

%s!compliance!obey!g

something something "rough consensus and running code" , ie if you don't like it put up or shut up :P

oh nice

there's already a presenter of doap urls https://github.com/xsf/xmpp.org/blob/master/data/README.rst

doap wars 2.0 when?

🤣

rozzin: https://github.com/psi-plus/psi-plus-snapshots

https://github.com/vacuum-im/vacuum-im

Vacuum is actually really good

doesn't have asyncio issues like psi

make sure you run master though

it's pretty clean

sorta similar to adium

vacuum-cleaned?

really nice ui though that doesn't fall for the trendy smartphone ui on a desktop meme

has some nice paradigms like a recents section

fully async disco

no tons and tons of compiler warnings

the client has an interesting property though in that it is fully modular. Absolutely everything is a plugin

> List of plugins that SHOULD NOT be disabled ...24

tom, fyi, An error occurred during a connection to www.vacuum-im.org. PR_END_OF_FILE_ERROR

If you’re in contact with them, could you forward them this issue please?

I am a jelly donut

hi jelly donut

ok

but the website is pretty worthless just use the shithub

Ok.

https://github.com/vacuum-im/vacuum-im

What do I do when this happens? https://f.perl.bot/p/nfma6y

and when i query the registrar's whois server, I get this error: The queried object does not exist: not found...

Registrar Abuse Contact Email: Registrar Abuse Contact Phone:

Do I file a inaccuracy complaint with ICANN?

that domain doesn't seem to serve xmpp

what domain? I didn't post one

oh, inwx is the registrar and not the target. Sorry for my confusion

Seems typical though, for example https://www.whois.com/whois/colloquy.ca

the registrar doesn't seem to have any records of that domain

The queried object does not exist: not found...

How are we supposed to report issues if there's no abuse contact, administrator contact, technition contact, or registrar contact?

seems like their system is working then

tom: welcome, maybe Martin has some thoughts :))

tom you want to submit an icann violation for that?

all WHOIS records are like that now

due to gdpr

Me?

For .de domains you have to give a valid contact

To the registrar

Its not a gdpr thing.

Whois is a husk at this point

Харпер: Not sure what else to do

I need to contact them regarding an abuse and interoperability issue

so yeah

tom, you can try to get an abuse contact for the ip address they are hosting by whois'ing that ip adress

this will work for proper abuse *if* they are hosted at a reputable network - if it's cloudflare, then that will be more difficult

Does cf send abuse reports to /dev/null

I know of sites doing spearfishing malware that I've reported to zero response

According to Fedi, CF forces you to identify then passes your PII to the abuser :))

Good thing I didn't give cf my info

Kinda expected them to pull something like that

Well that's how I remember it, some lady vs some trolls or terfs or nazies or etc

tom: typically just abuse@registrar.tld

In the example lookup I posted, though not listed, it's abuse@whc.com

rob: do you know why that's not listed?

I don't, but I checked another domain I have with the same registrar and it is. So maybe a configuration issue on their side

https://www.whois.com/whois/loranger.xyz

Sorry it's whc.ca but still

thanks karim