XMPP Summit - 2013-10-21

hi any details for remote participation in the summit?

it's a bit early at the moment

they are like 9 hours behind, but I think that there will be a hangout, like last time

ironically

we should do a webRTC

;-)

And only 9 participants allowed in the hangout.

m&m: You can't?

now I can

I think

yay

Summit 14, Portland

http://piratepad.net/L89H3Q8rao

Summit 14, Portland | http://piratepad.net/L89H3Q8rao

https://plus.google.com/hangouts/_/f1eca0311bb12a659a2abbc58ee581d8e37eaa3d?hl=en-GB

Hi there!

EHLO

250 Hello

See hangout link above. Hopefully when Lance and Fritzy arrive it'll be moved to a better computer (read: not my laptop)

hopefully better A/V equipment shows up soon

the current speakers are faint

Sorry, on laptop microphone

evidently, and I've got some idea of XMPP latency between you and here (-:

EHLO dave.cridland.net

<stream:error><not-well-formed xmlns='urn:ietf:params:xml:ns:xmpp-streams'/></stream:error>

lloyd, Where's the hangout link? I'll join on this and should be able to spin it up on the back camera, point it at Simon and stuffs.

https://plus.google.com/hangouts/_/f1eca0311bb12a659a2abbc58ee581d8e37eaa3d?hl=en-GB

thanks dave!

the audio is slightly better, but the video is gone

yeah, it was a short peek

Oh, it drops video when I switch away?

apparently

back

think we should stay away from a discussion on trust, but indeed on compatibility

(do you trust verisign?)

Hi steffen!

See the history for the hangout link

Hi Winfried!

long time no see!

yeah!

too many projects still on the shelves :-P

winfried: all well? Haven't seen you online for some time.. but that might just be the projects. :-)

my presence had been a bit erratic, yes

:-)

not cooperating much online right now, so I get a bit sloppy with my IM clients...

why not using webRTC and XMPP instead of hangout?.. just such a paradox. :-)

would love to testdrive it...

steffen: because multiuser is hard with webrtc

fippo, still full mesh-only?

ohh I see

p2p...

tobias: unless you want to pay a silo for providing MCU services ;-)

fippo: we can do it like skype did it.. auch

ha ha yes

fippo, can't we throw jingle nodes at that problem ^^

just use one of your powerful contacts as MCU

that is something we might try soonish

but yeah...with video, each participant takes an even bigger chunk out of your bandwidth

fippo: otherwise it looked cool at the realtimeconf.. was it you that lance was conencting to?

steffen: yes, that was me

fippo: just saw the video

https://github.com/legastero/jingle-interop-demos -- check those against your favorite xmppserver

btw: can I view a video of that presentation somewhere?

winfried: http://vimeo.com/77289728

thanks!

had some problems with the andyet impl.. (talky.io) in chrome

we lost the feed

Dave just noticed

and my browser died...

yawn

he's horrible at A/V Club (-:

who hired that loser (-:

:-)

Was it a hangout? or talky.io?

ralphm: no audio

oh, I thought somebody would send audio

reenabling

audio is back

yes

better?

yes

yes

Sorry, I'll reconnect.

Only me talking, so uninteresting. :-)

TOO MUCH AUDIO!

auuch stop that noise

echooooooooooooooooo

certainly unintresting ;-)

yeah

two active mics + one room - mixer == BAD

how to connect to the hangout ?

https://plus.google.com/hangouts/_/f1eca0311bb12a659a2abbc58ee581d8e37eaa3d?hl=en-GB

ah..posh talk :)

lost audio

me too

m&m muted me

sorry!

audio back

thanks

I hit the wrong button

ha ha

then it wouldn't let me unmute /-:

we could turn the xmpp server network in some kind of onion routing

think about it, much of the infrastructure is already there...

and then you could involve clients, if they're willing to suffer through any bandwidth increases

which could be interesting

definitely

proxy65 over proxy65??

Zash, want to beat WebRTC in crazy protocol layering?

Tobias: Multiple layers of prox65 is not nearly crazy enough to even compete with WebRTC

I see Ralph's figured out captions. :-)

pretty neat yes

more of those

Ralph's now quitting XMPP and going into TV news.

:-)

ha ha.. ralph the producer

he is a superior cameraman than the previous loser (-:

:-)

m&m, That from someone who accidentally muted the feed...

I blame the tooling

dropping … if the sec or BOSH stuff starts back, could someone ping me? gracias

ok

wow stpeter got a new non-mac laptop

or is it my eyes

yeah, it is a System 76

nice

linux...

can it run OSX? ;-)

it seems like we are not web devs.. ;-)

Does it run XTerm?

good idea Simon,. I agree

on the front page and put simple

Better describe what you can do with XMPP

http://web.archive.org/web/20090207135716/http://xmpp.org/ is what we had before

or a video.. like amqp has: http://www.amqp.org/video

m2m

military2military?

:-)

but indeed: give an idea about what can be done with it, give examples of applications, its strongs

yup...sounds good

yeah. I've done satellite com, TV presence, second screen.. but not that much chat.. and people does not know that.

use XMPP because of routing, security and federation

:-)

And a great ecosystem containing a lot of building blocks

exactly

amqp impl.. :http://www.rabbitmq.com/

ralphm: we all want the tutorials, whitepapers etc, but none of us takes the time to write them.... I feel the real problem is in there...

and they got good tutorials

http://www.rabbitmq.com/getstarted.html

I like the way that the tutorials are organized..

yeah, that is nice

winfried: I thought I said exactly that

well... living in two worlds right now,might be missing some points...

winfried: I frown upon your dedication to this summit :-D

the tutorials are organised after patterns.. I like that. If we could do that.. but it might be hard, because of our genral purpose protocol

Steffen: right

:-D

Steffen: but to explain something like pubsub (only) it is pretty good

We have the wiki I started to do this for IoT on http://wiki.xmpp.org/web/Tech_pages/IoT_systems

I've started to use rabbitmq for half a year ago.. and I'm almost an expert now.. It took me several years with XMPP ... :-)

jabberjocke: cool

I've started a white paper about large scale xmpp..

ralphm: yes. So we could dig out some genral patterns.. for routing

ralphm: pub/sub, direct presence, etc.

steffen: thats intresting, large in klients or large in nr of domains

jabberjocke: large in clients :-)

jabberjocke: but they do stick a bit together

steffen: the IoT challenge is the management of large number of clients in each domain that need to interact with each other

over the domainborders

he he yes

and I don't know if thats ever possible with rabbitmq

you can do routing and filters

of course pub/sub, topics etc. but to compare that with XMPP would'nt be fair. :-)

it's all about access to the server.

xmpp is all from the klients

yes

we can have another session on this :)

jabberjocke: sure :-)

does anybody know if this video session is being recorded?.. because I won't stay up all night.

g2g...have fun

cu

cheers Tobias

well have good lunch

have a nice meal!

9pm in Uppsala

another coffe I would say

already had dinner here ;-)

I want to see you guys eating :-D

looks plenary right now

but I feel muted...

thanks for the sound

we're really in recess, though

Bear's beard looks even more impressive

if that is even possible

Pix or it never happend

audio drop

and it's back

audio drop

I blame google

please take some photos to update http://xmpp.org/participate/the-xmpp-summit/

I hear nothing at all!

All Googles fault

yea

but not now

yupp

not now

now

video froze

is this better?

no

and no audio

I switched audio to the laptop's

weird

what browser?

the audio sometimes seemed to clip

but now it totally gone

better like this

(at least for me)

/nod

cool

jabberjocke: I still have some pics that I need to upload

lost audio

jabberjocke: some from portland a couple of years ago and from europe last year

it mutes me when I type

ah

keyboard detection

the wordpress wouldn't upload them

issue with directory access rights

hey Ashley Ward

Hello!

hi!

What's the current subject? Jingle/WebRTC?

Lunch

Yum!

but yeah, jingle seems to be a topic

/sigh

//sigh

agree

Node should suit an xmpp server pretty well

started viewing syslogs insteas

ralphm: when you get a chance, I would greatly appreciate you turning off that Google Effects background

Is that your little girl, winfried?

Yes she is my oldest one

(10 years)

No doubt amused by the geeks!

have a 6years old too

definitely

:)

but she is quite geeky too

did some testing with her and she managed to freak out a chatapplication a web builder had been working on for 2 years within 5 minutes

:-D

Excellent - training her well. My 20 month old loves computers too.

yeah... still have the first text she wrote on the keyboard

Same here!

ha ha cool

printf("Hello World") ?

LOL

10 PRINT "Emilia is great. ";

20 GOTO 10

ha ha

my first basic on c64

well.. prob. not the Emilia part. ;-)

:)

I did that on a http://en.wikipedia.org/wiki/ABC_80

and on a spectrum.. those were the days

no colors

mono.. luv it

I started on a Commodore 16.

http://en.wikipedia.org/wiki/TRS-80 and http://en.wikipedia.org/wiki/Philips_P2000

ohh yes. that black box

Spent lots of hours on a model III

yes. I've started on VIC20 and later c64

oh, yeah the vic20

made demos and stuff.. when it was more barebone and fun. :-)

great computer

http://en.wikipedia.org/wiki/Texas_Instruments_TI-99/4A had sprites

wow

never tried that one

nope

my first saved for ages

how about doing an XMPP server on c64.. could be fun

I had an Philips MSX 1 and later an MSX 2

ah yeah MSX!

could we get ralphm to turn that background off now

MSX

http://hld.c64.org/poldi/lunix/lunix.html

thanks

Has a TCP/IP stack and everything

nice

cool

can somebody take notes on the piratepad?

helps me a lot

+1

+1

the sound is not that good

Hmm :-(

For the uninitiated: http://piratepad.net/L89H3Q8rao

Re this > - authentication downgrades (SCRAM to PLAIN) what if you put the list of available SASL mechs into a TXT field? (with DNSSEC)

Summit 14, Portland | http://piratepad.net/L89H3Q8rao | https://plus.google.com/hangouts/_/f1eca0311bb12a659a2abbc58ee581d8e37eaa3d

Zash, You could, but really you'll get that post-TLS anyway.

Zash, The problem is a subverted server that forces you to PLAIN to harvest passwords. The solution is that clients shouldn't switch *back* to a weaker auth without user intervention.

Ah

Of course, that assumes a linear ordering of SASL mechs. :-)

no

that doesn't help (-:

I can read about 50% of it

Now it looks like the Blair Witch Project.

:)

I blame stpeter's handwriting

you need an HD camera, and we all need be connected with HD to have a shot

Wat

I think this is an HD camera

I can actually read it okay

There are parts I can't read from here anyway.

my laptop screen is too small

You're there aren't you Dave?

Right.

Do we need to invest in some special XSF glasses for you?

maybe that'll be his first act on the next Board

:)

"Get Dave Glasses" (-:

I mean, I'm 4,900 miles away and I can just about read it.

where did you buy your glasses...

XEP-0259

blair witch prject 2

project

the work on carbons is just cleanup - making the errors make sense

making the text a little bit more understandable

if there is anything else he will take requests

he saw that kim had posted something about wanting to switch over to this flag thing put together

rather not delay carbons or get another dependency

Could "attachments" be enabled on the pirate pad?

yes

see the clip icon

can't upload

https://github.com/ashward/buddycloud-xep

(ash) I started drafting a xep around a kind of informal xep they had for buddycloud but it still needs a lot of work to finish

(ash) it's sitting in his personal github cloud and needs a lot of work to finish

20 min break

I will!

Wife's just got back from Yoga, so 20 minute break is well timed :)

yea right it's -3C outside and pitchdark

http://gowebrtc.me/demo.html#xsfsummit

http://gowebrtc.me/demo.html#tmc8n53d

I got the camera/mic request for both, but all I see is myself

I think it's my local network

erm

what have you done?

it could be worse

I can't close the gowebrtc tabs

fun

we're having an interesting network in here

can you combine the devil horns and angel halo?

ARE THERE SILLY HATS?

HATS?

HATS!

ha ha ha

beware of black hats

;-)

http://www.stupidgifs.com/images/full/352.gif

Edwin's stroking his cat like a Bond villain...

I have yet to perfect my evil laughter

great marketing

If only there was an open protocol that we could extend to have great conference capabilities with video and such...

I really fancy a coca-cola now...

And now for close-ups of Bear and PSA's backsides.

No comment

bear's back

anyone knows what zoom.us <http://zoom.us> is doing

http://waqas.im/summit/reveal.js-master/ <http://waqas.im/summit/reveal.js-master/#/>

http://waqas.im/summit/reveal.js-master/#/

OK, everyone ready with the slides?

click

Slide: Rich Web Applications

for future note: slide numbers are worthwhile

Slide: Malicious Content

Slide: Javascript

mute click

if there are slides. is it possible to them

Steffan: URI above.

ahh got it.. thanks dave

Slide: CSS

I am on and off.. so I miss some stuff

Slide: This requires rich content?

Slide: So what's the fix?

why do we not make it XMPP "compatible".. and then share it by a room.. then waqas could click and we other could just view. :-)

Slide: Templates!

Slide: Templates: How they work

Slide: Templates: Be aware

Slide: (same title)

Slide: Sandboxing

Slide: Sandboxing : Support

Slide: Sandboxing: Internet Explorer

Slide: Sandboxing

Slide: Rich Content

Slide: Attacking XHTML-IM

Slide: "" : URLS

Slide: (same title)

Slide: Attacking XMHTML-IM: Tags and attributes

Slide: Attacking XHTML-IM: CSS

Slide: CSS Sanitization: Values

Slide: XHTML-IM.JS

Slide: Don't Trust The Data

Slide: Lessons...

Slide: Lessons... (again)

Slide: And we're done!

source for xhtml-im.js? (and license?)

Get that?

No

I did not get the license

Not the license lbit

MIT

Ah, gr8

MIT license

graze

And will be on github

And now everyone's talking at once.

We noticed ;)

you need a speaking stick

I'm about to get my cat and practice the evil laughter.

This is actually a pretty useful presentation for web dev in general

Indeed.

Yeah, lots of the issues apply outside of xmpp/bosh usage

And the number of devs that get it wrong is incredible.

Yup.

I did ;-)

XHTML-IM security?

BOSH/Websockets/XMPP creates another attack vector, vulnerable to this

Might be worth renaming the presentation as there may be people who think "I don't use BOSH, that's not for me", and yet it may well be useful for them.

precisely

yep

Would it be an idea to do a fast roundup on XMPP on the web developments

Lance is chatting about stanza.io and xmpp-ftw

xmpp over websockets draft has been adopted by the working grouop

there are two open issues left

one is if there is an error and you need to send the client over to a uri

the other issue is because in the browser we don't have a streaming parser should we have different flags to identify when the stream start/ends - lance feels that it's just fine as it is because the code that wraps it is a very thin item

the additions to the last bosh rfc have not been applied yet and that should be picked up by the next council

http://github.com/legastero/stanza.io

http://github.com/lloydwatkin/xmpp-ftw

xmpp-ftw doesn't require you to give it a web socket, it will accept any socket or transport connection

hey guys, I have a similar topic talk, btw :)

https://xmpp-ftw.jit.su is probably the best place to look

the work being done for HTTP2 should be able to upgrade clean if we target websocket

If anyone would like "live" demos I'm sure we could do these too during the summit

We've lost the summit!

they are trying to find his talk

work fine

http://jrudevels.org/Trash/presentation.pdf

well guys, I am off to bed. Have fun and see you later tomorrow

'night Steffen

bye Steffen

nn

night night

ciao

many many clicks on this one

Slide: whoami --verbose

Slide: Why another library?

Slide: Problems

Slide: What can we do?

Slide: Simple Example

Slide: Possible Mapping

Slide: Twilix Message

Slide: (same title)

(There's a lot of unfolding ofthe slide I'm not indicating, by the way)

Slide: Twilix Message

Slide: JSLiX Analogue

Slide: Data Validation

Slide: XML Fields

BTW: I can't see Sergeys head... he is quite a mystery like this ;-)

Slide: Queries

Slide: Dispatcher

Camera better? Doing it blind.

Yes

Slide: Dispatcher again. (no title though)

A slight adjustment to the left perhaps.

Yay!

perfect, thanks!

Ace.

Slide: Dispatcher, no title.

We should definitely do a XEP for slide coordination.

Can you guys see the slide on-screen, by the way?

<click xmlns="blah"/>

dave: i think there is an old H. standard fo rthis...

See, but not read.

yep

Slide: Dispatcher. "Despite the fact XMPP [...]"

Well, with a bit of imagination, you can probably understand what it says.

Enough to identify? As in, is what I'm doing still useful?

It's very useful.

It's definitely enough to identify.

Damn, I was hoping to get out of the typing. :-)

And if you have the PDF, you can then make out what the blurry text was supposed to be even without going back to the PDF.

Get a better camera.

heh

We need Retina cameras ;)

that was suggested earlier

Retina cameras == eyes?

It's RalphM's camera. Seems quite good, but I suspect the bandwidth has lowered the quality.

With actual retinas inside them.

Slide: "Or in the case of handler"

we need HD-4K

I don't think the conference centre has retina bandwidth

yea, he is using a nice logitech external camera

I'm using a telepresence solution powered by KLM.

Slide: Table thing.

hehe

The Dutch airline?

:)

The table is sliding?

Ah. Slide: "Is it used anywhere now"

Sorry. Distracted.

What slides now?

same slide still

last part of "Current State" slide

'Is it used anywhere now?'

SVP Implementation exmpl

Slide: "Comparing Examples", "Software Bersion Protocol Implementation example"

Erm. "Version".

Ah, still Sergey

Slide: (same title) "Then we'll need a method"

Slide: "Now let's define the method to query" ...

Slide: "as we can see the method"...

Slide: "Finally we should define handlers"

Slide: Counter-example PyXMPP2

Slides are going thing and fast, sorry.

JSLiX vs XMPP-FTW currently.

jTalk crashed, sorry

Now on "Just an idea", from JSON-XMPP section

what slide are we on?

And we're done.

http://jrudevels.org/Trash/presentation.pdf

I'm going to drop for the day, try to catch all of you tomorrow

whats next? I couldn't follow it...

we're discussing

Justin is suggesting talking about service delegation

Quick break

musical break

sleep break

Remind me not to let Ralph steer the rocket ship that will evacuate us from earth when we have to leave.

http://play.brokt.com/~fritzy/lander/

Yes…. Much better.

Can you turn the camera around,plz?

ta

grrr

hi Wilson

:D

In all this, I have this mental picture of Matthew Wild - Secret Agent - moving through the mean streets in disguise.

Yesterday, he was lost in the woods

I have met him near the zoo yesterday, maybe he was doing some offering sacrifices?

I can't believe it's not XMPP!

XMPWHAPP!

I'm thinking that jTalk is pretty battery intensive - I'm actually out of battery.

it also was pretty buggy when I was using it so I've returned to Xabber

right..jtalk crashes on anything MUC related

for some reason I get random disconnects with Xabber

because of invalid XML

still not sure where from

hm, I remember the times when clients were disconnecting because of XML namespace prefixes

Weird. Invalid XML, or invalid UTF-8?

not sure

still haven't found it

but xabber works pretty fine for me except of lacking functionality

+1

exciting stuff - truly

Give Ralph some hats.

:)

Interesting as the discussion is (no sarcasm intended), I'm afraid I have to leave for bed soon. Keeping my eyes open is becoming harder ;)

have a good sleep

Ta.

good night!

XMPP Standards Foundation and XMPP Services Foundation :p

:P

+1

https://docs.google.com/document/d/1r-zJqpuHYsWsqtnmrWQo_pXXPRcK-mbiazG-GwuBNj4/edit?usp=sharing

current page structure

thanks