- stpeter has left
- tato has left
- Lance has joined
- tato has joined
- Lance has joined
- tato has left
- stpeter has joined
- stpeter has left
- stpeter has joined
- stpeter has left
- SouL has left
- bear has joined
- bear has left
- bear has joined
- SouL has joined
- Ashley Ward has joined
- Ashley Ward has left
- Ashley Ward has joined
- Alex has joined
- Alex has left
- Alex has joined
-
fippo
I think that is Jers first post ever on a @xmpp.org list, isn't it?
-
Alex
fippo: which one?
-
Alex
standards list?
-
fippo
http://mail.jabber.org/pipermail/standards/2013-November/028280.html
- Ashley Ward has left
- Ashley Ward has joined
- Ashley Ward has left
- Ashley Ward has joined
- Ashley Ward has left
-
dwd
Yeah, I think any previous have been before the Great XSF Renaming.
- Alex has left
- Ashley Ward has joined
- Lance has joined
- Lloyd has joined
- Lance has joined
- bear has left
- Lance has joined
-
dwd
ralphm, It's the 15th of December we get a go/no-go for the FOSDEM Lounge, right? Do they normally hit that date or is there sometimes some slippage?
-
ralphm
yes
-
ralphm
no
-
dwd
Bedankt.
-
ralphm
:-D
-
ralphm
Maybe I could poke them a bit about it
-
dwd
It'd be useful to know as soon as, since we can begin planning more concretely, but I'd prefer not to annoy them.
- Lloyd has left
- Ashley Ward has left
- Lloyd has joined
- Ashley Ward has joined
-
dwd
Lloyd, Ashley Ward - Nice that your server broadcasts how it was shutdown.
- Lloyd has left
- Ashley Ward has left
- Lloyd has joined
- Ashley Ward has joined
-
Ashley Ward
If it does then I assume that's what Prosody does by default!
-
dwd
Ashley Ward, Yeah, seems so. Two restarts, eh?
-
Ashley Ward
Yeah. Lloyds been updating the TSL stuff on it in readiness for the 4th Jan
-
Ashley Ward
TSL = TLS
-
dwd
Right, yes. I think mine's about ready now. I've been trying to get otalk.im deployed, but it's not yet working for me.
-
Ashley Ward
Be interested to hear how you get on with that.
-
dwd
SLowly.
-
dwd
I'm really not experienced enough with Node and modern webapp stuff to figure out what's broken about it.
-
Ashley Ward
Hehe. Tell me about it - I've only barely figured out how all this node stuff works. I understand it okay as long as nothing goes too badly wrong!
-
dwd
I spent literally hours downloading extension after extension.
-
ralphm
Edwin Mons did the same for our machine the other day. He experienced issues with both disabling SSL and compression.
-
Edwin Mons
Well, prosody failed to do any TLS if I disabled compression.
-
ralphm
that counts as 'experiencing issues'
-
ralphm
:-D
-
Edwin Mons
It does.
-
Edwin Mons
That might be due to the hackish nature of our setup, though. I had to do a bit of library mapping to get luasec to use the openssl from ports.
-
Edwin Mons
Instead of the system openssl.
-
Edwin Mons
(FreeBSD based)
-
dwd
FreeBSD? But you don't have a beard...
-
Edwin Mons
dwd: in spirit only ;)
-
Edwin Mons
Nor does Kurt, for that matter ;)
-
ralphm
dwd: I have a beard
-
ralphm
and we co-admin
-
Edwin Mons
dwd: although I really do need to shave. It's not a full beard yet.
- Alex started memberbot
- Edwin Mons has left
-
dwd
Heh. Lisa Dusseault's applicaiton doesn't mention that she was the one who coined the term "stanza".
- Edwin Mons has joined
-
dwd
Voted. :-)
-
Edwin Mons
dwd: fix it for her, it's a wiki after all :P
-
fippo
dwd: she also denies coming from IRC ;-)
-
dwd
Nobody admits to any involvement there, though, right?
-
Edwin Mons
Voted as well. A shame dwd beat me to it ;)
-
Alex
isn't there a comment function in the Wiki?
-
dwd
Discussion page, at least - I've added a note there.
-
Edwin Mons
The talk page. But who looks there.
-
Alex
ya
-
Edwin Mons
Discussion, yes.
-
dwd
Both the new applicants look good. I also realise I know nearly every reapplicant personally, too.
-
Kev
OK, "Yes" isn't a valid response to the memberbot.
-
Kev
That seems a little bit overly restrictive.
-
dwd
Gosh. I hadn't actually noticed.
-
Edwin Mons
Just noticed Diana didn't reapply.
-
Kev
I also get the feeling Florian's heart wasn't really in this.
-
Edwin Mons
You'd think with all the time he had to spend on SFO, he'd have had ample time to create a beautiful page there.
-
dwd
That one might be my fault.
-
dwd
[17:26:45] David Cridland: Just put up a blank page, nobody reads them anyway. [17:30:00] Florian Jensen: lol [17:30:02] Florian Jensen: I'll try that
-
Kev
In fact, I'm not convinced that his application is legal.
-
dwd
Oh?
-
Kev
We have to provide affiliation information.
-
dwd
That is actually a good point.
-
dwd
Oh. Actually I can just add it into his application; assuming I'm right in thinking he's now working for Uber?
-
dwd
But no, we should just contact him, actually.
- Ashley Ward has left
- Ashley Ward has joined
-
Edwin Mons
I think editing someone's application is not really the best of ideas...
-
Kev
I'm opposed to people editing other people's applications.
-
dwd
Edwin Mons, It doesn't seem quite right, does it?
-
Edwin Mons
dwd: that's one way of putting it.
-
Kev
On the other hand, it's too late to edit applications at this point.
-
Kev
Does Florian get disqualified on a technicality? That would be ... amusing?
-
dwd
So the only way he could be disqualified would be to argue that his written application is not in such a form as has been adopted by the Board.
-
dwd
I think, anyway. So we'd need to decide on what form actually has been adopted by the Board.
-
Kev
Which is listed on http://wiki.xmpp.org/web/Membership_Applications_Q3_2013, no?
-
dwd
OK, when was that adopted by the Board?
-
Edwin Mons
The list of required elements is quite clear.
-
Kev
dwd: You tell me, you're on the Board :)
-
dwd
Edwin Mons, As far as I can tell, the Board agreed a few years ago to require a full name, which is *not* listed there. Can't yet find if they require anything else.
-
dwd
I suspect the Board could, and should, issue an edict^W^W^Wadopt a resolution that an application must include full name, email, jid, and employment details. I'm struggling to find if the Board ever has done so in the past, though.
-
dwd
Also, reading the bylaws, I'm surprised to note that companies can be members too.
- SouL has left
-
Alex
for reapplliers we never were that strict about this information. I guess because we assume that the info did not change and we got it with the 1st application
-
dwd
Right, something else for the Board to deal with, then.
-
Alex
yes
-
dwd
Alex, You were Chair when that Solarius guy stood without a real name - do you know if the Board "adopted such a form" about member applications then? I thought it did, but I can't find anything.
-
Edwin Mons
I think it did, but the members didn't accept it and voted him down.
-
dwd
Oh, so maybe we just didn't vote him in and left it.
-
Alex
it was a long discussion at that time, but I can't remember exactly what the conclusion was. But we accepted his application and at Fosdem verified his idendity when he showed up. That was a strange guy
-
Edwin Mons
I remember Christ had to share a room with him.
-
dwd
I've read through the members@ thread, and also the next Board minutes, and can't find any conclusion. Certainly no Board resolution.
- Jef has joined
- Jef has left
- ralphm has left
-
Edwin Mons
Good thing we have voting-by-proxy, because the meeting is at Sinterklaasavond.
-
dwd
Mmmmmm... mini-cookies....
-
Alex
wow 6 voters in the first 60 minutes, looks like we can achieve a good turnout this quarter ;-)
-
dwd
If we can keep up the momentum...
- stpeter has joined
- stpeter has left
- Ashley Ward has left
-
Kev
http://wiki.xmpp.org/web/Membership_Applications_Q3_2013 might need an update.
-
dwd
For the meeting dates, you mean?
-
Kev
r
-
Alex
updated
-
Kev
Murky buckets.
-
Lloyd
Has memberbot dropped offline for anyone else?
-
dwd
Lloyd, Online for me.
-
Edwin Mons
Online here.
-
Kev
Lloyd: Check no-one's been fiddling with your server ;)
-
dwd
And responding.
-
dwd
Lloyd, Right, could be some dodgy sysadmin breaking things.
-
Lloyd
:P Changes were made last night, gave it a kick earlier for another reason
-
dwd
I quite like Brian Carpenter's note to ietf-disgust saying that the main advantage of all these multistakeholder meeting groups has been to mire all attempts by governments to put international treaties over the internet.
-
fippo
ietf-disgust... ;-)
-
dwd
Not, sadly, my gag. I forget who uses that; one of the ADs I think.
-
dwd
*possibly* Adrian Farrell.
-
Lloyd
update: think it was adium being a pita, using xmpp-ftw to vote intead :)
-
MattJ
Heh
- stpeter has joined
- jabberjocke has joined
- jabberjocke has left
- jabberjocke has joined
- Simon has joined
- Simon has left
- Alex has left
- Alex has left
- jabberjocke has left
-
Kev
/Now/ memberbot isn't responding for me.
-
Kev
I've already voted, but it should still talk to me shouldn't it?
-
Kev
Ah, there it is. Just lagging a few minutes.
-
Edwin Mons
Same over here.
-
MattJ
It's simulating a real human
-
MattJ
or it's actually Alex simulating a bot
-
Edwin Mons
So you're saying there is no memberbot, just Alex?
-
dwd
Or that Alex is a bot faking being a human faking a bot?
-
Kev
Or there's no Alex, only the bot.
-
Edwin Mons
Hmm. I'm pretty sure I met someone who claimed to be Alex a few times.
-
dwd
Edwin Mons, Just shows how good that bot is.
-
Edwin Mons
Fair point. He/it sure passed the Turing test when I talked to him/it.
-
Edwin Mons
(Alex, not the memberbot)
- Lance has joined
-
Lloyd
kev: it was quite slow earlier
-
dwd
Lloyd, ALex, or the memberbot?
-
Lloyd
:) memberbot
-
dwd
Kev, You're Councilling today, aren't you?
-
MattJ
and since membership voting and meetings actually *happen*, it must be stpeter simulating them both
-
Kev
dwd: Yes, 16:10Z
-
Lloyd
MattJ :D
-
Kev
dwd: Pam?
-
dwd
Kev, Just so I could wander into the room and nod politely.
-
ralphm
dwd: like Kev does for Board?
-
Kev
I was very good!
- Zash has joined
-
ralphm
Kev: one occasion is not a pattern, but can be a good start :-P
-
Kev
You might be overly optimistic if you want a pattern :p
- Simon has joined
- bear has joined
-
bear
5 minutes (or so) to the board meeting
-
bear
current agenda: - Board Chair election - FOSDEM preparation update - IoT Liason update from Peter - Membership application question from Dave - Next meeting time
-
Simon
I sent through a couple of things regarding security
-
dwd
Simon had some stuff, didn't he? Or am I confused?
-
dwd
Right. Not too confused.
- Alex has joined
- ralphm waves
-
stpeter
howdy
-
bear
oh poo
-
Alex
good
- Edwin Mons nods
-
Alex
I missed the last meeting, I huess treasurer and secretary is not yet elected?
-
Alex
huess==guess
-
dwd
No, we haven't yet reelected you.
-
bear
had that in my notes and forgot to add that line
-
bear
how are we on attendence today - me, dave, ralph, simon
- dwd waves
-
bear
has someone poked Laura
-
dwd
Laura sent apologies to the list.
- bear realizes he does not have her in his contacts
-
dwd
Lloyd, I assume she's still caught in whatever she was called into?
-
dwd
bear, She's not online anyway.
-
Kev
By 'the list' is this members@ or board@?
-
ralphm
yes
-
stpeter
in the past I've encouraged the Board to consider the various "positions" (secretary, treasurer-always-unfilled, and executive director) in January after they've interacted a bit with those currently serving in those roles
-
Edwin Mons
Glad that's cleared….
-
stpeter
perhaps it makes sense to formalize that
-
dwd
Kev, I can't remember where she sent her "I might not make it".
-
ralphm
stpeter: I can see the logic in that, yeah
-
ralphm
dwd: on the board list
-
stpeter
(because sometimes we have new Board members and they don't know who all the people are)
-
dwd
stpeter, But not Chair?
-
bear
her missing the meeting note went to the board list
-
stpeter
dwd: the Board selects its own chair and needs to do that straightaway, methinks
-
bear
ok, we have quorom, shall we start?
-
ralphm
bear: please
-
Simon
+1
-
dwd
stpeter, Yes, I'm inclined to agree, but it's technically a position just like secretary etc.
-
stpeter
the Secretary, Treasurer, and Executive Director are appointed or serve at the pleasure of the Board
- bear bangs the gavel
-
stpeter
IMHO
-
stpeter
anyway
-
stpeter
off you go :-)
- bear adds the current discussion to the agenda so we can get back to it
-
bear
any items that anyone want to add to the agenda?
-
bear
(I know about the item that I missed from Simon)
-
bear
ok, none given
-
Alex
ya, the current discussion about election schedules
-
bear
Alex - noted
- bear adjusts his pause-o-timer
-
bear
any others?
-
ralphm
nope
-
bear
first item: nominations for Board Chair so we can vote on them
-
Kev
I think you were going to discuss github for submissions, at some point.
-
bear
yes, but I need to get the git mirror in place before letting the membership know it's a change (well, that's what I was thinking)
-
bear
Nominations for Chair - do we have anyone who wants to nominate someone?
-
Lloyd
dwd: yeah sorry just caught up, she hasn't arrived back yet so I assume so.
- bear notes that he does not mind continuing in the role
-
dwd
I'm happy to do it, but happy to let you continue if you want.
-
bear
ok, Dave has offered what can only be described as a passive aggressive nomination ;)
-
dwd
:-)
-
ralphm
I nominate bear
-
bear
ok
-
bear
simon?
-
dwd
I read bear as nominating himself anyway. :-)
- ralphm nods
-
bear
I was leading the charge for passive aggressive nominations
-
Alex
so either fight now, or vote ;-)
-
bear
:)
-
Simon
What's Kev's role these days? Would he be eligible for nomination?
-
Edwin Mons
He's not on the board...
-
bear
kev is a member of the council, not the board
-
dwd
Edwin Mons, The chair need not be on the Board.
-
Edwin Mons
dwd: ah :)
-
dwd
At least, I see nothing at all in the bylaws that would indicate that.
-
Alex
and voted by board members
-
Alex
or elected
-
ralphm
Simon: did you want to nominate Kev?
-
dwd
The Board selects its chair, but the chair needn't be a Board member themselves. It's on a par with the other positions the XSF has, like Secretary, Treasurer, etc.
-
Simon
It would help if we outlined the responsibilites of the chair. What's their role?
-
bear
running the meetings
-
Simon
/duties?
-
Simon
k
-
ralphm
Simon: this is outlined in the by laws
-
dwd
That and, interesting, the Chair has the casting vote in the case of a tie.
-
bear
it's purely administrative - there are some bylaw specific duties that being charted as a org requires
-
bear
in all the time i've been aware of the board, I don't think we've ever had a tie
-
Kev
That's because we try to pick odd numbers for both Board and Council, I think.
-
Kev
(Less important for Council)
- bear nods
- Lance has joined
-
stpeter
dwd: the Board has traditionally selected a Chair from among the Board members, but you're right that it's not required by the bylaws
-
dwd
Oh, I lie - it's the Executive Director that has the casting vote.
-
Kev
That sounds more familiar.
-
bear
ok, the point still remains, does simon wish to nominate someone (or do ralph and dave wish to nominate anyone else)
-
Simon
I nominate Kev.
-
bear
k
-
bear
any others?
-
ralphm
nope
-
bear
dave?
-
dwd
No - without anyone else willing to nominate me, I'll withdraw, as well.
-
bear
you don't have to withdraw IMO
-
dwd
No, I don't I don't have to. :-)
-
dwd
I know I don't have to, I mean.
-
ralphm
ok, so we have two candidates: bear and kev
-
bear
ok, so we now have two people, Kev and Bear
-
bear
shall we vote?
-
ralphm
yep
-
dwd
Erm, wait.
- bear waits
-
dwd
It'd be handy to know if Kev accepts the nomination, first.
-
Kev
Sure, what's the worst that can happen? :)
-
dwd
You get twice as many minutes to write up?
-
Kev
(I don't like people being on both Board and Council, but I don't think this counts as Chair gets no power)
-
ralphm
Kev: that we vote for you and for all the other roles, too?
-
bear
ok, Kev has accepted - ready to vote now?
-
dwd
Yup.
-
bear
simon, ralph - ready?
-
Simon
yep
-
ralphm
yeah
-
bear
sound off then please
-
ralphm
+1 for bear
-
Simon
+1 for Kev
- bear is going to laugh if this ties
-
bear
+1 for bear
-
dwd
I was wondering about the wisdom of tying it, and therefore letting either Peter pick, or else making Laura do it instead.
-
bear
i would say that we send it to laura if it tied
-
bear
but I would also just remove myself and let kev do it - he has a very capable meeting running style
-
ralphm
dwd: about the minutes, technically it is the Secretary's duty
-
stpeter
I don't think it's appropriate for me to express a preference, given that the Board is the one determining whether I continue to serve as Executive Director with all its many perquisites of power
-
ralphm
stpeter: tough luck, should have written the by laws better :-D
-
bear
any opinion is always appreciated
-
dwd
I'll vote for bear. On balance, I think having Kev as Chair of both Board and Council would probably not be ideal.
-
bear
the current board "season" has already proved to be very divergent from past ones
-
ralphm
I want to note that I have to leave in a few minutes
-
Kev
Safe :)
-
ralphm
dwd: agreed
-
bear
ok, I see 1 for Kev and 3 for bear - that is done, i'll continue as Board Chair
-
ralphm
woot
-
bear
next agenda item: meeting time - shall we continue with bi weekly for next week and i'll post to the list for anyone to object?
-
ralphm
+1
-
bear
s/next week/next meeting/
-
bear
simon, dave?
-
dwd
I think we agreed on a meeting this time next week anyway.
-
ralphm
indeed
-
Simon
+1 for next week
-
bear
k
-
dwd
But as for ongoing, I'd like to hear from Laura on whether there's likely to be too many clashes for her at this time.
-
bear
meeting nextg week at the same time slot
-
bear
agreed - we need to put this to the list so she has ample time respond yea/nea
-
stpeter
why not weekly? fortnightly can get confusing ("do we have a meeting this week?") -- the meeting can always be short if there's not much to cover, as Council meetings are
-
ralphm
stpeter: I suggested this before, and still agree
-
Alex
+1
- bear looks and wonders why he typed bi above
-
dwd
Yes, I agree, weekly is better.
-
Kev
I find it works well for Council, even if half the meetings end up being "1. Roll call 2. Date of next"
-
bear
noted, i'll reinforce that in the email
- stpeter nods to Kev
-
bear
next agenda item i'm making FOSDEM report since ralph is time constrained
-
ralphm
dwd had a short chat on this earlier this week
-
bear
is there anything that is board actionable for FOSDEM yet?
-
ralphm
no
-
dwd
Not yet. We're somewhat constrined because we can't really commit until we've heard whether we get the Lounge again.
-
ralphm
we were talking about doing some kind of t-shirts/hoodies/whatever again
-
bear
has the wiki page for the next summit been created so we can start to note details and pending decision items?
-
ralphm
yeah, we formally won't know until half december
-
bear
ah - ok
-
ralphm
bear: I will do this tomorrow
-
ralphm
eh
-
bear
thanks ralph
- stpeter updates his .plan to find out about travel approvals and reserving space at the Cisco office again
-
dwd
Oh, we have quite a large page on SUmmit_15.
-
ralphm
there is a summit page already, though
-
ralphm
dwd: that's mostly a copy of previous editions
-
bear
yea, it seemed overly detailed
-
bear
ok, anything else needed for ralph and FOSDEM?
-
ralphm
but I think a separate planning page for us would be good
-
ralphm
with things like the gear we need and stuff
-
bear
+1
-
bear
shall we move on to the next item - IoT Liason report?
-
ralphm
I was happy for the IoT mentioning some stuff for the XMPP UK meetup, and I'd love to have some stuff from them at FOSDEM
-
stpeter
FOSDEM is even earlier than usual this year, so preparation in December will be important
-
stpeter
ralphm: yes
-
ralphm
the location is an ideal venue for things like this
-
ralphm
FOSDEM is hardly earlier
-
ralphm
one day or so
-
stpeter
sure
-
Simon
FWIW, I'll be offline most of December and the start of Jan.
-
stpeter
Simon: good for you :-)
-
Simon
:)
-
ralphm
Simon: booh
-
stpeter
ok, about liaison relationships...
-
bear
peter - can you give your IoT liason update?
-
stpeter
as you know, we've received a liaison request from ISO TC 122 (logistics stuff)
-
stpeter
we need to finalize that
- Alex2 has joined
-
stpeter
I did send an inquiry to them and they replied, so I will send information about that to the membership
-
stpeter
it was a small issue
- Alex has joined
-
stpeter
but we need to finalize it
-
stpeter
I'll have time to do that now
-
stpeter
I have also had some preliminary discussions with two other groups
-
dwd
We were finding out whether the specifications were under NDA or similar, weren't we?
- Alex has left
- Alex2 has left
- Alex has joined
-
stpeter
not quite NDA
-
stpeter
but they keep their specs under wraps until finished
-
dwd
Right.
-
stpeter
so if we assign two people (or whatever) to be liaisons, those people couldn't share the documents with, say, any XSF member or even the Council
-
stpeter
workaround: we could appoint the entire Council to be liaisons, but they might not care about the topics under consideration
-
bear
but they would not be barred from discussion specific items with council?
-
ralphm
I think at least one should be on the Council
-
stpeter
ralphm: good idea
-
Simon
What is ISO TC 122? The best I coluld find was the ISO packaging committee
-
stpeter
Simon: logistics
-
stpeter
lorries and such
-
stpeter
"this vehicle did not arrive at its scheduled location on time, has it been hijacked?" that kind of thing
-
bear
fleet monitoring?
-
stpeter
bear: as best I can determine, yes
-
dwd
We use TLS; we're immune to hijacking, right?
-
Simon
Right. What's the aim of liason - tech help or?
-
stpeter
so let me describe the two other liaison relationships and then I think we can talk in general about our approach
-
Simon
I didn't even need to read the sender of that to know it was a DWD post.
-
bear
:)
-
stpeter
Simon: review their technical specs so that they don't use XMPP in silly ways
-
bear
dave - can i watch you try to MiTM a lorrie session?
-
ralphm
this
-
Simon
Sounds very useful and a good way to generate an XEP down the road.
-
stpeter
the other two are IEC TC 57 (electrical grid stuff) and UPnP Forum
-
Kev
bear: Sorry, with that comment I'm forced to post http://b.oooom.net/1r8t
-
stpeter
IEC TC 57 seems to be interested in using XMPP in ways similar to the OpenADR folks did in the USA, but globally
-
stpeter
I reviewed the OpenADR work informally (no liaison relationship needed) last year
-
stpeter
IEC is more formal
-
bear
kev - that is an epic video IMO (and i'll stop derailing the thread now)
-
dwd
If they're extending, rather than using existing stuff, do we want them to do so within the XSF and the XEP framework, or don't we care?
-
stpeter
so they'd want something similar to what we do with ISO TC 122
-
stpeter
so far, these have not been extensions but "profiles" that re-use their existing XML payload formats
-
stpeter
they're just using XMPP as a transport
-
stpeter
at least during the initial phases
-
Simon
While on the subject of liason, it would be great to help out the mozilla folk more in their wg-presence list.
-
stpeter
Simon: yes
- bear signed up for wg-presence mailing list last night
-
stpeter
the other liaison relationship people have been exploring with me is UPnP Forum, which is basing its "UPnP Cloud" technology on XMPP
-
Simon
https://mail.mozilla.org/pipermail/wg-presence/2013-November/000143.html
-
Simon
and there is a call tomorrow 10AM PST
-
dwd
stpeter, So how does the UPnP stuff work in terms of specification access?
-
stpeter
(BTW, the last two have come about through people within Cisco poking me to help out since I'm the "XMPP Guy")
-
stpeter
dwd: I am not sure yet about that -- the discussions have been quite preliminary and I don't know the details, although I was on a call with some of the UPnP folks recently and they asked me some technical questions about XMPP
-
stpeter
since I work at Cisco and Cisco is a corporate member of these organizations, I haven't needed to sign an NDA or become a formal liaison or anything like that
-
stpeter
but both IEC and UPnP Forum seemingly would like to also establish a more formal relationship
-
Simon
I'm happy to add my name to a list to help out with liason (inside or outside of any official role). Can sign any NDAs privately too.
-
dwd
That seems like really good news.
-
stpeter
XMPP is now an old technology and these more formal SDOs are getting interested in using it :-)
-
stpeter
so the question for the Board is, do we want to set some guidelines for establishing liaison relationships with other SDOs?
-
Simon
That's it I'm leaving - you make me feel old.
-
dwd
stpeter, It'd be useful to steer these guys into working "our" way as much as we can, but it's good that they're inetersted at al.
-
stpeter
we have 3 in the pipeline now, and might have more in the future
-
bear
I think we need to have a wiki page (or something) that outlines how a group can make contact with us for that
-
dwd
stpeter, Is there anything you need form us at this stage?
-
stpeter
dwd: these organizations are quite formal in how they work, especially ISO/IEC -- they're multistakeholder organizations etc.
-
stpeter
dwd: so I don't think we'll steer them anywhere :-)
-
stpeter
dwd: I think we need direction from the Board about our preferred way of working here
-
bear
at a minimum we can make sure XMPP is not dismissed for bad information or FUD
-
dwd
stpeter, Right, but since we have a formal membership, I was wondering if all members could get access to the specs for liason, etc.
-
stpeter
e.g., "at least one Council member"
- SouL has joined
-
Simon
I guess this really depends what they are looking for? Technical help? Design help? Protocol approval?
-
stpeter
dwd: typically these groups seem to want consolidated feedback, so opening up access to all XSF members might be complicated
-
stpeter
dwd: e.g., do we need to take an XSF vote on our review feedback?
-
dwd
stpeter, Yes, we'd want communications to be formalized through a liason.
-
stpeter
Simon: good question
-
bear
this really sounds like something that the Council needs to be a part of - since that is the group the membership bestows formally the task of ensuring technical accuracy
-
Simon
So this could be a working-group scenario (probably staffed by fine council members)
-
dwd
stpeter, As far as choice of actual liason goes, the COuncil ought to be selecting the people.
-
stpeter
Simon: in my experience so far, these groups have independently decided they want to use XMPP, but they're experts in other domains so they want someone who knows about XMPP to give them some design help with the XMPP aspects and review their work so that what they produce is consistent with the Tao of XMPP
-
Kev
dwd: I think that's something Board should give blessing to, if that's what we do.
-
Alex
I also think working group, maybe only with elected members from the council or board
-
stpeter
I note that in the IETF, it's the IAB (not the IESG) that appoints liaisons
-
bear
at first we could consider it a board+council working group and if membership expresses a strong desire we can make it another voted group?
-
Kev
These are people representing the XSF, in private. There's clearly relevance to both parties.
-
dwd
stpeter, Right, but the XSF Board isn't the IAB, the XSF Board is the ISOC Board.
-
stpeter
dwd: no one knows what the IAB really is ;-)
-
stpeter
but anyway, we need to figure this out
-
dwd
stpeter, However grew the biggest beard.
-
dwd
Whoever, even. My typing's gone today.
-
stpeter
my preference is to have only a single liaison or a small number of them
-
stpeter
not the whole Council or the whole membership
-
bear
single liason from a small(ish) pool?
-
dwd
OK, so I'll suggest that the Council provides nominations for liasons to the Board on a per-project basis, and the Board ratifies that.
-
stpeter
I'd be fine with the whole Council, actually, but they have enough to do
-
stpeter
another question is whether liaisons need to be XSF members
-
stpeter
dwd: that approach seems reasonable
-
bear
I want to say yes to that - as liason will represent the XSF
-
dwd
Oh, indeed... Yes, I think we do want liasons to be XSF members typically.
-
stpeter
bear: yes, I think so
-
dwd
It's not clear if we want this to be an unbreakable rule.
-
stpeter
dwd: not clear to me either
-
bear
I don't like unbreakable in general
-
stpeter
:)
-
bear
because a person may be needed due to problem space expertise
-
stpeter
we could consider a liaison team to be a work team per the bylaws
-
stpeter
(btw)
-
bear
in that case we should have both
-
dwd
If we had, say, two people on the liason team, I'd be happy to mandate that one of them must be XSF.
-
bear
yes
-
Simon
So let's do this on a case by case basis until we have a repeatable pattern. I'd be happy for the first liason to be made up of a council working group of ~3 people that feel strongly about the topic and can sign up/and sign an NDA to work on the topic.
-
dwd
stpeter, Yeah, that's XSF members only, right?
-
stpeter
dwd: yes
-
bear
peter - agree that liason should be a work team
-
dwd
bear, That does make it an unbreakable rule that the liasons are XSF members.
-
Kev
Is this a particularly productive discussion about a situation that hasn't come up? :)
-
bear
ok, following simon's lead: we (the board) will ask the Council to nominate 2+ people to form the initial liason team and then iterate on that as needed
-
stpeter
Simon: that's a good question, I don't know if these groups do have formal NDAs but it's something similar (and that's something the XSF is probably committing to by setting up a liaison relationship although right now I don't recall the details for ISO and I haven't heard about them yet for IEC or UPnP)
-
stpeter
Kev: :)
-
dwd
Let's keep XSF members only for now. If something comes up where we can't fulfill that for some reason, we'll tackle it then.
-
stpeter
Kev: I was suggesting that we use the work team model because it's already in the bylaws and we don't need to design new process for it
-
dwd
So, also, yes - use the work team model.
-
bear
+1 to work team model
-
bear
ok, do we have any other colour choices for this bike shed?
-
stpeter
:)
-
dwd
bear, So I'd like to move that for any liasons, the COuncil nominates a small team (1-3 typically) to act as liason work team, which the Board ratifies.
-
stpeter
http://xmpp.org/about-xmpp/xsf/xsf-bylaws/ Article VIII by the way
-
stpeter
dwd: seems reasonable to me
-
bear
I suggest that we take dave's summary as our actionable item for this
-
Simon
+1
-
bear
ralph?
-
bear
(wondering if he is even still here)
-
dwd
Gone I think.
-
dwd
But we're still quorate.
-
bear
k
-
dwd
(just)
-
stpeter
dwd: you love the word 'quorate' don't you?
-
bear
Kev - what is the best place for the board to ask the council for this - on the mailing list?
-
stpeter
members@ list I'd think :-)
-
Kev
Poke me on the Council list to put it on the agenda, I"d have thought.
-
stpeter
other members might have ideas too
-
dwd
stpeter, You're upbraiding me for linguistics? Pot, kettle, black!
-
Simon
What's next on the agenda?
-
Kev
And sure, copy members@.
-
bear
Peter - can we then get you to post that request for the current liason spot on members@ to the council
- bear notes he is moderated for council@
-
stpeter
" - Membership application question from Dave"
-
stpeter
bear: sure
-
dwd
Defer it until a next meeting.
- SouL has left
-
Kev
bear: Poke me via IM to try and fix that, or Peter.
-
bear
kev - will do
-
bear
ok, dave's question is deferred to next
-
bear
that leaves simon's item about planning for security day
-
stpeter
bear: fixed
-
bear
thank you sir
-
Simon
We really need a good set of technical documents on how to pass the security day. And we need to start ramping up publicity for it.
-
dwd
Simon, I'd rather defer your publicity questions until Laura is present.
-
Simon
I've tried to have some of these here. http://wiki.xmpp.org/web/Securing_XMPP
-
Simon
publicity we can do with laura - sure
-
bear
we can raise the issue now to get started, most of this I think should be on members@ list
- SouL has joined
-
Simon
but we should think about nudging the different XMPP server groups to publish the bare minimum to pass the tests.
-
stpeter
Simon: yes
-
Simon
I'll start this with a post to jdev
-
stpeter
Simon: great!
-
Simon
and we should also ack the great work that thaijs has been doing on the xmpp.net project.
-
stpeter
Simon: I'm happy to poke people like Matthias and Artur directly, too
-
Simon
that's the most amazing piece of light shining into the dark corners of insecurity.
-
bear
agreed
-
Simon
Wish we had something like that to test XEPs :)
-
bear
that is something we can discuss with Laura, ways to show focus on members activities
-
stpeter
Simon: actually, the UPnP folks asked me about compliance testing suites but I didn't have much to offer
-
Simon
ok then that's my bit - but everyone please keep tweeting and mentioning the upcoming date.
-
Simon
4th Jan :)
-
stpeter
Simon: will do!
-
bear
if anyone wants to see a blog post happen, please do poke me via IM or email and I'll generate one
-
Simon
the DNSSEC stuff isn't doing any harm with the IAB either :) Dan York loves us.
-
stpeter
yep!
-
dwd
Also pleasing to see Hannes joining in.
-
stpeter
Dan and I plan to write an Internet-Draft about being a "Jabber scribe" (as they call it) during IETF sessions
-
Simon
Hannes?
-
stpeter
another IETF character
-
dwd
Tschoffenig.
-
dwd
Author of the most Internet Drafts, I seem to recall.
-
Simon
right - so that's my security bit for this week.
-
stpeter
Hannes Tschofenig
-
bear
that is the last agenda item, any agenda bashing for this meeting?
-
stpeter
no AOB here
-
dwd
None from me.
-
Kev
I note we need to think about GSoC at some point. Potentially not now.
-
bear
noted
-
Kev
(But agenda for next week would be good, please)
-
stpeter
I have a huge presentation to make internally in 15 minutes so I'll ignore this XMPP stuff for a little while
-
bear
the only board business left to do is to affirm roles
-
bear
secretary, ED and so on, but I don't mind at all deferring that to another meeting
-
bear
so that the new board folks can acclimate
-
dwd
bear, stpeter suggested doing that in January.
-
bear
+1 to that
-
bear
ok, then I am calling this meeting done - any objections?
-
stpeter
no objections here!
-
bear
simon, dave?
-
Simon
done
-
dwd
Close away.
-
bear
any volunteer for meeting minutes - if not, I will do them tonight
-
stpeter
gotta run, bbl
-
bear
and I'll post the meeting announcement with agenda list to members@ tonight also
- stpeter has left
-
bear
ok, meeting is done
-
bear
minutes and agenda will be sent to members@ by me tonight
-
bear
thanks all for a most epic meeting
- dwd looks at the time.
-
dwd
Yup. Epic. :-)
-
bear
yea, seriously not a Kev quality meeting today ;)
-
Kev
Four times as good as a Council meeting? :)
-
bear
:)
-
bear
board meeting notice sent to members@
-
bear
more details to follow, switching of to $dayjob now
-
bear
s/of/over/
- Simon has joined
- Ashley Ward has joined
- Simon has left
-
Kev
My understanding is that all that's going to happen on 4th January is that people will need to have some sort of cert in place, is that right?
-
Kev
(That is - no-one's going to be requiring TAs and valid certs)
-
fippo
kev: that is my understanding as well. require TLS, but don't check certs
-
fippo
reminds me that technically we should have a spec for starttls+dialback by then
- fippo pokes dwd
-
Kev
Good, it'd be a shame to have to replace my five-year-old cert. I've gotten attached to it :D
-
fippo
that's actually one of the questions we need to work out for that
-
Lance
i'll be sad to see fippo have to replace his cert too :p
-
fippo
I'd say that for starttls+dialback only non-trusted or self-signed are egibly
-
fippo
but no certs that have expired or where the hostname doesn't match
-
Kev
Because a self-signed cert that's expired is less trustworthy than a selfsigned that hasn't?
-
fippo
no. because expired certs like mine should break
-
fippo
so i am forced to update it
-
fippo
and more important, so i notice something is wrong
-
Kev
And ADH is better or worse than an expired self-signed cert? :)
-
fippo
i dont think 6120 allows ADH :-p
-
fippo
but yeah, it's not a security question
-
Kev
Oh, does it not?
-
Kev
I can't find anything immediately disallowing anonymous suites.
-
fippo
right
-
fippo
it talks about a certificate in alot of places though.
-
Kev
It's not immediately clear to me that anonymous+dialback is any worse than untrusted+dialback
-
Kev
Is it?
-
fippo
i think they're the same as far as starttls+dialback is concerned
-
fippo
untrusted+dialback has some advantages for d-w-d
- Ashley Ward has left
- Ashley Ward has joined
-
Kev
And pinning.
-
Kev
Interestingly, though, -PLUS+ADH would still be better for clients that any other mech+a trusted cert, I think?
-
Kev
Well, depends what you consider the attack to be, I guess.
-
MattJ
With -PLUS I don't think it matters whether you use ADH or any kind of cert
-
Kev
It does if you think the password might be compromised elsewhere.
- Lloyd has left
-
bear
hey - can I suggest you guys talk about this over in jdev?
-
Kev
The XSF isn't an appropriate venue? :)
-
bear
it is - was just tyring to raise the awareness higher and jdev has more lurkers
- Ashley Ward has left
- Ashley Ward has joined
- SouL has left
- SouL has joined
- Ashley Ward has left
- Ashley Ward has joined
- Jef has joined
- Jef has left
- Ashley Ward has left
- Simon has joined
- Simon has left
- Simon has joined
- SouL has left
- SouL has joined
- stpeter has joined
- Simon has joined
- SouL has left
- Simon has left
- Simon has joined
- SouL has joined
- SouL has left
- SouL has joined
- Jef has joined
-
MattJ
Simon, the "Securing XMPP" is making me uneasy
-
MattJ
^ +page
-
Simon
what's up?
-
MattJ
It's just looking so complex...
-
Simon
I know.
-
MattJ
when the correct answer for Prosody users is really just... make sure you're running the latest versions of everything
-
MattJ
I can't speak for other implementations
-
MattJ
DANE is complicated and would need a whole tutorial by itself, it's not production-ready yet IMHO
-
Simon
Agreed. Let's cut it out.
-
MattJ
We need better docs, but I don't think it belongs in a high-level page such as this
-
MattJ
I need to work with Zash and other folk who have it deployed already to document it
-
Zash
mod_s2s_auth_dnssec_srv isn't DANE
-
MattJ
More testers and we can iron out the implementation and setup procedure
-
Simon
Presumably on 4th Jan ops will need to add c2s_require_encryption = true s2s_require_encryption = true ?
-
MattJ
Zash, there was a mod_dane or something though?
-
Zash
MattJ: No
-
MattJ
Simon, yes, that makes sense - I'm happy with that being on that page
-
MattJ
But cipher strings and such... I'd rather users just leave that stuff to us, unless they really know what they are doing
-
Simon
Also Prosody seems to treat client and s2s connections the same.
-
Simon
So we should just have a general section.
-
Zash
Treat how?
-
Simon
I mean with keys and ciphers.
-
MattJ
Yes, it does (though in trunk you can separate them - most people don't need/want this)
-
Simon
But yeah - it's late now, but I'd like to restructure the page more as a "for things to work on 4th Jan, you need to add the following to different servers" page.
-
Simon
Promise to look at this in the morning.
-
MattJ
I can help with that perhaps, I think most of the information is there now
-
MattJ
It just needs restructuring and simplification
-
MattJ
boiling down to the essentials
-
Simon
I suggest we structure it by Server, not c2s and s2s as teh page is done now.
-
MattJ
Agreed
-
Simon
then we have just the commands for each server.
-
MattJ
I think that will help a lot
-
Simon
yep
-
stpeter
+1
-
stpeter
that all sounds good
-
MattJ
Oh, and that reminds me I have some stats to post to jdev
-
stpeter
stats++
-
Simon
BTW, I ran into a bit of an issue with Prosody. I'd sort of assumed that I didn't need to install an intermediate certificate from my ca. Found out the hard way.
-
stpeter
yeah, intermediate certs are a pain
-
Simon
it might be nice to be more explicit about this in the docs.
-
MattJ
http://prosody.im/doc/certificates#certificate_chains
-
Simon
/might be nice if I read the docs.
-
Simon
you could loose the link to xmpp ica. :)
-
MattJ
A certificate issues by an intermediate CA is rarely usable on a server without the ICA's cert somewhere
-
MattJ
Yes, I'll fix that :)
-
MattJ
*issued by
-
Simon
XMPP.net is great for testing these things though :)
-
stpeter
yeah for sure, Thijs rocks
-
MattJ
+1
-
bear
+1
-
fippo
about 1000 times as much as my 2007 openssl s_client patches ;-)
-
stpeter
we should give Thijs an award of some kind at the next Summit :-)
-
fippo
free spare ribs?
-
stpeter
I still have on my desk the "Jimmie" award I earned in 2000 :-)
- SouL has left
-
bear
:)
-
stpeter
"Best Performance by a Deity" :-)
-
Simon
+1 on awards.
-
stpeter
I need to take a picture of that
- ralphm has joined
- SouL has joined
-
MattJ
Simon, I've updated the docs on ICAs and simplified the wording now
-
Simon
excellent :)
-
Simon
I'm re-layingout the wiki page now.
-
Simon
to the chagrin of "come to bed now Simon"
-
Simon
what is wrong with me.
-
MattJ
:)
-
Simon
ok - slightly better formatted now.
-
Simon
http://wiki.xmpp.org/web/Securing_XMPP
-
Simon
Perhaps we add "optional" to the gmail.com exclusion
-
Zash
And that's also not going to work
-
MattJ
Yeeah, we have a small issue there
-
Zash
s2s_insecure_domains isn't exceptions to the encryption requirement
-
Simon
I'll let you guys look after the prosody config :)
-
MattJ
I can hack this into mod_manifesto though perhaps :)
-
stpeter
can we do even unauthenticated encryption with gmail? even anon-DH would be better than nothing
-
MattJ
stpeter, nope
-
MattJ
They have no TLS whatsoever
-
stpeter
Simon: thanks for the updates, time to go to bed!
-
stpeter
sigh
-
SouL
stpeter: +1
-
SouL
gnight
-
stpeter
they're encrypting stuff between their data centers like made, but don't care about user communications?
-
stpeter
s/made/mad/
-
MattJ
and Prosody's s2s_require_encryption has no exclusion list
-
Simon
That could be a bit killer. Certainly for me I'm not goting to get a bunch of folk off gmail for a while.
- SouL has left
-
stpeter
Simon: yeah I know :(
-
stpeter
Simon: worry about that tomorrow, ok? ;-)
-
Simon
deal
-
Simon
night all
-
stpeter
:)
-
MattJ
'night :)
- SouL has joined
- Zash has left
-
bear
I see gmail folks moving on this only after we can show serious peer pressure that they are the *last* one to be insecure
-
stpeter
yes
-
MattJ
Call me cynical, but I doubt it somehow
-
stpeter
perhaps they'd rather turn off federation entirely
-
bear
yea
-
MattJ
I think federation is hanging by a thread (or maybe a piece of string) - their reaction to the peer pressure could be that someone there realises this is their last insecure service
-
MattJ
and then decides it's best turned off
-
stpeter
right
-
stpeter
everyone move to Hangouts and be done with that pesky interoperability stuff
-
MattJ
:)
-
bear
sit in your silo and be happy already
-
stpeter
heh
-
Simon
Matt - what is happening with your sign-up service?
- Alex has left
-
stpeter
Simon: go to bed already!
-
MattJ
Simon, you were getting some sleep
-
MattJ
and... I'm hoping to get to it at the weekend
-
stpeter
Simon: I'm going to kick you out!
-
Lance
someone just kick him from the room already :p
-
MattJ
It's currently a weekend-only project (I'd like to remove myself as the bottleneck ASAP though... get it up on github or something)
- psa has joined
-
MattJ
psa means business
-
bear
LOL
-
bear
does prosody (or other xmpp servers) allow UDP connections?
-
psa
hmph
-
bear
and ... I see Matt answering
-
psa
hmph, I can't figure out how to kick people in Adium :P
-
MattJ
bear, XMPP over lossy transports will be... unpleasant ;)
-
psa
/help
-
psa
hmph
-
bear
ugh - it won't let a mod kick a mod
-
psa
no, it's a UI or PEBKAC issue
-
bear
I just tried it using swift
-
psa
I can't figure out how to kick anyone
-
bear
Occupant role change failed: Not allowed
-
bear
that's the error I got
-
psa
damn MUC protections!
-
psa
security be damned!
-
MattJ
bear, XEP-0045 says you have to demote first :)
-
psa
stupid specs
-
psa
evil corporations defined this garbage!
-
psa
heh
-
Lance
alright guys, lets make a new room and all move there
-
MattJ
I'm sure half the people on standards@ would agree with you
- psa has left
-
MattJ
and the other half won't
-
stpeter
well, Simon got the message :P
-
bear
:)
-
bear
MattJ - yea,udp seems overkill, maybe they are solving/asking the wrong question
-
MattJ
If they really want presence over UDP... SIP? :)
- Simon has joined
- Edwin Mons has joined
-
ralphm
stpeter: maybe not
-
stpeter
ralphm: we just don't know, do we? if the right people read your + posts, things will all turn out well ;-)
- Simon has left
-
ralphm
stpeter: hmm. I think the technical people mostly did, but have no say
-
stpeter
ralphm: likely
-
bear
which post?
-
stpeter
that's how big companies often work (i.e., evil corporations)
-
ralphm
I like how hangouts recently addes things like moods, in-call and device status. http://m.iclarified.com/entry/index.php?enid=35592
-
ralphm
adds
-
ralphm
bear: the ones rectifying google back in May
-
bear
ah - ok, thought maybe I broke my reading list again
-
ralphm
but eh PEP
- stpeter has left
- dwd has left
- stpeter has left
- tato has left
- Lance has joined
- tato has joined
- Lance has joined
- tato has left
- stpeter has joined
- stpeter has left
- stpeter has joined
- stpeter has left
- SouL has left
- bear has joined
- bear has left
- bear has joined
- SouL has joined
- Ashley Ward has joined
- Ashley Ward has left
- Ashley Ward has joined
- Alex has joined
- Alex has left
- Alex has joined
- Ashley Ward has left
- Ashley Ward has joined
- Ashley Ward has left
- Ashley Ward has joined
- Ashley Ward has left
- Alex has left
- Ashley Ward has joined
- Lance has joined
- Lloyd has joined
- Lance has joined
- bear has left
- Lance has joined
- Lloyd has left
- Ashley Ward has left
- Lloyd has joined
- Ashley Ward has joined
- Lloyd has left
- Ashley Ward has left
- Lloyd has joined
- Ashley Ward has joined
- Edwin Mons has left
- Edwin Mons has joined
- Ashley Ward has left
- Ashley Ward has joined
- SouL has left
- Jef has joined
- Jef has left
- ralphm has left
- stpeter has joined
- stpeter has left
- Ashley Ward has left
- stpeter has joined
- jabberjocke has joined
- jabberjocke has left
- jabberjocke has joined
- Simon has joined
- Simon has left
- Alex has left
- Alex has left
- jabberjocke has left
- Lance has joined
- Zash has joined
- Simon has joined
- bear has joined
- Alex has joined
- Lance has joined
- Alex2 has joined
- Alex has joined
- Alex has left
- Alex2 has left
- Alex has joined
- SouL has joined
- SouL has left
- SouL has joined
- stpeter has left
- Simon has joined
- Ashley Ward has joined
- Simon has left
- Ashley Ward has left
- Ashley Ward has joined
- Lloyd has left
- Ashley Ward has left
- Ashley Ward has joined
- SouL has left
- SouL has joined
- Ashley Ward has left
- Ashley Ward has joined
- Jef has joined
- Jef has left
- Ashley Ward has left
- Simon has joined
- Simon has left
- Simon has joined
- SouL has left
- SouL has joined
- stpeter has joined
- Simon has joined
- SouL has left
- Simon has left
- Simon has joined
- SouL has joined
- SouL has left
- SouL has joined
- Jef has joined
- SouL has left
- ralphm has joined
- SouL has joined
- SouL has left
- SouL has joined
- Zash has left
- Alex has left
- psa has joined
- psa has left
- Simon has joined
- Edwin Mons has joined
- Simon has left
- stpeter has left
- dwd has left