XSF Discussion - 2013-11-20

  1. stpeter has left
  2. tato has left
  3. Lance has joined
  4. tato has joined
  5. Lance has joined
  6. tato has left
  7. stpeter has joined
  8. stpeter has left
  9. stpeter has joined
  10. stpeter has left
  11. SouL has left
  12. bear has joined
  13. bear has left
  14. bear has joined
  15. SouL has joined
  16. Ashley Ward has joined
  17. Ashley Ward has left
  18. Ashley Ward has joined
  19. Alex has joined
  20. Alex has left
  21. Alex has joined
  22. fippo I think that is Jers first post ever on a @xmpp.org list, isn't it?
  23. Alex fippo: which one?
  24. Alex standards list?
  25. fippo http://mail.jabber.org/pipermail/standards/2013-November/028280.html
  26. Ashley Ward has left
  27. Ashley Ward has joined
  28. Ashley Ward has left
  29. Ashley Ward has joined
  30. Ashley Ward has left
  31. dwd Yeah, I think any previous have been before the Great XSF Renaming.
  32. Alex has left
  33. Ashley Ward has joined
  34. Lance has joined
  35. Lloyd has joined
  36. Lance has joined
  37. bear has left
  38. Lance has joined
  39. dwd ralphm, It's the 15th of December we get a go/no-go for the FOSDEM Lounge, right? Do they normally hit that date or is there sometimes some slippage?
  40. ralphm yes
  41. ralphm no
  42. dwd Bedankt.
  43. ralphm :-D
  44. ralphm Maybe I could poke them a bit about it
  45. dwd It'd be useful to know as soon as, since we can begin planning more concretely, but I'd prefer not to annoy them.
  46. Lloyd has left
  47. Ashley Ward has left
  48. Lloyd has joined
  49. Ashley Ward has joined
  50. dwd Lloyd, Ashley Ward - Nice that your server broadcasts how it was shutdown.
  51. Lloyd has left
  52. Ashley Ward has left
  53. Lloyd has joined
  54. Ashley Ward has joined
  55. Ashley Ward If it does then I assume that's what Prosody does by default!
  56. dwd Ashley Ward, Yeah, seems so. Two restarts, eh?
  57. Ashley Ward Yeah. Lloyds been updating the TSL stuff on it in readiness for the 4th Jan
  58. Ashley Ward TSL = TLS
  59. dwd Right, yes. I think mine's about ready now. I've been trying to get otalk.im deployed, but it's not yet working for me.
  60. Ashley Ward Be interested to hear how you get on with that.
  61. dwd SLowly.
  62. dwd I'm really not experienced enough with Node and modern webapp stuff to figure out what's broken about it.
  63. Ashley Ward Hehe. Tell me about it - I've only barely figured out how all this node stuff works. I understand it okay as long as nothing goes too badly wrong!
  64. dwd I spent literally hours downloading extension after extension.
  65. ralphm Edwin Mons did the same for our machine the other day. He experienced issues with both disabling SSL and compression.
  66. Edwin Mons Well, prosody failed to do any TLS if I disabled compression.
  67. ralphm that counts as 'experiencing issues'
  68. ralphm :-D
  69. Edwin Mons It does.
  70. Edwin Mons That might be due to the hackish nature of our setup, though. I had to do a bit of library mapping to get luasec to use the openssl from ports.
  71. Edwin Mons Instead of the system openssl.
  72. Edwin Mons (FreeBSD based)
  73. dwd FreeBSD? But you don't have a beard...
  74. Edwin Mons dwd: in spirit only ;)
  75. Edwin Mons Nor does Kurt, for that matter ;)
  76. ralphm dwd: I have a beard
  77. ralphm and we co-admin
  78. Edwin Mons dwd: although I really do need to shave. It's not a full beard yet.
  79. Alex started memberbot
  80. Edwin Mons has left
  81. dwd Heh. Lisa Dusseault's applicaiton doesn't mention that she was the one who coined the term "stanza".
  82. Edwin Mons has joined
  83. dwd Voted. :-)
  84. Edwin Mons dwd: fix it for her, it's a wiki after all :P
  85. fippo dwd: she also denies coming from IRC ;-)
  86. dwd Nobody admits to any involvement there, though, right?
  87. Edwin Mons Voted as well. A shame dwd beat me to it ;)
  88. Alex isn't there a comment function in the Wiki?
  89. dwd Discussion page, at least - I've added a note there.
  90. Edwin Mons The talk page. But who looks there.
  91. Alex ya
  92. Edwin Mons Discussion, yes.
  93. dwd Both the new applicants look good. I also realise I know nearly every reapplicant personally, too.
  94. Kev OK, "Yes" isn't a valid response to the memberbot.
  95. Kev That seems a little bit overly restrictive.
  96. dwd Gosh. I hadn't actually noticed.
  97. Edwin Mons Just noticed Diana didn't reapply.
  98. Kev I also get the feeling Florian's heart wasn't really in this.
  99. Edwin Mons You'd think with all the time he had to spend on SFO, he'd have had ample time to create a beautiful page there.
  100. dwd That one might be my fault.
  101. dwd [17:26:45] David Cridland: Just put up a blank page, nobody reads them anyway. [17:30:00] Florian Jensen: lol [17:30:02] Florian Jensen: I'll try that
  102. Kev In fact, I'm not convinced that his application is legal.
  103. dwd Oh?
  104. Kev We have to provide affiliation information.
  105. dwd That is actually a good point.
  106. dwd Oh. Actually I can just add it into his application; assuming I'm right in thinking he's now working for Uber?
  107. dwd But no, we should just contact him, actually.
  108. Ashley Ward has left
  109. Ashley Ward has joined
  110. Edwin Mons I think editing someone's application is not really the best of ideas...
  111. Kev I'm opposed to people editing other people's applications.
  112. dwd Edwin Mons, It doesn't seem quite right, does it?
  113. Edwin Mons dwd: that's one way of putting it.
  114. Kev On the other hand, it's too late to edit applications at this point.
  115. Kev Does Florian get disqualified on a technicality? That would be ... amusing?
  116. dwd So the only way he could be disqualified would be to argue that his written application is not in such a form as has been adopted by the Board.
  117. dwd I think, anyway. So we'd need to decide on what form actually has been adopted by the Board.
  118. Kev Which is listed on http://wiki.xmpp.org/web/Membership_Applications_Q3_2013, no?
  119. dwd OK, when was that adopted by the Board?
  120. Edwin Mons The list of required elements is quite clear.
  121. Kev dwd: You tell me, you're on the Board :)
  122. dwd Edwin Mons, As far as I can tell, the Board agreed a few years ago to require a full name, which is *not* listed there. Can't yet find if they require anything else.
  123. dwd I suspect the Board could, and should, issue an edict^W^W^Wadopt a resolution that an application must include full name, email, jid, and employment details. I'm struggling to find if the Board ever has done so in the past, though.
  124. dwd Also, reading the bylaws, I'm surprised to note that companies can be members too.
  125. SouL has left
  126. Alex for reapplliers we never were that strict about this information. I guess because we assume that the info did not change and we got it with the 1st application
  127. dwd Right, something else for the Board to deal with, then.
  128. Alex yes
  129. dwd Alex, You were Chair when that Solarius guy stood without a real name - do you know if the Board "adopted such a form" about member applications then? I thought it did, but I can't find anything.
  130. Edwin Mons I think it did, but the members didn't accept it and voted him down.
  131. dwd Oh, so maybe we just didn't vote him in and left it.
  132. Alex it was a long discussion at that time, but I can't remember exactly what the conclusion was. But we accepted his application and at Fosdem verified his idendity when he showed up. That was a strange guy
  133. Edwin Mons I remember Christ had to share a room with him.
  134. dwd I've read through the members@ thread, and also the next Board minutes, and can't find any conclusion. Certainly no Board resolution.
  135. Jef has joined
  136. Jef has left
  137. ralphm has left
  138. Edwin Mons Good thing we have voting-by-proxy, because the meeting is at Sinterklaasavond.
  139. dwd Mmmmmm... mini-cookies....
  140. Alex wow 6 voters in the first 60 minutes, looks like we can achieve a good turnout this quarter ;-)
  141. dwd If we can keep up the momentum...
  142. stpeter has joined
  143. stpeter has left
  144. Ashley Ward has left
  145. Kev http://wiki.xmpp.org/web/Membership_Applications_Q3_2013 might need an update.
  146. dwd For the meeting dates, you mean?
  147. Kev r
  148. Alex updated
  149. Kev Murky buckets.
  150. Lloyd Has memberbot dropped offline for anyone else?
  151. dwd Lloyd, Online for me.
  152. Edwin Mons Online here.
  153. Kev Lloyd: Check no-one's been fiddling with your server ;)
  154. dwd And responding.
  155. dwd Lloyd, Right, could be some dodgy sysadmin breaking things.
  156. Lloyd :P Changes were made last night, gave it a kick earlier for another reason
  157. dwd I quite like Brian Carpenter's note to ietf-disgust saying that the main advantage of all these multistakeholder meeting groups has been to mire all attempts by governments to put international treaties over the internet.
  158. fippo ietf-disgust... ;-)
  159. dwd Not, sadly, my gag. I forget who uses that; one of the ADs I think.
  160. dwd *possibly* Adrian Farrell.
  161. Lloyd update: think it was adium being a pita, using xmpp-ftw to vote intead :)
  162. MattJ Heh
  163. stpeter has joined
  164. jabberjocke has joined
  165. jabberjocke has left
  166. jabberjocke has joined
  167. Simon has joined
  168. Simon has left
  169. Alex has left
  170. Alex has left
  171. jabberjocke has left
  172. Kev /Now/ memberbot isn't responding for me.
  173. Kev I've already voted, but it should still talk to me shouldn't it?
  174. Kev Ah, there it is. Just lagging a few minutes.
  175. Edwin Mons Same over here.
  176. MattJ It's simulating a real human
  177. MattJ or it's actually Alex simulating a bot
  178. Edwin Mons So you're saying there is no memberbot, just Alex?
  179. dwd Or that Alex is a bot faking being a human faking a bot?
  180. Kev Or there's no Alex, only the bot.
  181. Edwin Mons Hmm. I'm pretty sure I met someone who claimed to be Alex a few times.
  182. dwd Edwin Mons, Just shows how good that bot is.
  183. Edwin Mons Fair point. He/it sure passed the Turing test when I talked to him/it.
  184. Edwin Mons (Alex, not the memberbot)
  185. Lance has joined
  186. Lloyd kev: it was quite slow earlier
  187. dwd Lloyd, ALex, or the memberbot?
  188. Lloyd :) memberbot
  189. dwd Kev, You're Councilling today, aren't you?
  190. MattJ and since membership voting and meetings actually *happen*, it must be stpeter simulating them both
  191. Kev dwd: Yes, 16:10Z
  192. Lloyd MattJ :D
  193. Kev dwd: Pam?
  194. dwd Kev, Just so I could wander into the room and nod politely.
  195. ralphm dwd: like Kev does for Board?
  196. Kev I was very good!
  197. Zash has joined
  198. ralphm Kev: one occasion is not a pattern, but can be a good start :-P
  199. Kev You might be overly optimistic if you want a pattern :p
  200. Simon has joined
  201. bear has joined
  202. bear 5 minutes (or so) to the board meeting
  203. bear current agenda: - Board Chair election - FOSDEM preparation update - IoT Liason update from Peter - Membership application question from Dave - Next meeting time
  204. Simon I sent through a couple of things regarding security
  205. dwd Simon had some stuff, didn't he? Or am I confused?
  206. dwd Right. Not too confused.
  207. Alex has joined
  208. ralphm waves
  209. stpeter howdy
  210. bear oh poo
  211. Alex good
  212. Edwin Mons nods
  213. Alex I missed the last meeting, I huess treasurer and secretary is not yet elected?
  214. Alex huess==guess
  215. dwd No, we haven't yet reelected you.
  216. bear had that in my notes and forgot to add that line
  217. bear how are we on attendence today - me, dave, ralph, simon
  218. dwd waves
  219. bear has someone poked Laura
  220. dwd Laura sent apologies to the list.
  221. bear realizes he does not have her in his contacts
  222. dwd Lloyd, I assume she's still caught in whatever she was called into?
  223. dwd bear, She's not online anyway.
  224. Kev By 'the list' is this members@ or board@?
  225. ralphm yes
  226. stpeter in the past I've encouraged the Board to consider the various "positions" (secretary, treasurer-always-unfilled, and executive director) in January after they've interacted a bit with those currently serving in those roles
  227. Edwin Mons Glad that's cleared….
  228. stpeter perhaps it makes sense to formalize that
  229. dwd Kev, I can't remember where she sent her "I might not make it".
  230. ralphm stpeter: I can see the logic in that, yeah
  231. ralphm dwd: on the board list
  232. stpeter (because sometimes we have new Board members and they don't know who all the people are)
  233. dwd stpeter, But not Chair?
  234. bear her missing the meeting note went to the board list
  235. stpeter dwd: the Board selects its own chair and needs to do that straightaway, methinks
  236. bear ok, we have quorom, shall we start?
  237. ralphm bear: please
  238. Simon +1
  239. dwd stpeter, Yes, I'm inclined to agree, but it's technically a position just like secretary etc.
  240. stpeter the Secretary, Treasurer, and Executive Director are appointed or serve at the pleasure of the Board
  241. bear bangs the gavel
  242. stpeter IMHO
  243. stpeter anyway
  244. stpeter off you go :-)
  245. bear adds the current discussion to the agenda so we can get back to it
  246. bear any items that anyone want to add to the agenda?
  247. bear (I know about the item that I missed from Simon)
  248. bear ok, none given
  249. Alex ya, the current discussion about election schedules
  250. bear Alex - noted
  251. bear adjusts his pause-o-timer
  252. bear any others?
  253. ralphm nope
  254. bear first item: nominations for Board Chair so we can vote on them
  255. Kev I think you were going to discuss github for submissions, at some point.
  256. bear yes, but I need to get the git mirror in place before letting the membership know it's a change (well, that's what I was thinking)
  257. bear Nominations for Chair - do we have anyone who wants to nominate someone?
  258. Lloyd dwd: yeah sorry just caught up, she hasn't arrived back yet so I assume so.
  259. bear notes that he does not mind continuing in the role
  260. dwd I'm happy to do it, but happy to let you continue if you want.
  261. bear ok, Dave has offered what can only be described as a passive aggressive nomination ;)
  262. dwd :-)
  263. ralphm I nominate bear
  264. bear ok
  265. bear simon?
  266. dwd I read bear as nominating himself anyway. :-)
  267. ralphm nods
  268. bear I was leading the charge for passive aggressive nominations
  269. Alex so either fight now, or vote ;-)
  270. bear :)
  271. Simon What's Kev's role these days? Would he be eligible for nomination?
  272. Edwin Mons He's not on the board...
  273. bear kev is a member of the council, not the board
  274. dwd Edwin Mons, The chair need not be on the Board.
  275. Edwin Mons dwd: ah :)
  276. dwd At least, I see nothing at all in the bylaws that would indicate that.
  277. Alex and voted by board members
  278. Alex or elected
  279. ralphm Simon: did you want to nominate Kev?
  280. dwd The Board selects its chair, but the chair needn't be a Board member themselves. It's on a par with the other positions the XSF has, like Secretary, Treasurer, etc.
  281. Simon It would help if we outlined the responsibilites of the chair. What's their role?
  282. bear running the meetings
  283. Simon /duties?
  284. Simon k
  285. ralphm Simon: this is outlined in the by laws
  286. dwd That and, interesting, the Chair has the casting vote in the case of a tie.
  287. bear it's purely administrative - there are some bylaw specific duties that being charted as a org requires
  288. bear in all the time i've been aware of the board, I don't think we've ever had a tie
  289. Kev That's because we try to pick odd numbers for both Board and Council, I think.
  290. Kev (Less important for Council)
  291. bear nods
  292. Lance has joined
  293. stpeter dwd: the Board has traditionally selected a Chair from among the Board members, but you're right that it's not required by the bylaws
  294. dwd Oh, I lie - it's the Executive Director that has the casting vote.
  295. Kev That sounds more familiar.
  296. bear ok, the point still remains, does simon wish to nominate someone (or do ralph and dave wish to nominate anyone else)
  297. Simon I nominate Kev.
  298. bear k
  299. bear any others?
  300. ralphm nope
  301. bear dave?
  302. dwd No - without anyone else willing to nominate me, I'll withdraw, as well.
  303. bear you don't have to withdraw IMO
  304. dwd No, I don't I don't have to. :-)
  305. dwd I know I don't have to, I mean.
  306. ralphm ok, so we have two candidates: bear and kev
  307. bear ok, so we now have two people, Kev and Bear
  308. bear shall we vote?
  309. ralphm yep
  310. dwd Erm, wait.
  311. bear waits
  312. dwd It'd be handy to know if Kev accepts the nomination, first.
  313. Kev Sure, what's the worst that can happen? :)
  314. dwd You get twice as many minutes to write up?
  315. Kev (I don't like people being on both Board and Council, but I don't think this counts as Chair gets no power)
  316. ralphm Kev: that we vote for you and for all the other roles, too?
  317. bear ok, Kev has accepted - ready to vote now?
  318. dwd Yup.
  319. bear simon, ralph - ready?
  320. Simon yep
  321. ralphm yeah
  322. bear sound off then please
  323. ralphm +1 for bear
  324. Simon +1 for Kev
  325. bear is going to laugh if this ties
  326. bear +1 for bear
  327. dwd I was wondering about the wisdom of tying it, and therefore letting either Peter pick, or else making Laura do it instead.
  328. bear i would say that we send it to laura if it tied
  329. bear but I would also just remove myself and let kev do it - he has a very capable meeting running style
  330. ralphm dwd: about the minutes, technically it is the Secretary's duty
  331. stpeter I don't think it's appropriate for me to express a preference, given that the Board is the one determining whether I continue to serve as Executive Director with all its many perquisites of power
  332. ralphm stpeter: tough luck, should have written the by laws better :-D
  333. bear any opinion is always appreciated
  334. dwd I'll vote for bear. On balance, I think having Kev as Chair of both Board and Council would probably not be ideal.
  335. bear the current board "season" has already proved to be very divergent from past ones
  336. ralphm I want to note that I have to leave in a few minutes
  337. Kev Safe :)
  338. ralphm dwd: agreed
  339. bear ok, I see 1 for Kev and 3 for bear - that is done, i'll continue as Board Chair
  340. ralphm woot
  341. bear next agenda item: meeting time - shall we continue with bi weekly for next week and i'll post to the list for anyone to object?
  342. ralphm +1
  343. bear s/next week/next meeting/
  344. bear simon, dave?
  345. dwd I think we agreed on a meeting this time next week anyway.
  346. ralphm indeed
  347. Simon +1 for next week
  348. bear k
  349. dwd But as for ongoing, I'd like to hear from Laura on whether there's likely to be too many clashes for her at this time.
  350. bear meeting nextg week at the same time slot
  351. bear agreed - we need to put this to the list so she has ample time respond yea/nea
  352. stpeter why not weekly? fortnightly can get confusing ("do we have a meeting this week?") -- the meeting can always be short if there's not much to cover, as Council meetings are
  353. ralphm stpeter: I suggested this before, and still agree
  354. Alex +1
  355. bear looks and wonders why he typed bi above
  356. dwd Yes, I agree, weekly is better.
  357. Kev I find it works well for Council, even if half the meetings end up being "1. Roll call 2. Date of next"
  358. bear noted, i'll reinforce that in the email
  359. stpeter nods to Kev
  360. bear next agenda item i'm making FOSDEM report since ralph is time constrained
  361. ralphm dwd had a short chat on this earlier this week
  362. bear is there anything that is board actionable for FOSDEM yet?
  363. ralphm no
  364. dwd Not yet. We're somewhat constrined because we can't really commit until we've heard whether we get the Lounge again.
  365. ralphm we were talking about doing some kind of t-shirts/hoodies/whatever again
  366. bear has the wiki page for the next summit been created so we can start to note details and pending decision items?
  367. ralphm yeah, we formally won't know until half december
  368. bear ah - ok
  369. ralphm bear: I will do this tomorrow
  370. ralphm eh
  371. bear thanks ralph
  372. stpeter updates his .plan to find out about travel approvals and reserving space at the Cisco office again
  373. dwd Oh, we have quite a large page on SUmmit_15.
  374. ralphm there is a summit page already, though
  375. ralphm dwd: that's mostly a copy of previous editions
  376. bear yea, it seemed overly detailed
  377. bear ok, anything else needed for ralph and FOSDEM?
  378. ralphm but I think a separate planning page for us would be good
  379. ralphm with things like the gear we need and stuff
  380. bear +1
  381. bear shall we move on to the next item - IoT Liason report?
  382. ralphm I was happy for the IoT mentioning some stuff for the XMPP UK meetup, and I'd love to have some stuff from them at FOSDEM
  383. stpeter FOSDEM is even earlier than usual this year, so preparation in December will be important
  384. stpeter ralphm: yes
  385. ralphm the location is an ideal venue for things like this
  386. ralphm FOSDEM is hardly earlier
  387. ralphm one day or so
  388. stpeter sure
  389. Simon FWIW, I'll be offline most of December and the start of Jan.
  390. stpeter Simon: good for you :-)
  391. Simon :)
  392. ralphm Simon: booh
  393. stpeter ok, about liaison relationships...
  394. bear peter - can you give your IoT liason update?
  395. stpeter as you know, we've received a liaison request from ISO TC 122 (logistics stuff)
  396. stpeter we need to finalize that
  397. Alex2 has joined
  398. stpeter I did send an inquiry to them and they replied, so I will send information about that to the membership
  399. stpeter it was a small issue
  400. Alex has joined
  401. stpeter but we need to finalize it
  402. stpeter I'll have time to do that now
  403. stpeter I have also had some preliminary discussions with two other groups
  404. dwd We were finding out whether the specifications were under NDA or similar, weren't we?
  405. Alex has left
  406. Alex2 has left
  407. Alex has joined
  408. stpeter not quite NDA
  409. stpeter but they keep their specs under wraps until finished
  410. dwd Right.
  411. stpeter so if we assign two people (or whatever) to be liaisons, those people couldn't share the documents with, say, any XSF member or even the Council
  412. stpeter workaround: we could appoint the entire Council to be liaisons, but they might not care about the topics under consideration
  413. bear but they would not be barred from discussion specific items with council?
  414. ralphm I think at least one should be on the Council
  415. stpeter ralphm: good idea
  416. Simon What is ISO TC 122? The best I coluld find was the ISO packaging committee
  417. stpeter Simon: logistics
  418. stpeter lorries and such
  419. stpeter "this vehicle did not arrive at its scheduled location on time, has it been hijacked?" that kind of thing
  420. bear fleet monitoring?
  421. stpeter bear: as best I can determine, yes
  422. dwd We use TLS; we're immune to hijacking, right?
  423. Simon Right. What's the aim of liason - tech help or?
  424. stpeter so let me describe the two other liaison relationships and then I think we can talk in general about our approach
  425. Simon I didn't even need to read the sender of that to know it was a DWD post.
  426. bear :)
  427. stpeter Simon: review their technical specs so that they don't use XMPP in silly ways
  428. bear dave - can i watch you try to MiTM a lorrie session?
  429. ralphm this
  430. Simon Sounds very useful and a good way to generate an XEP down the road.
  431. stpeter the other two are IEC TC 57 (electrical grid stuff) and UPnP Forum
  432. Kev bear: Sorry, with that comment I'm forced to post http://b.oooom.net/1r8t
  433. stpeter IEC TC 57 seems to be interested in using XMPP in ways similar to the OpenADR folks did in the USA, but globally
  434. stpeter I reviewed the OpenADR work informally (no liaison relationship needed) last year
  435. stpeter IEC is more formal
  436. bear kev - that is an epic video IMO (and i'll stop derailing the thread now)
  437. dwd If they're extending, rather than using existing stuff, do we want them to do so within the XSF and the XEP framework, or don't we care?
  438. stpeter so they'd want something similar to what we do with ISO TC 122
  439. stpeter so far, these have not been extensions but "profiles" that re-use their existing XML payload formats
  440. stpeter they're just using XMPP as a transport
  441. stpeter at least during the initial phases
  442. Simon While on the subject of liason, it would be great to help out the mozilla folk more in their wg-presence list.
  443. stpeter Simon: yes
  444. bear signed up for wg-presence mailing list last night
  445. stpeter the other liaison relationship people have been exploring with me is UPnP Forum, which is basing its "UPnP Cloud" technology on XMPP
  446. Simon https://mail.mozilla.org/pipermail/wg-presence/2013-November/000143.html
  447. Simon and there is a call tomorrow 10AM PST
  448. dwd stpeter, So how does the UPnP stuff work in terms of specification access?
  449. stpeter (BTW, the last two have come about through people within Cisco poking me to help out since I'm the "XMPP Guy")
  450. stpeter dwd: I am not sure yet about that -- the discussions have been quite preliminary and I don't know the details, although I was on a call with some of the UPnP folks recently and they asked me some technical questions about XMPP
  451. stpeter since I work at Cisco and Cisco is a corporate member of these organizations, I haven't needed to sign an NDA or become a formal liaison or anything like that
  452. stpeter but both IEC and UPnP Forum seemingly would like to also establish a more formal relationship
  453. Simon I'm happy to add my name to a list to help out with liason (inside or outside of any official role). Can sign any NDAs privately too.
  454. dwd That seems like really good news.
  455. stpeter XMPP is now an old technology and these more formal SDOs are getting interested in using it :-)
  456. stpeter so the question for the Board is, do we want to set some guidelines for establishing liaison relationships with other SDOs?
  457. Simon That's it I'm leaving - you make me feel old.
  458. dwd stpeter, It'd be useful to steer these guys into working "our" way as much as we can, but it's good that they're inetersted at al.
  459. stpeter we have 3 in the pipeline now, and might have more in the future
  460. bear I think we need to have a wiki page (or something) that outlines how a group can make contact with us for that
  461. dwd stpeter, Is there anything you need form us at this stage?
  462. stpeter dwd: these organizations are quite formal in how they work, especially ISO/IEC -- they're multistakeholder organizations etc.
  463. stpeter dwd: so I don't think we'll steer them anywhere :-)
  464. stpeter dwd: I think we need direction from the Board about our preferred way of working here
  465. bear at a minimum we can make sure XMPP is not dismissed for bad information or FUD
  466. dwd stpeter, Right, but since we have a formal membership, I was wondering if all members could get access to the specs for liason, etc.
  467. stpeter e.g., "at least one Council member"
  468. SouL has joined
  469. Simon I guess this really depends what they are looking for? Technical help? Design help? Protocol approval?
  470. stpeter dwd: typically these groups seem to want consolidated feedback, so opening up access to all XSF members might be complicated
  471. stpeter dwd: e.g., do we need to take an XSF vote on our review feedback?
  472. dwd stpeter, Yes, we'd want communications to be formalized through a liason.
  473. stpeter Simon: good question
  474. bear this really sounds like something that the Council needs to be a part of - since that is the group the membership bestows formally the task of ensuring technical accuracy
  475. Simon So this could be a working-group scenario (probably staffed by fine council members)
  476. dwd stpeter, As far as choice of actual liason goes, the COuncil ought to be selecting the people.
  477. stpeter Simon: in my experience so far, these groups have independently decided they want to use XMPP, but they're experts in other domains so they want someone who knows about XMPP to give them some design help with the XMPP aspects and review their work so that what they produce is consistent with the Tao of XMPP
  478. Kev dwd: I think that's something Board should give blessing to, if that's what we do.
  479. Alex I also think working group, maybe only with elected members from the council or board
  480. stpeter I note that in the IETF, it's the IAB (not the IESG) that appoints liaisons
  481. bear at first we could consider it a board+council working group and if membership expresses a strong desire we can make it another voted group?
  482. Kev These are people representing the XSF, in private. There's clearly relevance to both parties.
  483. dwd stpeter, Right, but the XSF Board isn't the IAB, the XSF Board is the ISOC Board.
  484. stpeter dwd: no one knows what the IAB really is ;-)
  485. stpeter but anyway, we need to figure this out
  486. dwd stpeter, However grew the biggest beard.
  487. dwd Whoever, even. My typing's gone today.
  488. stpeter my preference is to have only a single liaison or a small number of them
  489. stpeter not the whole Council or the whole membership
  490. bear single liason from a small(ish) pool?
  491. dwd OK, so I'll suggest that the Council provides nominations for liasons to the Board on a per-project basis, and the Board ratifies that.
  492. stpeter I'd be fine with the whole Council, actually, but they have enough to do
  493. stpeter another question is whether liaisons need to be XSF members
  494. stpeter dwd: that approach seems reasonable
  495. bear I want to say yes to that - as liason will represent the XSF
  496. dwd Oh, indeed... Yes, I think we do want liasons to be XSF members typically.
  497. stpeter bear: yes, I think so
  498. dwd It's not clear if we want this to be an unbreakable rule.
  499. stpeter dwd: not clear to me either
  500. bear I don't like unbreakable in general
  501. stpeter :)
  502. bear because a person may be needed due to problem space expertise
  503. stpeter we could consider a liaison team to be a work team per the bylaws
  504. stpeter (btw)
  505. bear in that case we should have both
  506. dwd If we had, say, two people on the liason team, I'd be happy to mandate that one of them must be XSF.
  507. bear yes
  508. Simon So let's do this on a case by case basis until we have a repeatable pattern. I'd be happy for the first liason to be made up of a council working group of ~3 people that feel strongly about the topic and can sign up/and sign an NDA to work on the topic.
  509. dwd stpeter, Yeah, that's XSF members only, right?
  510. stpeter dwd: yes
  511. bear peter - agree that liason should be a work team
  512. dwd bear, That does make it an unbreakable rule that the liasons are XSF members.
  513. Kev Is this a particularly productive discussion about a situation that hasn't come up? :)
  514. bear ok, following simon's lead: we (the board) will ask the Council to nominate 2+ people to form the initial liason team and then iterate on that as needed
  515. stpeter Simon: that's a good question, I don't know if these groups do have formal NDAs but it's something similar (and that's something the XSF is probably committing to by setting up a liaison relationship although right now I don't recall the details for ISO and I haven't heard about them yet for IEC or UPnP)
  516. stpeter Kev: :)
  517. dwd Let's keep XSF members only for now. If something comes up where we can't fulfill that for some reason, we'll tackle it then.
  518. stpeter Kev: I was suggesting that we use the work team model because it's already in the bylaws and we don't need to design new process for it
  519. dwd So, also, yes - use the work team model.
  520. bear +1 to work team model
  521. bear ok, do we have any other colour choices for this bike shed?
  522. stpeter :)
  523. dwd bear, So I'd like to move that for any liasons, the COuncil nominates a small team (1-3 typically) to act as liason work team, which the Board ratifies.
  524. stpeter http://xmpp.org/about-xmpp/xsf/xsf-bylaws/ Article VIII by the way
  525. stpeter dwd: seems reasonable to me
  526. bear I suggest that we take dave's summary as our actionable item for this
  527. Simon +1
  528. bear ralph?
  529. bear (wondering if he is even still here)
  530. dwd Gone I think.
  531. dwd But we're still quorate.
  532. bear k
  533. dwd (just)
  534. stpeter dwd: you love the word 'quorate' don't you?
  535. bear Kev - what is the best place for the board to ask the council for this - on the mailing list?
  536. stpeter members@ list I'd think :-)
  537. Kev Poke me on the Council list to put it on the agenda, I"d have thought.
  538. stpeter other members might have ideas too
  539. dwd stpeter, You're upbraiding me for linguistics? Pot, kettle, black!
  540. Simon What's next on the agenda?
  541. Kev And sure, copy members@.
  542. bear Peter - can we then get you to post that request for the current liason spot on members@ to the council
  543. bear notes he is moderated for council@
  544. stpeter " - Membership application question from Dave"
  545. stpeter bear: sure
  546. dwd Defer it until a next meeting.
  547. SouL has left
  548. Kev bear: Poke me via IM to try and fix that, or Peter.
  549. bear kev - will do
  550. bear ok, dave's question is deferred to next
  551. bear that leaves simon's item about planning for security day
  552. stpeter bear: fixed
  553. bear thank you sir
  554. Simon We really need a good set of technical documents on how to pass the security day. And we need to start ramping up publicity for it.
  555. dwd Simon, I'd rather defer your publicity questions until Laura is present.
  556. Simon I've tried to have some of these here. http://wiki.xmpp.org/web/Securing_XMPP
  557. Simon publicity we can do with laura - sure
  558. bear we can raise the issue now to get started, most of this I think should be on members@ list
  559. SouL has joined
  560. Simon but we should think about nudging the different XMPP server groups to publish the bare minimum to pass the tests.
  561. stpeter Simon: yes
  562. Simon I'll start this with a post to jdev
  563. stpeter Simon: great!
  564. Simon and we should also ack the great work that thaijs has been doing on the xmpp.net project.
  565. stpeter Simon: I'm happy to poke people like Matthias and Artur directly, too
  566. Simon that's the most amazing piece of light shining into the dark corners of insecurity.
  567. bear agreed
  568. Simon Wish we had something like that to test XEPs :)
  569. bear that is something we can discuss with Laura, ways to show focus on members activities
  570. stpeter Simon: actually, the UPnP folks asked me about compliance testing suites but I didn't have much to offer
  571. Simon ok then that's my bit - but everyone please keep tweeting and mentioning the upcoming date.
  572. Simon 4th Jan :)
  573. stpeter Simon: will do!
  574. bear if anyone wants to see a blog post happen, please do poke me via IM or email and I'll generate one
  575. Simon the DNSSEC stuff isn't doing any harm with the IAB either :) Dan York loves us.
  576. stpeter yep!
  577. dwd Also pleasing to see Hannes joining in.
  578. stpeter Dan and I plan to write an Internet-Draft about being a "Jabber scribe" (as they call it) during IETF sessions
  579. Simon Hannes?
  580. stpeter another IETF character
  581. dwd Tschoffenig.
  582. dwd Author of the most Internet Drafts, I seem to recall.
  583. Simon right - so that's my security bit for this week.
  584. stpeter Hannes Tschofenig
  585. bear that is the last agenda item, any agenda bashing for this meeting?
  586. stpeter no AOB here
  587. dwd None from me.
  588. Kev I note we need to think about GSoC at some point. Potentially not now.
  589. bear noted
  590. Kev (But agenda for next week would be good, please)
  591. stpeter I have a huge presentation to make internally in 15 minutes so I'll ignore this XMPP stuff for a little while
  592. bear the only board business left to do is to affirm roles
  593. bear secretary, ED and so on, but I don't mind at all deferring that to another meeting
  594. bear so that the new board folks can acclimate
  595. dwd bear, stpeter suggested doing that in January.
  596. bear +1 to that
  597. bear ok, then I am calling this meeting done - any objections?
  598. stpeter no objections here!
  599. bear simon, dave?
  600. Simon done
  601. dwd Close away.
  602. bear any volunteer for meeting minutes - if not, I will do them tonight
  603. stpeter gotta run, bbl
  604. bear and I'll post the meeting announcement with agenda list to members@ tonight also
  605. stpeter has left
  606. bear ok, meeting is done
  607. bear minutes and agenda will be sent to members@ by me tonight
  608. bear thanks all for a most epic meeting
  609. dwd looks at the time.
  610. dwd Yup. Epic. :-)
  611. bear yea, seriously not a Kev quality meeting today ;)
  612. Kev Four times as good as a Council meeting? :)
  613. bear :)
  614. bear board meeting notice sent to members@
  615. bear more details to follow, switching of to $dayjob now
  616. bear s/of/over/
  617. Simon has joined
  618. Ashley Ward has joined
  619. Simon has left
  620. Kev My understanding is that all that's going to happen on 4th January is that people will need to have some sort of cert in place, is that right?
  621. Kev (That is - no-one's going to be requiring TAs and valid certs)
  622. fippo kev: that is my understanding as well. require TLS, but don't check certs
  623. fippo reminds me that technically we should have a spec for starttls+dialback by then
  624. fippo pokes dwd
  625. Kev Good, it'd be a shame to have to replace my five-year-old cert. I've gotten attached to it :D
  626. fippo that's actually one of the questions we need to work out for that
  627. Lance i'll be sad to see fippo have to replace his cert too :p
  628. fippo I'd say that for starttls+dialback only non-trusted or self-signed are egibly
  629. fippo but no certs that have expired or where the hostname doesn't match
  630. Kev Because a self-signed cert that's expired is less trustworthy than a selfsigned that hasn't?
  631. fippo no. because expired certs like mine should break
  632. fippo so i am forced to update it
  633. fippo and more important, so i notice something is wrong
  634. Kev And ADH is better or worse than an expired self-signed cert? :)
  635. fippo i dont think 6120 allows ADH :-p
  636. fippo but yeah, it's not a security question
  637. Kev Oh, does it not?
  638. Kev I can't find anything immediately disallowing anonymous suites.
  639. fippo right
  640. fippo it talks about a certificate in alot of places though.
  641. Kev It's not immediately clear to me that anonymous+dialback is any worse than untrusted+dialback
  642. Kev Is it?
  643. fippo i think they're the same as far as starttls+dialback is concerned
  644. fippo untrusted+dialback has some advantages for d-w-d
  645. Ashley Ward has left
  646. Ashley Ward has joined
  647. Kev And pinning.
  648. Kev Interestingly, though, -PLUS+ADH would still be better for clients that any other mech+a trusted cert, I think?
  649. Kev Well, depends what you consider the attack to be, I guess.
  650. MattJ With -PLUS I don't think it matters whether you use ADH or any kind of cert
  651. Kev It does if you think the password might be compromised elsewhere.
  652. Lloyd has left
  653. bear hey - can I suggest you guys talk about this over in jdev?
  654. Kev The XSF isn't an appropriate venue? :)
  655. bear it is - was just tyring to raise the awareness higher and jdev has more lurkers
  656. Ashley Ward has left
  657. Ashley Ward has joined
  658. SouL has left
  659. SouL has joined
  660. Ashley Ward has left
  661. Ashley Ward has joined
  662. Jef has joined
  663. Jef has left
  664. Ashley Ward has left
  665. Simon has joined
  666. Simon has left
  667. Simon has joined
  668. SouL has left
  669. SouL has joined
  670. stpeter has joined
  671. Simon has joined
  672. SouL has left
  673. Simon has left
  674. Simon has joined
  675. SouL has joined
  676. SouL has left
  677. SouL has joined
  678. Jef has joined
  679. MattJ Simon, the "Securing XMPP" is making me uneasy
  680. MattJ ^ +page
  681. Simon what's up?
  682. MattJ It's just looking so complex...
  683. Simon I know.
  684. MattJ when the correct answer for Prosody users is really just... make sure you're running the latest versions of everything
  685. MattJ I can't speak for other implementations
  686. MattJ DANE is complicated and would need a whole tutorial by itself, it's not production-ready yet IMHO
  687. Simon Agreed. Let's cut it out.
  688. MattJ We need better docs, but I don't think it belongs in a high-level page such as this
  689. MattJ I need to work with Zash and other folk who have it deployed already to document it
  690. Zash mod_s2s_auth_dnssec_srv isn't DANE
  691. MattJ More testers and we can iron out the implementation and setup procedure
  692. Simon Presumably on 4th Jan ops will need to add c2s_require_encryption = true s2s_require_encryption = true ?
  693. MattJ Zash, there was a mod_dane or something though?
  694. Zash MattJ: No
  695. MattJ Simon, yes, that makes sense - I'm happy with that being on that page
  696. MattJ But cipher strings and such... I'd rather users just leave that stuff to us, unless they really know what they are doing
  697. Simon Also Prosody seems to treat client and s2s connections the same.
  698. Simon So we should just have a general section.
  699. Zash Treat how?
  700. Simon I mean with keys and ciphers.
  701. MattJ Yes, it does (though in trunk you can separate them - most people don't need/want this)
  702. Simon But yeah - it's late now, but I'd like to restructure the page more as a "for things to work on 4th Jan, you need to add the following to different servers" page.
  703. Simon Promise to look at this in the morning.
  704. MattJ I can help with that perhaps, I think most of the information is there now
  705. MattJ It just needs restructuring and simplification
  706. MattJ boiling down to the essentials
  707. Simon I suggest we structure it by Server, not c2s and s2s as teh page is done now.
  708. MattJ Agreed
  709. Simon then we have just the commands for each server.
  710. MattJ I think that will help a lot
  711. Simon yep
  712. stpeter +1
  713. stpeter that all sounds good
  714. MattJ Oh, and that reminds me I have some stats to post to jdev
  715. stpeter stats++
  716. Simon BTW, I ran into a bit of an issue with Prosody. I'd sort of assumed that I didn't need to install an intermediate certificate from my ca. Found out the hard way.
  717. stpeter yeah, intermediate certs are a pain
  718. Simon it might be nice to be more explicit about this in the docs.
  719. MattJ http://prosody.im/doc/certificates#certificate_chains
  720. Simon /might be nice if I read the docs.
  721. Simon you could loose the link to xmpp ica. :)
  722. MattJ A certificate issues by an intermediate CA is rarely usable on a server without the ICA's cert somewhere
  723. MattJ Yes, I'll fix that :)
  724. MattJ *issued by
  725. Simon XMPP.net is great for testing these things though :)
  726. stpeter yeah for sure, Thijs rocks
  727. MattJ +1
  728. bear +1
  729. fippo about 1000 times as much as my 2007 openssl s_client patches ;-)
  730. stpeter we should give Thijs an award of some kind at the next Summit :-)
  731. fippo free spare ribs?
  732. stpeter I still have on my desk the "Jimmie" award I earned in 2000 :-)
  733. SouL has left
  734. bear :)
  735. stpeter "Best Performance by a Deity" :-)
  736. Simon +1 on awards.
  737. stpeter I need to take a picture of that
  738. ralphm has joined
  739. SouL has joined
  740. MattJ Simon, I've updated the docs on ICAs and simplified the wording now
  741. Simon excellent :)
  742. Simon I'm re-layingout the wiki page now.
  743. Simon to the chagrin of "come to bed now Simon"
  744. Simon what is wrong with me.
  745. MattJ :)
  746. Simon ok - slightly better formatted now.
  747. Simon http://wiki.xmpp.org/web/Securing_XMPP
  748. Simon Perhaps we add "optional" to the gmail.com exclusion
  749. Zash And that's also not going to work
  750. MattJ Yeeah, we have a small issue there
  751. Zash s2s_insecure_domains isn't exceptions to the encryption requirement
  752. Simon I'll let you guys look after the prosody config :)
  753. MattJ I can hack this into mod_manifesto though perhaps :)
  754. stpeter can we do even unauthenticated encryption with gmail? even anon-DH would be better than nothing
  755. MattJ stpeter, nope
  756. MattJ They have no TLS whatsoever
  757. stpeter Simon: thanks for the updates, time to go to bed!
  758. stpeter sigh
  759. SouL stpeter: +1
  760. SouL gnight
  761. stpeter they're encrypting stuff between their data centers like made, but don't care about user communications?
  762. stpeter s/made/mad/
  763. MattJ and Prosody's s2s_require_encryption has no exclusion list
  764. Simon That could be a bit killer. Certainly for me I'm not goting to get a bunch of folk off gmail for a while.
  765. SouL has left
  766. stpeter Simon: yeah I know :(
  767. stpeter Simon: worry about that tomorrow, ok? ;-)
  768. Simon deal
  769. Simon night all
  770. stpeter :)
  771. MattJ 'night :)
  772. SouL has joined
  773. Zash has left
  774. bear I see gmail folks moving on this only after we can show serious peer pressure that they are the *last* one to be insecure
  775. stpeter yes
  776. MattJ Call me cynical, but I doubt it somehow
  777. stpeter perhaps they'd rather turn off federation entirely
  778. bear yea
  779. MattJ I think federation is hanging by a thread (or maybe a piece of string) - their reaction to the peer pressure could be that someone there realises this is their last insecure service
  780. MattJ and then decides it's best turned off
  781. stpeter right
  782. stpeter everyone move to Hangouts and be done with that pesky interoperability stuff
  783. MattJ :)
  784. bear sit in your silo and be happy already
  785. stpeter heh
  786. Simon Matt - what is happening with your sign-up service?
  787. Alex has left
  788. stpeter Simon: go to bed already!
  789. MattJ Simon, you were getting some sleep
  790. MattJ and... I'm hoping to get to it at the weekend
  791. stpeter Simon: I'm going to kick you out!
  792. Lance someone just kick him from the room already :p
  793. MattJ It's currently a weekend-only project (I'd like to remove myself as the bottleneck ASAP though... get it up on github or something)
  794. psa has joined
  795. MattJ psa means business
  796. bear LOL
  797. bear does prosody (or other xmpp servers) allow UDP connections?
  798. psa hmph
  799. bear and ... I see Matt answering
  800. psa hmph, I can't figure out how to kick people in Adium :P
  801. MattJ bear, XMPP over lossy transports will be... unpleasant ;)
  802. psa /help
  803. psa hmph
  804. bear ugh - it won't let a mod kick a mod
  805. psa no, it's a UI or PEBKAC issue
  806. bear I just tried it using swift
  807. psa I can't figure out how to kick anyone
  808. bear Occupant role change failed: Not allowed
  809. bear that's the error I got
  810. psa damn MUC protections!
  811. psa security be damned!
  812. MattJ bear, XEP-0045 says you have to demote first :)
  813. psa stupid specs
  814. psa evil corporations defined this garbage!
  815. psa heh
  816. Lance alright guys, lets make a new room and all move there
  817. MattJ I'm sure half the people on standards@ would agree with you
  818. psa has left
  819. MattJ and the other half won't
  820. stpeter well, Simon got the message :P
  821. bear :)
  822. bear MattJ - yea,udp seems overkill, maybe they are solving/asking the wrong question
  823. MattJ If they really want presence over UDP... SIP? :)
  824. Simon has joined
  825. Edwin Mons has joined
  826. ralphm stpeter: maybe not
  827. stpeter ralphm: we just don't know, do we? if the right people read your + posts, things will all turn out well ;-)
  828. Simon has left
  829. ralphm stpeter: hmm. I think the technical people mostly did, but have no say
  830. stpeter ralphm: likely
  831. bear which post?
  832. stpeter that's how big companies often work (i.e., evil corporations)
  833. ralphm I like how hangouts recently addes things like moods, in-call and device status. http://m.iclarified.com/entry/index.php?enid=35592
  834. ralphm adds
  835. ralphm bear: the ones rectifying google back in May
  836. bear ah - ok, thought maybe I broke my reading list again
  837. ralphm but eh PEP
  838. stpeter has left
  839. dwd has left