XMPP Summit - 2014-01-31

Kev: speaking of mobile problems, this popped up today - http://op-co.de/blog/posts/mobile_xmpp_in_2014/

Ge0rG is in this muc for first-hand discussion about it.

obligatory hn comment feed: https://news.ycombinator.com/item?id=7151857

Simon: I'm at the summit as of right now as well

Simon: so feel free to beat me up for that article ;)

can you wave

Simon: *waves*

Simon: https://github.com/pfleidi/yaxim

does anyone have any questions for lance?

yes

lances presentation: https://cloudup.com/c223kt48cGZ

pub 2048R/344F5334 2011-10-06 [expires: 2014-10-05] uid Joe Hildebrand <jhildebr@cisco.com>

pub 2048R/344F5334 2011-10-06 [expires: 2014-10-05] Key fingerprint = 6BE0 0277 A430 7746 4A6D 6DE6 F60D 4C90 344F 5334 uid Joe Hildebrand <jhildebr@cisco.com>

CACert assurance possible as well, bring the forms

pub 4096R/4AB71678 2013-03-20 [expires: 2015-03-20] Key fingerprint = D5BF 034A D323 56B5 FCB1 A476 D91A D42uid Ralph Meijer (ralphm) <ralphm@ik.nu>uid Ralph Meijer <ralphm@twistedmatrix.com>uid [jpeg image of size 3190]sub 4096R/7DD82E0E 2013-03-20 [expires: 2015-03-20]

gpg: using PGP trust model pub 4096R/FF26588F 2013-01-29 Key fingerprint = FB17 A8E1 C688 B1D5 3D8B E2DE 2C2D 68CD FF26 588F uid Lance Stout <lance@lance.im> uid Lance Stout <lancestout@gmail.com> sub 4096R/D6F6160E 2013-01-29

pub 4096R/4AB71678 2013-03-20 [expires: 2015-03-20] Key fingerprint = D5BF 034A D323 56B5 FCB1 A476 D91A D42A 4AB7 1678uid Ralph Meijer (ralphm) <ralphm@ik.nu>uid Ralph Meijer <ralphm@twistedmatrix.com>uid [jpeg image of size 3190]sub 4096R/7DD82E0E 2013-03-20 [expires: 2015-03-20]

pub 4096R/E623BFD2 2013-01-28 [expires: 2018-01-01] Key fingerprint = 62C4 81BC C19D DAF9 B776 6F07 BA29 DCD9 E623 BFD2 uid Edwin Mons <e@ik.nu> uid Edwin Mons <edwin@mons.net> uid Edwin Mons <jsf@edwinm.ik.nu> sub 4096R/3D0CCDD9 2013-01-28 [expires: 2018-01-01] sub 2048D/CDD7BADF 2013-01-29 [expires: 2018-01-01]

GPG Key 4096R/8EE5B4D8 0A93 9BA7 8203 FCBC 58A9 E8B5 9D1E 0661 8EE5 B4D8 uid's: Mike Taylor (bear) <bear@bear.im>, <bear@andyet.net>, GnuPG Key ID (DSA, 1024bit): Georg Lukas <georg@op-co.de> - 0x962FD2D Fingerprint: CE57 348B 6A53 7B58 6ADF 991D B334 D308 962F D2DE Winfried Tilanus 4096R/62D66B3D 1292 1E01 F404 9F0B 04A3 489C 6E62 0C65 62D6 6B3D Kevin Smith 4096R/2081A380 1431 FBAC 8E49 AA68 5542 20DA 6DAF E1C1 2081 A380 Edwin Mons 4096R/E623BFD2 62C4 81BC C19D DAF9 B776 6F07 BA29 DCD9 E623 BFD2 Ralph Meijer 4096R/4AB71678 D5BF 034A D323 56B5 FCB1 A476 D91A D42A 4AB7 1678 Remko Tronçon 8192R/3F4B0D61 E00B 5436 4600 75B9 05D1 C7BE F01E 29A2 3F4B 0D61 pub 2048R/344F5334 2011-10-06 [expires: 2014-10-05] uid Joe Hildebrand <jhildebr@cisco.com> hildjj @ 5:51 pub 2048R/344F5334 2011-10-06 [expires: 2014-10-05] Key fingerprint = 6BE0 0277 A430 7746 4A6D 6DE6 F60D 4C90 344F 5334 uid Joe Hildebrand <jhildebr@cisco.com> pub 4096R/FF26588F 2013-01-29 Key fingerprint = FB17 A8E1 C688 B1D5 3D8B E2DE 2C2D 68CD FF26 588F uid Lance Stout <lance@lance.im> uid Lance Stout <lancestout@gmail.com> sub 4096R/D6F6160E 2013-01-29 Lance @ 5:54 pub 4096R/4AB71678 2013-03-20 [expires: 2015-03-20] Key fingerprint = D5BF 034A D323 56B5 FCB1 A476 D91A D42A 4AB7 1678uid Ralph Meijer (ralphm) <ralphm@ik.nu>uid Ralph Meijer <ralphm@twistedmatrix.com>

were there any actions taken following the push discussion?

Not yet.

while you're together in a room you could also gather opinions on XMPP Compliance Suite 201x

Noted, thank you.

awclinford: bear took good notes

we need to assign an action item to write a push XEP

hildjj: I put that on the board.

I'll take that one on hildjj. Already have been working on one

Lance: awesome.

Yay Lance

I'll sign up to review it, and get some folks on the Cisco Jabber team to look at it.

Lance rocks!

i’ll keep my eyes peeled for it Lance. we’ll put an implementation together and feedback to the group

is it still possible to extend the agenda? a) client-to-client (end-to-end) encryption of realtime media and file transfers; b) a normative/informative XEP to specify client priority according to user state and presence, to support message routing with multiple online resources

I think we all pretty much agreed on DTLS-SRTP for encryption within Jingle sessions yesterday

with some debate about making it required

What about file transfers over TCP / Proxy65

favoured using the WebRTC style data channel of SCTP over DTLS

Ge0rG: http://doomsong.co.uk/extensions/render/multiple-clients.html

Ge0rG: Poke Kev about it :)

paulwitty: sorry, wasn't able to attend yesterday. DTLS-SRTP solves UDP-based streaming. what about TCP connections?

no TCP connections

use Jingle to set up file transfers, use SCTP to give reliability over the UDP

and maybe deprecate all other forms of file transfer

what about sharing files with a MUC?

paulwitty: we are talking about SCTP, the transport-layer protocol which nobody yet implements?

doing that in user space, yes

because it looks like that's the direction WebRTC is going

maybe WebRTC is not quite the right approach for us. it's not like all XMPP client developers have the same resources available to them like Mozilla or Google....

is there anything which will work well through all network topologies, is secure, and is easy to implement?

paulwitty: that looks like the holy grail to me...

HTTP upload of encrypted files to a data storage server maybe

THE CLOUD!!!

WebDAV-like things + e2e, for some value of "secure" that doesn't include server-side virus checking

paulwitty: implementing a transport-layer protocol on top of an application-layer encryption protocol on top of UDP just looks like crazyness to me. I wouldn't be surprised if JSON is used in the negotiation process

!summon dwd

Think of the layers!

Ge0rG: the right place to discuss that is at the rtcweb wg at the IETF

the argument is that people who have done Jingle will at least have done the ICE and DTLS layers

ge0rg: javascript session establishment protocol? :-)

paulwitty: as I said, it covers voip/video rather well, but it is strange, to say the least, for file sharing

hildjj: I think I forgot to check your ID for keysigning. Maybe you can show it to me (again) before lunch?

sure.

For now

Well, quite.

protocol.buddycloud.com / code: https://github.com/buddycloud/buddycloud-tests-framework

websockets

Based on helping Simon with building the buddycloud XEP I've thrown this together, https://github.com/lloydwatkin/xep-builder , as a helper for building/writing XEPs. Would people find it useful? If not I'll consign it to the dustbin of code.

apologies if my take on compliance suite and/or testing irked anyone

I am approaching the end of my energy so I tend to be grumpy or combative

@bear putting in a vote for "you're fine, relax" :)

:)

for Lance https://github.com/remko/xeps

http://tools.ietf.org/html/draft-ietf-xmpp-websocket-00

Does push and not-sift solve all the currently outstanding mobile issues? Simon?

not-sift?

what makes SIFT or something sift-like superflous?

not-sift is like sift

but without the bits that Dave Cridland objects to

So it's like a protocol where you send all your stanzas to Dave Cridland, who inspects and drops them if they are not to be forwarded to you?

as I'm not in the room and don't know what dave objected so i should wait until some minutes or summery comes out

I believe Dave is going to do a new version

without the bits he dislikes

A bit like Mechanical Turk, but more Mechanical Dave

Anyone in for a vegetarian buffet tonight? Tripadvisor has a good rated place quite close to the hotel, but we best make reservations for it...

not-sift is like sift but without the XPath.

winfried: link!

http://www.tripadvisor.co.uk/Restaurant_Review-g188644-d694665-Reviews-Dolma-Brussels.html

:)

i've learned two things today that I should have already have known - cool

Dave Cridland, ahh..yeah...full XPath might be a bit overkill...and introduce unneeded attack surfaces

wait, XPath?!

Or XQuery, or whatever was there.

Mainly because I don't want to have to implement that.

Doesn't look like it does more than mention XPath

can someone give me a summary of what was just decided regarding file transfer

so I can add it to the meeting notes

Simon will write up what BC does. We will probably https host files. We might upload with https or with the sctp-dtls stuff that we will be using for 1:1FT.

summary: I'll write up a quick how the buddycloud-media server works and share it. If it's useful, I'm happy to extend and do more work.

thanks!

at the portland summit there was a nice presentation on xmpp on the web security does anybody still have a link to those slides...

winfried, that was waqas - I'll ask him

+32 48 351 2062 <-- my belgium phone #

Zash: Yeah - after actually reading the sift spec, it actually looks fairly close to what I thought was being proposed so I am now slightly confused

Dave Cridland: I've got nebuk, who wrote the MUC code, into the yaxim MUC. feel free to come back for discussing further merge attempts

Mattj thank you, am considering to something with XMPP on the web security on the Real Time Lounge, but his presentation should be included in that!

so, what's next for today?

Ge0rG, people will probably head back to the hotel to drop their stuff there, and then collect in the lobby to discuss

Dave looks like he's missing XEP-0198 :>

Ge0rG, so you're at the hotel?

MattJ: correct. will come to the lobby in 15min

Ge0rG, ok - dinner plans are forming

Someone, have a Hoegaarden!

is it happy hour again?

paulwitty, in 20min

MattJ: I'm open for anything non-vegetarian

Ge0rG, you're not vegetarian by chance? :)

:D

MattJ: I'm antivegetarian by intention

Then it sounds like you'll want to squeeze into the group going to "the rib place"

The Meating?

MattJ: +1

Ge0rG: Join The Meating, you won't regret it.

I'm strangely tempted by the vegetarian place after the ribs yesterday

I'm probably not going to be in that group, but never mind

MattJ: But, bacon the size of your head!

MattJ: if you convince Lance to follow you, I'm in for an antivegetarianism exception

No, we're just discussing

except if there are baked otters

Apparently he has never been to "The Meating" tradition, so he'll go there tonight

I have no idea about this "meating" thing. Is that what bear told about earlier, referencing a loud crowd?

Yes

It's a relatively small place, and XMPP folk dominate it when they go

I'm actually more into some calm place... which is probably a challenge on friday night in a large metropole

Before FOSDEM especially

but then... XMPP folks

It's the FOSDEM beer night

Ge0rG: FWIW, it's pretty baren other weekends.

Ge0rG: we're going for a vegetarian place, wanna join?

Florob is undecided

Most EU-people go home over the weekends, so at least near all the EU buildings it's usually pretty empty

my preferences in order of importance: 1. company, 2. meat, 3. calm place

The vegetarian one will probably hit both 2 & 3

meat at a vegetarian place? I'd doubt it.

but calm, why not?

I have yet to meat this trip, so if there's the option of going there with some group, it's appealing to me.

zeank: Matt has interesting definitions of 'vegetarian'.

maybe, yeah

Are there meat plans tonight that I can potentially crash?

ok ok, I'm coming down to the lobby now

Kev, I overheard 5 minutes ago "Kev will be going to the rib place"

Ahhar.

You folks are in the bar? I'll head down :)

Yep

I am back, ribless but full. If anyone wants to share their FOSDEM plans at some point before tomorrow, yay :)

Anyone with breakfast plans for tomorrow?

Do we have breakfast at the hotel tomorrow included?

Yes, but not in Belgium :)

paulwitty: As far as I know!

the email from Aloft was marginally ambigious

I didn't read it.

January 29, 2014 - January 30, 2014 Rate Plan: Group Business XMPP BUFFET BREAKFAST Per Person/per Night

With no mention of other nights

I see what you mean.

When we checked in, they just said breakfast was included - not that it was included some nights.

So I assume it's fine.

I'm certainly going to try for it

I'm tempted to unset my alarm and see what happens.

And make FOSDEM plans when I get up, in the absence of knowing what others' plans are.

GN

I would like to go early to setup lounge

Is there any plans on large cab from hotel?

I'm planning to book a large cab from hotel to fosdem at 09 is that to early? would there be anybody in the lounge area by 9.30?

Jabberjocke. I was planning on leaving about 9:45

xnyhps: sorry to have missed you at Summit. Would have been nice to meet up.

But xnyhps wasn't there, was he?

albert - I was, he wasn't.

Ralphm when are you going?