XSF Discussion - 2013-11-20

  1. stpeter has left

  2. tato has left

  3. Lance has joined

  4. tato has joined

  5. Lance has joined

  6. tato has left

  7. stpeter has joined

  8. stpeter has left

  9. stpeter has joined

  10. stpeter has left

  11. SouL has left

  12. bear has joined

  13. bear has left

  14. bear has joined

  15. SouL has joined

  16. Ashley Ward has joined

  17. Ashley Ward has left

  18. Ashley Ward has joined

  19. Alex has joined

  20. Alex has left

  21. Alex has joined

  22. fippo

    I think that is Jers first post ever on a @xmpp.org list, isn't it?

  23. Alex

    fippo: which one?

  24. Alex

    standards list?

  25. fippo


  26. Ashley Ward has left

  27. Ashley Ward has joined

  28. Ashley Ward has left

  29. Ashley Ward has joined

  30. Ashley Ward has left

  31. dwd

    Yeah, I think any previous have been before the Great XSF Renaming.

  32. Alex has left

  33. Ashley Ward has joined

  34. Lance has joined

  35. Lloyd has joined

  36. Lance has joined

  37. bear has left

  38. Lance has joined

  39. dwd

    ralphm, It's the 15th of December we get a go/no-go for the FOSDEM Lounge, right? Do they normally hit that date or is there sometimes some slippage?

  40. ralphm


  41. ralphm


  42. dwd


  43. ralphm


  44. ralphm

    Maybe I could poke them a bit about it

  45. dwd

    It'd be useful to know as soon as, since we can begin planning more concretely, but I'd prefer not to annoy them.

  46. Lloyd has left

  47. Ashley Ward has left

  48. Lloyd has joined

  49. Ashley Ward has joined

  50. dwd

    Lloyd, Ashley Ward - Nice that your server broadcasts how it was shutdown.

  51. Lloyd has left

  52. Ashley Ward has left

  53. Lloyd has joined

  54. Ashley Ward has joined

  55. Ashley Ward

    If it does then I assume that's what Prosody does by default!

  56. dwd

    Ashley Ward, Yeah, seems so. Two restarts, eh?

  57. Ashley Ward

    Yeah. Lloyds been updating the TSL stuff on it in readiness for the 4th Jan

  58. Ashley Ward

    TSL = TLS

  59. dwd

    Right, yes. I think mine's about ready now. I've been trying to get otalk.im deployed, but it's not yet working for me.

  60. Ashley Ward

    Be interested to hear how you get on with that.

  61. dwd


  62. dwd

    I'm really not experienced enough with Node and modern webapp stuff to figure out what's broken about it.

  63. Ashley Ward

    Hehe. Tell me about it - I've only barely figured out how all this node stuff works. I understand it okay as long as nothing goes too badly wrong!

  64. dwd

    I spent literally hours downloading extension after extension.

  65. ralphm

    Edwin Mons did the same for our machine the other day. He experienced issues with both disabling SSL and compression.

  66. Edwin Mons

    Well, prosody failed to do any TLS if I disabled compression.

  67. ralphm

    that counts as 'experiencing issues'

  68. ralphm


  69. Edwin Mons

    It does.

  70. Edwin Mons

    That might be due to the hackish nature of our setup, though. I had to do a bit of library mapping to get luasec to use the openssl from ports.

  71. Edwin Mons

    Instead of the system openssl.

  72. Edwin Mons

    (FreeBSD based)

  73. dwd

    FreeBSD? But you don't have a beard...

  74. Edwin Mons

    dwd: in spirit only ;)

  75. Edwin Mons

    Nor does Kurt, for that matter ;)

  76. ralphm

    dwd: I have a beard

  77. ralphm

    and we co-admin

  78. Edwin Mons

    dwd: although I really do need to shave. It's not a full beard yet.

  79. Alex started memberbot

  80. Edwin Mons has left

  81. dwd

    Heh. Lisa Dusseault's applicaiton doesn't mention that she was the one who coined the term "stanza".

  82. Edwin Mons has joined

  83. dwd

    Voted. :-)

  84. Edwin Mons

    dwd: fix it for her, it's a wiki after all :P

  85. fippo

    dwd: she also denies coming from IRC ;-)

  86. dwd

    Nobody admits to any involvement there, though, right?

  87. Edwin Mons

    Voted as well. A shame dwd beat me to it ;)

  88. Alex

    isn't there a comment function in the Wiki?

  89. dwd

    Discussion page, at least - I've added a note there.

  90. Edwin Mons

    The talk page. But who looks there.

  91. Alex


  92. Edwin Mons

    Discussion, yes.

  93. dwd

    Both the new applicants look good. I also realise I know nearly every reapplicant personally, too.

  94. Kev

    OK, "Yes" isn't a valid response to the memberbot.

  95. Kev

    That seems a little bit overly restrictive.

  96. dwd

    Gosh. I hadn't actually noticed.

  97. Edwin Mons

    Just noticed Diana didn't reapply.

  98. Kev

    I also get the feeling Florian's heart wasn't really in this.

  99. Edwin Mons

    You'd think with all the time he had to spend on SFO, he'd have had ample time to create a beautiful page there.

  100. dwd

    That one might be my fault.

  101. dwd

    [17:26:45] David Cridland: Just put up a blank page, nobody reads them anyway. [17:30:00] Florian Jensen: lol [17:30:02] Florian Jensen: I'll try that

  102. Kev

    In fact, I'm not convinced that his application is legal.

  103. dwd


  104. Kev

    We have to provide affiliation information.

  105. dwd

    That is actually a good point.

  106. dwd

    Oh. Actually I can just add it into his application; assuming I'm right in thinking he's now working for Uber?

  107. dwd

    But no, we should just contact him, actually.

  108. Ashley Ward has left

  109. Ashley Ward has joined

  110. Edwin Mons

    I think editing someone's application is not really the best of ideas...

  111. Kev

    I'm opposed to people editing other people's applications.

  112. dwd

    Edwin Mons, It doesn't seem quite right, does it?

  113. Edwin Mons

    dwd: that's one way of putting it.

  114. Kev

    On the other hand, it's too late to edit applications at this point.

  115. Kev

    Does Florian get disqualified on a technicality? That would be ... amusing?

  116. dwd

    So the only way he could be disqualified would be to argue that his written application is not in such a form as has been adopted by the Board.

  117. dwd

    I think, anyway. So we'd need to decide on what form actually has been adopted by the Board.

  118. Kev

    Which is listed on http://wiki.xmpp.org/web/Membership_Applications_Q3_2013, no?

  119. dwd

    OK, when was that adopted by the Board?

  120. Edwin Mons

    The list of required elements is quite clear.

  121. Kev

    dwd: You tell me, you're on the Board :)

  122. dwd

    Edwin Mons, As far as I can tell, the Board agreed a few years ago to require a full name, which is *not* listed there. Can't yet find if they require anything else.

  123. dwd

    I suspect the Board could, and should, issue an edict^W^W^Wadopt a resolution that an application must include full name, email, jid, and employment details. I'm struggling to find if the Board ever has done so in the past, though.

  124. dwd

    Also, reading the bylaws, I'm surprised to note that companies can be members too.

  125. SouL has left

  126. Alex

    for reapplliers we never were that strict about this information. I guess because we assume that the info did not change and we got it with the 1st application

  127. dwd

    Right, something else for the Board to deal with, then.

  128. Alex


  129. dwd

    Alex, You were Chair when that Solarius guy stood without a real name - do you know if the Board "adopted such a form" about member applications then? I thought it did, but I can't find anything.

  130. Edwin Mons

    I think it did, but the members didn't accept it and voted him down.

  131. dwd

    Oh, so maybe we just didn't vote him in and left it.

  132. Alex

    it was a long discussion at that time, but I can't remember exactly what the conclusion was. But we accepted his application and at Fosdem verified his idendity when he showed up. That was a strange guy

  133. Edwin Mons

    I remember Christ had to share a room with him.

  134. dwd

    I've read through the members@ thread, and also the next Board minutes, and can't find any conclusion. Certainly no Board resolution.

  135. Jef has joined

  136. Jef has left

  137. ralphm has left

  138. Edwin Mons

    Good thing we have voting-by-proxy, because the meeting is at Sinterklaasavond.

  139. dwd

    Mmmmmm... mini-cookies....

  140. Alex

    wow 6 voters in the first 60 minutes, looks like we can achieve a good turnout this quarter ;-)

  141. dwd

    If we can keep up the momentum...

  142. stpeter has joined

  143. stpeter has left

  144. Ashley Ward has left

  145. Kev

    http://wiki.xmpp.org/web/Membership_Applications_Q3_2013 might need an update.

  146. dwd

    For the meeting dates, you mean?

  147. Kev


  148. Alex


  149. Kev

    Murky buckets.

  150. Lloyd

    Has memberbot dropped offline for anyone else?

  151. dwd

    Lloyd, Online for me.

  152. Edwin Mons

    Online here.

  153. Kev

    Lloyd: Check no-one's been fiddling with your server ;)

  154. dwd

    And responding.

  155. dwd

    Lloyd, Right, could be some dodgy sysadmin breaking things.

  156. Lloyd

    :P Changes were made last night, gave it a kick earlier for another reason

  157. dwd

    I quite like Brian Carpenter's note to ietf-disgust saying that the main advantage of all these multistakeholder meeting groups has been to mire all attempts by governments to put international treaties over the internet.

  158. fippo

    ietf-disgust... ;-)

  159. dwd

    Not, sadly, my gag. I forget who uses that; one of the ADs I think.

  160. dwd

    *possibly* Adrian Farrell.

  161. Lloyd

    update: think it was adium being a pita, using xmpp-ftw to vote intead :)

  162. MattJ


  163. stpeter has joined

  164. jabberjocke has joined

  165. jabberjocke has left

  166. jabberjocke has joined

  167. Simon has joined

  168. Simon has left

  169. Alex has left

  170. Alex has left

  171. jabberjocke has left

  172. Kev

    /Now/ memberbot isn't responding for me.

  173. Kev

    I've already voted, but it should still talk to me shouldn't it?

  174. Kev

    Ah, there it is. Just lagging a few minutes.

  175. Edwin Mons

    Same over here.

  176. MattJ

    It's simulating a real human

  177. MattJ

    or it's actually Alex simulating a bot

  178. Edwin Mons

    So you're saying there is no memberbot, just Alex?

  179. dwd

    Or that Alex is a bot faking being a human faking a bot?

  180. Kev

    Or there's no Alex, only the bot.

  181. Edwin Mons

    Hmm. I'm pretty sure I met someone who claimed to be Alex a few times.

  182. dwd

    Edwin Mons, Just shows how good that bot is.

  183. Edwin Mons

    Fair point. He/it sure passed the Turing test when I talked to him/it.

  184. Edwin Mons

    (Alex, not the memberbot)

  185. Lance has joined

  186. Lloyd

    kev: it was quite slow earlier

  187. dwd

    Lloyd, ALex, or the memberbot?

  188. Lloyd

    :) memberbot

  189. dwd

    Kev, You're Councilling today, aren't you?

  190. MattJ

    and since membership voting and meetings actually *happen*, it must be stpeter simulating them both

  191. Kev

    dwd: Yes, 16:10Z

  192. Lloyd

    MattJ :D

  193. Kev

    dwd: Pam?

  194. dwd

    Kev, Just so I could wander into the room and nod politely.

  195. ralphm

    dwd: like Kev does for Board?

  196. Kev

    I was very good!

  197. Zash has joined

  198. ralphm

    Kev: one occasion is not a pattern, but can be a good start :-P

  199. Kev

    You might be overly optimistic if you want a pattern :p

  200. Simon has joined

  201. bear has joined

  202. bear

    5 minutes (or so) to the board meeting

  203. bear

    current agenda: - Board Chair election - FOSDEM preparation update - IoT Liason update from Peter - Membership application question from Dave - Next meeting time

  204. Simon

    I sent through a couple of things regarding security

  205. dwd

    Simon had some stuff, didn't he? Or am I confused?

  206. dwd

    Right. Not too confused.

  207. Alex has joined

  208. ralphm waves

  209. stpeter


  210. bear

    oh poo

  211. Alex


  212. Edwin Mons nods

  213. Alex

    I missed the last meeting, I huess treasurer and secretary is not yet elected?

  214. Alex


  215. dwd

    No, we haven't yet reelected you.

  216. bear

    had that in my notes and forgot to add that line

  217. bear

    how are we on attendence today - me, dave, ralph, simon

  218. dwd waves

  219. bear

    has someone poked Laura

  220. dwd

    Laura sent apologies to the list.

  221. bear realizes he does not have her in his contacts

  222. dwd

    Lloyd, I assume she's still caught in whatever she was called into?

  223. dwd

    bear, She's not online anyway.

  224. Kev

    By 'the list' is this members@ or board@?

  225. ralphm


  226. stpeter

    in the past I've encouraged the Board to consider the various "positions" (secretary, treasurer-always-unfilled, and executive director) in January after they've interacted a bit with those currently serving in those roles

  227. Edwin Mons

    Glad that's cleared….

  228. stpeter

    perhaps it makes sense to formalize that

  229. dwd

    Kev, I can't remember where she sent her "I might not make it".

  230. ralphm

    stpeter: I can see the logic in that, yeah

  231. ralphm

    dwd: on the board list

  232. stpeter

    (because sometimes we have new Board members and they don't know who all the people are)

  233. dwd

    stpeter, But not Chair?

  234. bear

    her missing the meeting note went to the board list

  235. stpeter

    dwd: the Board selects its own chair and needs to do that straightaway, methinks

  236. bear

    ok, we have quorom, shall we start?

  237. ralphm

    bear: please

  238. Simon


  239. dwd

    stpeter, Yes, I'm inclined to agree, but it's technically a position just like secretary etc.

  240. stpeter

    the Secretary, Treasurer, and Executive Director are appointed or serve at the pleasure of the Board

  241. bear bangs the gavel

  242. stpeter


  243. stpeter


  244. stpeter

    off you go :-)

  245. bear adds the current discussion to the agenda so we can get back to it

  246. bear

    any items that anyone want to add to the agenda?

  247. bear

    (I know about the item that I missed from Simon)

  248. bear

    ok, none given

  249. Alex

    ya, the current discussion about election schedules

  250. bear

    Alex - noted

  251. bear adjusts his pause-o-timer

  252. bear

    any others?

  253. ralphm


  254. bear

    first item: nominations for Board Chair so we can vote on them

  255. Kev

    I think you were going to discuss github for submissions, at some point.

  256. bear

    yes, but I need to get the git mirror in place before letting the membership know it's a change (well, that's what I was thinking)

  257. bear

    Nominations for Chair - do we have anyone who wants to nominate someone?

  258. Lloyd

    dwd: yeah sorry just caught up, she hasn't arrived back yet so I assume so.

  259. bear notes that he does not mind continuing in the role

  260. dwd

    I'm happy to do it, but happy to let you continue if you want.

  261. bear

    ok, Dave has offered what can only be described as a passive aggressive nomination ;)

  262. dwd


  263. ralphm

    I nominate bear

  264. bear


  265. bear


  266. dwd

    I read bear as nominating himself anyway. :-)

  267. ralphm nods

  268. bear

    I was leading the charge for passive aggressive nominations

  269. Alex

    so either fight now, or vote ;-)

  270. bear


  271. Simon

    What's Kev's role these days? Would he be eligible for nomination?

  272. Edwin Mons

    He's not on the board...

  273. bear

    kev is a member of the council, not the board

  274. dwd

    Edwin Mons, The chair need not be on the Board.

  275. Edwin Mons

    dwd: ah :)

  276. dwd

    At least, I see nothing at all in the bylaws that would indicate that.

  277. Alex

    and voted by board members

  278. Alex

    or elected

  279. ralphm

    Simon: did you want to nominate Kev?

  280. dwd

    The Board selects its chair, but the chair needn't be a Board member themselves. It's on a par with the other positions the XSF has, like Secretary, Treasurer, etc.

  281. Simon

    It would help if we outlined the responsibilites of the chair. What's their role?

  282. bear

    running the meetings

  283. Simon


  284. Simon


  285. ralphm

    Simon: this is outlined in the by laws

  286. dwd

    That and, interesting, the Chair has the casting vote in the case of a tie.

  287. bear

    it's purely administrative - there are some bylaw specific duties that being charted as a org requires

  288. bear

    in all the time i've been aware of the board, I don't think we've ever had a tie

  289. Kev

    That's because we try to pick odd numbers for both Board and Council, I think.

  290. Kev

    (Less important for Council)

  291. bear nods

  292. Lance has joined

  293. stpeter

    dwd: the Board has traditionally selected a Chair from among the Board members, but you're right that it's not required by the bylaws

  294. dwd

    Oh, I lie - it's the Executive Director that has the casting vote.

  295. Kev

    That sounds more familiar.

  296. bear

    ok, the point still remains, does simon wish to nominate someone (or do ralph and dave wish to nominate anyone else)

  297. Simon

    I nominate Kev.

  298. bear


  299. bear

    any others?

  300. ralphm


  301. bear


  302. dwd

    No - without anyone else willing to nominate me, I'll withdraw, as well.

  303. bear

    you don't have to withdraw IMO

  304. dwd

    No, I don't I don't have to. :-)

  305. dwd

    I know I don't have to, I mean.

  306. ralphm

    ok, so we have two candidates: bear and kev

  307. bear

    ok, so we now have two people, Kev and Bear

  308. bear

    shall we vote?

  309. ralphm


  310. dwd

    Erm, wait.

  311. bear waits

  312. dwd

    It'd be handy to know if Kev accepts the nomination, first.

  313. Kev

    Sure, what's the worst that can happen? :)

  314. dwd

    You get twice as many minutes to write up?

  315. Kev

    (I don't like people being on both Board and Council, but I don't think this counts as Chair gets no power)

  316. ralphm

    Kev: that we vote for you and for all the other roles, too?

  317. bear

    ok, Kev has accepted - ready to vote now?

  318. dwd


  319. bear

    simon, ralph - ready?

  320. Simon


  321. ralphm


  322. bear

    sound off then please

  323. ralphm

    +1 for bear

  324. Simon

    +1 for Kev

  325. bear is going to laugh if this ties

  326. bear

    +1 for bear

  327. dwd

    I was wondering about the wisdom of tying it, and therefore letting either Peter pick, or else making Laura do it instead.

  328. bear

    i would say that we send it to laura if it tied

  329. bear

    but I would also just remove myself and let kev do it - he has a very capable meeting running style

  330. ralphm

    dwd: about the minutes, technically it is the Secretary's duty

  331. stpeter

    I don't think it's appropriate for me to express a preference, given that the Board is the one determining whether I continue to serve as Executive Director with all its many perquisites of power

  332. ralphm

    stpeter: tough luck, should have written the by laws better :-D

  333. bear

    any opinion is always appreciated

  334. dwd

    I'll vote for bear. On balance, I think having Kev as Chair of both Board and Council would probably not be ideal.

  335. bear

    the current board "season" has already proved to be very divergent from past ones

  336. ralphm

    I want to note that I have to leave in a few minutes

  337. Kev

    Safe :)

  338. ralphm

    dwd: agreed

  339. bear

    ok, I see 1 for Kev and 3 for bear - that is done, i'll continue as Board Chair

  340. ralphm


  341. bear

    next agenda item: meeting time - shall we continue with bi weekly for next week and i'll post to the list for anyone to object?

  342. ralphm


  343. bear

    s/next week/next meeting/

  344. bear

    simon, dave?

  345. dwd

    I think we agreed on a meeting this time next week anyway.

  346. ralphm


  347. Simon

    +1 for next week

  348. bear


  349. dwd

    But as for ongoing, I'd like to hear from Laura on whether there's likely to be too many clashes for her at this time.

  350. bear

    meeting nextg week at the same time slot

  351. bear

    agreed - we need to put this to the list so she has ample time respond yea/nea

  352. stpeter

    why not weekly? fortnightly can get confusing ("do we have a meeting this week?") -- the meeting can always be short if there's not much to cover, as Council meetings are

  353. ralphm

    stpeter: I suggested this before, and still agree

  354. Alex


  355. bear looks and wonders why he typed bi above

  356. dwd

    Yes, I agree, weekly is better.

  357. Kev

    I find it works well for Council, even if half the meetings end up being "1. Roll call 2. Date of next"

  358. bear

    noted, i'll reinforce that in the email

  359. stpeter nods to Kev

  360. bear

    next agenda item i'm making FOSDEM report since ralph is time constrained

  361. ralphm

    dwd had a short chat on this earlier this week

  362. bear

    is there anything that is board actionable for FOSDEM yet?

  363. ralphm


  364. dwd

    Not yet. We're somewhat constrined because we can't really commit until we've heard whether we get the Lounge again.

  365. ralphm

    we were talking about doing some kind of t-shirts/hoodies/whatever again

  366. bear

    has the wiki page for the next summit been created so we can start to note details and pending decision items?

  367. ralphm

    yeah, we formally won't know until half december

  368. bear

    ah - ok

  369. ralphm

    bear: I will do this tomorrow

  370. ralphm


  371. bear

    thanks ralph

  372. stpeter updates his .plan to find out about travel approvals and reserving space at the Cisco office again

  373. dwd

    Oh, we have quite a large page on SUmmit_15.

  374. ralphm

    there is a summit page already, though

  375. ralphm

    dwd: that's mostly a copy of previous editions

  376. bear

    yea, it seemed overly detailed

  377. bear

    ok, anything else needed for ralph and FOSDEM?

  378. ralphm

    but I think a separate planning page for us would be good

  379. ralphm

    with things like the gear we need and stuff

  380. bear


  381. bear

    shall we move on to the next item - IoT Liason report?

  382. ralphm

    I was happy for the IoT mentioning some stuff for the XMPP UK meetup, and I'd love to have some stuff from them at FOSDEM

  383. stpeter

    FOSDEM is even earlier than usual this year, so preparation in December will be important

  384. stpeter

    ralphm: yes

  385. ralphm

    the location is an ideal venue for things like this

  386. ralphm

    FOSDEM is hardly earlier

  387. ralphm

    one day or so

  388. stpeter


  389. Simon

    FWIW, I'll be offline most of December and the start of Jan.

  390. stpeter

    Simon: good for you :-)

  391. Simon


  392. ralphm

    Simon: booh

  393. stpeter

    ok, about liaison relationships...

  394. bear

    peter - can you give your IoT liason update?

  395. stpeter

    as you know, we've received a liaison request from ISO TC 122 (logistics stuff)

  396. stpeter

    we need to finalize that

  397. Alex2 has joined

  398. stpeter

    I did send an inquiry to them and they replied, so I will send information about that to the membership

  399. stpeter

    it was a small issue

  400. Alex has joined

  401. stpeter

    but we need to finalize it

  402. stpeter

    I'll have time to do that now

  403. stpeter

    I have also had some preliminary discussions with two other groups

  404. dwd

    We were finding out whether the specifications were under NDA or similar, weren't we?

  405. Alex has left

  406. Alex2 has left

  407. Alex has joined

  408. stpeter

    not quite NDA

  409. stpeter

    but they keep their specs under wraps until finished

  410. dwd


  411. stpeter

    so if we assign two people (or whatever) to be liaisons, those people couldn't share the documents with, say, any XSF member or even the Council

  412. stpeter

    workaround: we could appoint the entire Council to be liaisons, but they might not care about the topics under consideration

  413. bear

    but they would not be barred from discussion specific items with council?

  414. ralphm

    I think at least one should be on the Council

  415. stpeter

    ralphm: good idea

  416. Simon

    What is ISO TC 122? The best I coluld find was the ISO packaging committee

  417. stpeter

    Simon: logistics

  418. stpeter

    lorries and such

  419. stpeter

    "this vehicle did not arrive at its scheduled location on time, has it been hijacked?" that kind of thing

  420. bear

    fleet monitoring?

  421. stpeter

    bear: as best I can determine, yes

  422. dwd

    We use TLS; we're immune to hijacking, right?

  423. Simon

    Right. What's the aim of liason - tech help or?

  424. stpeter

    so let me describe the two other liaison relationships and then I think we can talk in general about our approach

  425. Simon

    I didn't even need to read the sender of that to know it was a DWD post.

  426. bear


  427. stpeter

    Simon: review their technical specs so that they don't use XMPP in silly ways

  428. bear

    dave - can i watch you try to MiTM a lorrie session?

  429. ralphm


  430. Simon

    Sounds very useful and a good way to generate an XEP down the road.

  431. stpeter

    the other two are IEC TC 57 (electrical grid stuff) and UPnP Forum

  432. Kev

    bear: Sorry, with that comment I'm forced to post http://b.oooom.net/1r8t

  433. stpeter

    IEC TC 57 seems to be interested in using XMPP in ways similar to the OpenADR folks did in the USA, but globally

  434. stpeter

    I reviewed the OpenADR work informally (no liaison relationship needed) last year

  435. stpeter

    IEC is more formal

  436. bear

    kev - that is an epic video IMO (and i'll stop derailing the thread now)

  437. dwd

    If they're extending, rather than using existing stuff, do we want them to do so within the XSF and the XEP framework, or don't we care?

  438. stpeter

    so they'd want something similar to what we do with ISO TC 122

  439. stpeter

    so far, these have not been extensions but "profiles" that re-use their existing XML payload formats

  440. stpeter

    they're just using XMPP as a transport

  441. stpeter

    at least during the initial phases

  442. Simon

    While on the subject of liason, it would be great to help out the mozilla folk more in their wg-presence list.

  443. stpeter

    Simon: yes

  444. bear signed up for wg-presence mailing list last night

  445. stpeter

    the other liaison relationship people have been exploring with me is UPnP Forum, which is basing its "UPnP Cloud" technology on XMPP

  446. Simon


  447. Simon

    and there is a call tomorrow 10AM PST

  448. dwd

    stpeter, So how does the UPnP stuff work in terms of specification access?

  449. stpeter

    (BTW, the last two have come about through people within Cisco poking me to help out since I'm the "XMPP Guy")

  450. stpeter

    dwd: I am not sure yet about that -- the discussions have been quite preliminary and I don't know the details, although I was on a call with some of the UPnP folks recently and they asked me some technical questions about XMPP

  451. stpeter

    since I work at Cisco and Cisco is a corporate member of these organizations, I haven't needed to sign an NDA or become a formal liaison or anything like that

  452. stpeter

    but both IEC and UPnP Forum seemingly would like to also establish a more formal relationship

  453. Simon

    I'm happy to add my name to a list to help out with liason (inside or outside of any official role). Can sign any NDAs privately too.

  454. dwd

    That seems like really good news.

  455. stpeter

    XMPP is now an old technology and these more formal SDOs are getting interested in using it :-)

  456. stpeter

    so the question for the Board is, do we want to set some guidelines for establishing liaison relationships with other SDOs?

  457. Simon

    That's it I'm leaving - you make me feel old.

  458. dwd

    stpeter, It'd be useful to steer these guys into working "our" way as much as we can, but it's good that they're inetersted at al.

  459. stpeter

    we have 3 in the pipeline now, and might have more in the future

  460. bear

    I think we need to have a wiki page (or something) that outlines how a group can make contact with us for that

  461. dwd

    stpeter, Is there anything you need form us at this stage?

  462. stpeter

    dwd: these organizations are quite formal in how they work, especially ISO/IEC -- they're multistakeholder organizations etc.

  463. stpeter

    dwd: so I don't think we'll steer them anywhere :-)

  464. stpeter

    dwd: I think we need direction from the Board about our preferred way of working here

  465. bear

    at a minimum we can make sure XMPP is not dismissed for bad information or FUD

  466. dwd

    stpeter, Right, but since we have a formal membership, I was wondering if all members could get access to the specs for liason, etc.

  467. stpeter

    e.g., "at least one Council member"

  468. SouL has joined

  469. Simon

    I guess this really depends what they are looking for? Technical help? Design help? Protocol approval?

  470. stpeter

    dwd: typically these groups seem to want consolidated feedback, so opening up access to all XSF members might be complicated

  471. stpeter

    dwd: e.g., do we need to take an XSF vote on our review feedback?

  472. dwd

    stpeter, Yes, we'd want communications to be formalized through a liason.

  473. stpeter

    Simon: good question

  474. bear

    this really sounds like something that the Council needs to be a part of - since that is the group the membership bestows formally the task of ensuring technical accuracy

  475. Simon

    So this could be a working-group scenario (probably staffed by fine council members)

  476. dwd

    stpeter, As far as choice of actual liason goes, the COuncil ought to be selecting the people.

  477. stpeter

    Simon: in my experience so far, these groups have independently decided they want to use XMPP, but they're experts in other domains so they want someone who knows about XMPP to give them some design help with the XMPP aspects and review their work so that what they produce is consistent with the Tao of XMPP

  478. Kev

    dwd: I think that's something Board should give blessing to, if that's what we do.

  479. Alex

    I also think working group, maybe only with elected members from the council or board

  480. stpeter

    I note that in the IETF, it's the IAB (not the IESG) that appoints liaisons

  481. bear

    at first we could consider it a board+council working group and if membership expresses a strong desire we can make it another voted group?

  482. Kev

    These are people representing the XSF, in private. There's clearly relevance to both parties.

  483. dwd

    stpeter, Right, but the XSF Board isn't the IAB, the XSF Board is the ISOC Board.

  484. stpeter

    dwd: no one knows what the IAB really is ;-)

  485. stpeter

    but anyway, we need to figure this out

  486. dwd

    stpeter, However grew the biggest beard.

  487. dwd

    Whoever, even. My typing's gone today.

  488. stpeter

    my preference is to have only a single liaison or a small number of them

  489. stpeter

    not the whole Council or the whole membership

  490. bear

    single liason from a small(ish) pool?

  491. dwd

    OK, so I'll suggest that the Council provides nominations for liasons to the Board on a per-project basis, and the Board ratifies that.

  492. stpeter

    I'd be fine with the whole Council, actually, but they have enough to do

  493. stpeter

    another question is whether liaisons need to be XSF members

  494. stpeter

    dwd: that approach seems reasonable

  495. bear

    I want to say yes to that - as liason will represent the XSF

  496. dwd

    Oh, indeed... Yes, I think we do want liasons to be XSF members typically.

  497. stpeter

    bear: yes, I think so

  498. dwd

    It's not clear if we want this to be an unbreakable rule.

  499. stpeter

    dwd: not clear to me either

  500. bear

    I don't like unbreakable in general

  501. stpeter


  502. bear

    because a person may be needed due to problem space expertise

  503. stpeter

    we could consider a liaison team to be a work team per the bylaws

  504. stpeter


  505. bear

    in that case we should have both

  506. dwd

    If we had, say, two people on the liason team, I'd be happy to mandate that one of them must be XSF.

  507. bear


  508. Simon

    So let's do this on a case by case basis until we have a repeatable pattern. I'd be happy for the first liason to be made up of a council working group of ~3 people that feel strongly about the topic and can sign up/and sign an NDA to work on the topic.

  509. dwd

    stpeter, Yeah, that's XSF members only, right?

  510. stpeter

    dwd: yes

  511. bear

    peter - agree that liason should be a work team

  512. dwd

    bear, That does make it an unbreakable rule that the liasons are XSF members.

  513. Kev

    Is this a particularly productive discussion about a situation that hasn't come up? :)

  514. bear

    ok, following simon's lead: we (the board) will ask the Council to nominate 2+ people to form the initial liason team and then iterate on that as needed

  515. stpeter

    Simon: that's a good question, I don't know if these groups do have formal NDAs but it's something similar (and that's something the XSF is probably committing to by setting up a liaison relationship although right now I don't recall the details for ISO and I haven't heard about them yet for IEC or UPnP)

  516. stpeter

    Kev: :)

  517. dwd

    Let's keep XSF members only for now. If something comes up where we can't fulfill that for some reason, we'll tackle it then.

  518. stpeter

    Kev: I was suggesting that we use the work team model because it's already in the bylaws and we don't need to design new process for it

  519. dwd

    So, also, yes - use the work team model.

  520. bear

    +1 to work team model

  521. bear

    ok, do we have any other colour choices for this bike shed?

  522. stpeter


  523. dwd

    bear, So I'd like to move that for any liasons, the COuncil nominates a small team (1-3 typically) to act as liason work team, which the Board ratifies.

  524. stpeter

    http://xmpp.org/about-xmpp/xsf/xsf-bylaws/ Article VIII by the way

  525. stpeter

    dwd: seems reasonable to me

  526. bear

    I suggest that we take dave's summary as our actionable item for this

  527. Simon


  528. bear


  529. bear

    (wondering if he is even still here)

  530. dwd

    Gone I think.

  531. dwd

    But we're still quorate.

  532. bear


  533. dwd


  534. stpeter

    dwd: you love the word 'quorate' don't you?

  535. bear

    Kev - what is the best place for the board to ask the council for this - on the mailing list?

  536. stpeter

    members@ list I'd think :-)

  537. Kev

    Poke me on the Council list to put it on the agenda, I"d have thought.

  538. stpeter

    other members might have ideas too

  539. dwd

    stpeter, You're upbraiding me for linguistics? Pot, kettle, black!

  540. Simon

    What's next on the agenda?

  541. Kev

    And sure, copy members@.

  542. bear

    Peter - can we then get you to post that request for the current liason spot on members@ to the council

  543. bear notes he is moderated for council@

  544. stpeter

    " - Membership application question from Dave"

  545. stpeter

    bear: sure

  546. dwd

    Defer it until a next meeting.

  547. SouL has left

  548. Kev

    bear: Poke me via IM to try and fix that, or Peter.

  549. bear

    kev - will do

  550. bear

    ok, dave's question is deferred to next

  551. bear

    that leaves simon's item about planning for security day

  552. stpeter

    bear: fixed

  553. bear

    thank you sir

  554. Simon

    We really need a good set of technical documents on how to pass the security day. And we need to start ramping up publicity for it.

  555. dwd

    Simon, I'd rather defer your publicity questions until Laura is present.

  556. Simon

    I've tried to have some of these here. http://wiki.xmpp.org/web/Securing_XMPP

  557. Simon

    publicity we can do with laura - sure

  558. bear

    we can raise the issue now to get started, most of this I think should be on members@ list

  559. SouL has joined

  560. Simon

    but we should think about nudging the different XMPP server groups to publish the bare minimum to pass the tests.

  561. stpeter

    Simon: yes

  562. Simon

    I'll start this with a post to jdev

  563. stpeter

    Simon: great!

  564. Simon

    and we should also ack the great work that thaijs has been doing on the xmpp.net project.

  565. stpeter

    Simon: I'm happy to poke people like Matthias and Artur directly, too

  566. Simon

    that's the most amazing piece of light shining into the dark corners of insecurity.

  567. bear


  568. Simon

    Wish we had something like that to test XEPs :)

  569. bear

    that is something we can discuss with Laura, ways to show focus on members activities

  570. stpeter

    Simon: actually, the UPnP folks asked me about compliance testing suites but I didn't have much to offer

  571. Simon

    ok then that's my bit - but everyone please keep tweeting and mentioning the upcoming date.

  572. Simon

    4th Jan :)

  573. stpeter

    Simon: will do!

  574. bear

    if anyone wants to see a blog post happen, please do poke me via IM or email and I'll generate one

  575. Simon

    the DNSSEC stuff isn't doing any harm with the IAB either :) Dan York loves us.

  576. stpeter


  577. dwd

    Also pleasing to see Hannes joining in.

  578. stpeter

    Dan and I plan to write an Internet-Draft about being a "Jabber scribe" (as they call it) during IETF sessions

  579. Simon


  580. stpeter

    another IETF character

  581. dwd


  582. dwd

    Author of the most Internet Drafts, I seem to recall.

  583. Simon

    right - so that's my security bit for this week.

  584. stpeter

    Hannes Tschofenig

  585. bear

    that is the last agenda item, any agenda bashing for this meeting?

  586. stpeter

    no AOB here

  587. dwd

    None from me.

  588. Kev

    I note we need to think about GSoC at some point. Potentially not now.

  589. bear


  590. Kev

    (But agenda for next week would be good, please)

  591. stpeter

    I have a huge presentation to make internally in 15 minutes so I'll ignore this XMPP stuff for a little while

  592. bear

    the only board business left to do is to affirm roles

  593. bear

    secretary, ED and so on, but I don't mind at all deferring that to another meeting

  594. bear

    so that the new board folks can acclimate

  595. dwd

    bear, stpeter suggested doing that in January.

  596. bear

    +1 to that

  597. bear

    ok, then I am calling this meeting done - any objections?

  598. stpeter

    no objections here!

  599. bear

    simon, dave?

  600. Simon


  601. dwd

    Close away.

  602. bear

    any volunteer for meeting minutes - if not, I will do them tonight

  603. stpeter

    gotta run, bbl

  604. bear

    and I'll post the meeting announcement with agenda list to members@ tonight also

  605. stpeter has left

  606. bear

    ok, meeting is done

  607. bear

    minutes and agenda will be sent to members@ by me tonight

  608. bear

    thanks all for a most epic meeting

  609. dwd looks at the time.

  610. dwd

    Yup. Epic. :-)

  611. bear

    yea, seriously not a Kev quality meeting today ;)

  612. Kev

    Four times as good as a Council meeting? :)

  613. bear


  614. bear

    board meeting notice sent to members@

  615. bear

    more details to follow, switching of to $dayjob now

  616. bear


  617. Simon has joined

  618. Ashley Ward has joined

  619. Simon has left

  620. Kev

    My understanding is that all that's going to happen on 4th January is that people will need to have some sort of cert in place, is that right?

  621. Kev

    (That is - no-one's going to be requiring TAs and valid certs)

  622. fippo

    kev: that is my understanding as well. require TLS, but don't check certs

  623. fippo

    reminds me that technically we should have a spec for starttls+dialback by then

  624. fippo pokes dwd

  625. Kev

    Good, it'd be a shame to have to replace my five-year-old cert. I've gotten attached to it :D

  626. fippo

    that's actually one of the questions we need to work out for that

  627. Lance

    i'll be sad to see fippo have to replace his cert too :p

  628. fippo

    I'd say that for starttls+dialback only non-trusted or self-signed are egibly

  629. fippo

    but no certs that have expired or where the hostname doesn't match

  630. Kev

    Because a self-signed cert that's expired is less trustworthy than a selfsigned that hasn't?

  631. fippo

    no. because expired certs like mine should break

  632. fippo

    so i am forced to update it

  633. fippo

    and more important, so i notice something is wrong

  634. Kev

    And ADH is better or worse than an expired self-signed cert? :)

  635. fippo

    i dont think 6120 allows ADH :-p

  636. fippo

    but yeah, it's not a security question

  637. Kev

    Oh, does it not?

  638. Kev

    I can't find anything immediately disallowing anonymous suites.

  639. fippo


  640. fippo

    it talks about a certificate in alot of places though.

  641. Kev

    It's not immediately clear to me that anonymous+dialback is any worse than untrusted+dialback

  642. Kev

    Is it?

  643. fippo

    i think they're the same as far as starttls+dialback is concerned

  644. fippo

    untrusted+dialback has some advantages for d-w-d

  645. Ashley Ward has left

  646. Ashley Ward has joined

  647. Kev

    And pinning.

  648. Kev

    Interestingly, though, -PLUS+ADH would still be better for clients that any other mech+a trusted cert, I think?

  649. Kev

    Well, depends what you consider the attack to be, I guess.

  650. MattJ

    With -PLUS I don't think it matters whether you use ADH or any kind of cert

  651. Kev

    It does if you think the password might be compromised elsewhere.

  652. Lloyd has left

  653. bear

    hey - can I suggest you guys talk about this over in jdev?

  654. Kev

    The XSF isn't an appropriate venue? :)

  655. bear

    it is - was just tyring to raise the awareness higher and jdev has more lurkers

  656. Ashley Ward has left

  657. Ashley Ward has joined

  658. SouL has left

  659. SouL has joined

  660. Ashley Ward has left

  661. Ashley Ward has joined

  662. Jef has joined

  663. Jef has left

  664. Ashley Ward has left

  665. Simon has joined

  666. Simon has left

  667. Simon has joined

  668. SouL has left

  669. SouL has joined

  670. stpeter has joined

  671. Simon has joined

  672. SouL has left

  673. Simon has left

  674. Simon has joined

  675. SouL has joined

  676. SouL has left

  677. SouL has joined

  678. Jef has joined

  679. MattJ

    Simon, the "Securing XMPP" is making me uneasy

  680. MattJ

    ^ +page

  681. Simon

    what's up?

  682. MattJ

    It's just looking so complex...

  683. Simon

    I know.

  684. MattJ

    when the correct answer for Prosody users is really just... make sure you're running the latest versions of everything

  685. MattJ

    I can't speak for other implementations

  686. MattJ

    DANE is complicated and would need a whole tutorial by itself, it's not production-ready yet IMHO

  687. Simon

    Agreed. Let's cut it out.

  688. MattJ

    We need better docs, but I don't think it belongs in a high-level page such as this

  689. MattJ

    I need to work with Zash and other folk who have it deployed already to document it

  690. Zash

    mod_s2s_auth_dnssec_srv isn't DANE

  691. MattJ

    More testers and we can iron out the implementation and setup procedure

  692. Simon

    Presumably on 4th Jan ops will need to add c2s_require_encryption = true s2s_require_encryption = true ?

  693. MattJ

    Zash, there was a mod_dane or something though?

  694. Zash

    MattJ: No

  695. MattJ

    Simon, yes, that makes sense - I'm happy with that being on that page

  696. MattJ

    But cipher strings and such... I'd rather users just leave that stuff to us, unless they really know what they are doing

  697. Simon

    Also Prosody seems to treat client and s2s connections the same.

  698. Simon

    So we should just have a general section.

  699. Zash

    Treat how?

  700. Simon

    I mean with keys and ciphers.

  701. MattJ

    Yes, it does (though in trunk you can separate them - most people don't need/want this)

  702. Simon

    But yeah - it's late now, but I'd like to restructure the page more as a "for things to work on 4th Jan, you need to add the following to different servers" page.

  703. Simon

    Promise to look at this in the morning.

  704. MattJ

    I can help with that perhaps, I think most of the information is there now

  705. MattJ

    It just needs restructuring and simplification

  706. MattJ

    boiling down to the essentials

  707. Simon

    I suggest we structure it by Server, not c2s and s2s as teh page is done now.

  708. MattJ


  709. Simon

    then we have just the commands for each server.

  710. MattJ

    I think that will help a lot

  711. Simon


  712. stpeter


  713. stpeter

    that all sounds good

  714. MattJ

    Oh, and that reminds me I have some stats to post to jdev

  715. stpeter


  716. Simon

    BTW, I ran into a bit of an issue with Prosody. I'd sort of assumed that I didn't need to install an intermediate certificate from my ca. Found out the hard way.

  717. stpeter

    yeah, intermediate certs are a pain

  718. Simon

    it might be nice to be more explicit about this in the docs.

  719. MattJ


  720. Simon

    /might be nice if I read the docs.

  721. Simon

    you could loose the link to xmpp ica. :)

  722. MattJ

    A certificate issues by an intermediate CA is rarely usable on a server without the ICA's cert somewhere

  723. MattJ

    Yes, I'll fix that :)

  724. MattJ

    *issued by

  725. Simon

    XMPP.net is great for testing these things though :)

  726. stpeter

    yeah for sure, Thijs rocks

  727. MattJ


  728. bear


  729. fippo

    about 1000 times as much as my 2007 openssl s_client patches ;-)

  730. stpeter

    we should give Thijs an award of some kind at the next Summit :-)

  731. fippo

    free spare ribs?

  732. stpeter

    I still have on my desk the "Jimmie" award I earned in 2000 :-)

  733. SouL has left

  734. bear


  735. stpeter

    "Best Performance by a Deity" :-)

  736. Simon

    +1 on awards.

  737. stpeter

    I need to take a picture of that

  738. ralphm has joined

  739. SouL has joined

  740. MattJ

    Simon, I've updated the docs on ICAs and simplified the wording now

  741. Simon

    excellent :)

  742. Simon

    I'm re-layingout the wiki page now.

  743. Simon

    to the chagrin of "come to bed now Simon"

  744. Simon

    what is wrong with me.

  745. MattJ


  746. Simon

    ok - slightly better formatted now.

  747. Simon


  748. Simon

    Perhaps we add "optional" to the gmail.com exclusion

  749. Zash

    And that's also not going to work

  750. MattJ

    Yeeah, we have a small issue there

  751. Zash

    s2s_insecure_domains isn't exceptions to the encryption requirement

  752. Simon

    I'll let you guys look after the prosody config :)

  753. MattJ

    I can hack this into mod_manifesto though perhaps :)

  754. stpeter

    can we do even unauthenticated encryption with gmail? even anon-DH would be better than nothing

  755. MattJ

    stpeter, nope

  756. MattJ

    They have no TLS whatsoever

  757. stpeter

    Simon: thanks for the updates, time to go to bed!

  758. stpeter


  759. SouL

    stpeter: +1

  760. SouL


  761. stpeter

    they're encrypting stuff between their data centers like made, but don't care about user communications?

  762. stpeter


  763. MattJ

    and Prosody's s2s_require_encryption has no exclusion list

  764. Simon

    That could be a bit killer. Certainly for me I'm not goting to get a bunch of folk off gmail for a while.

  765. SouL has left

  766. stpeter

    Simon: yeah I know :(

  767. stpeter

    Simon: worry about that tomorrow, ok? ;-)

  768. Simon


  769. Simon

    night all

  770. stpeter


  771. MattJ

    'night :)

  772. SouL has joined

  773. Zash has left

  774. bear

    I see gmail folks moving on this only after we can show serious peer pressure that they are the *last* one to be insecure

  775. stpeter


  776. MattJ

    Call me cynical, but I doubt it somehow

  777. stpeter

    perhaps they'd rather turn off federation entirely

  778. bear


  779. MattJ

    I think federation is hanging by a thread (or maybe a piece of string) - their reaction to the peer pressure could be that someone there realises this is their last insecure service

  780. MattJ

    and then decides it's best turned off

  781. stpeter


  782. stpeter

    everyone move to Hangouts and be done with that pesky interoperability stuff

  783. MattJ


  784. bear

    sit in your silo and be happy already

  785. stpeter


  786. Simon

    Matt - what is happening with your sign-up service?

  787. Alex has left

  788. stpeter

    Simon: go to bed already!

  789. MattJ

    Simon, you were getting some sleep

  790. MattJ

    and... I'm hoping to get to it at the weekend

  791. stpeter

    Simon: I'm going to kick you out!

  792. Lance

    someone just kick him from the room already :p

  793. MattJ

    It's currently a weekend-only project (I'd like to remove myself as the bottleneck ASAP though... get it up on github or something)

  794. psa has joined

  795. MattJ

    psa means business

  796. bear


  797. bear

    does prosody (or other xmpp servers) allow UDP connections?

  798. psa


  799. bear

    and ... I see Matt answering

  800. psa

    hmph, I can't figure out how to kick people in Adium :P

  801. MattJ

    bear, XMPP over lossy transports will be... unpleasant ;)

  802. psa


  803. psa


  804. bear

    ugh - it won't let a mod kick a mod

  805. psa

    no, it's a UI or PEBKAC issue

  806. bear

    I just tried it using swift

  807. psa

    I can't figure out how to kick anyone

  808. bear

    Occupant role change failed: Not allowed

  809. bear

    that's the error I got

  810. psa

    damn MUC protections!

  811. psa

    security be damned!

  812. MattJ

    bear, XEP-0045 says you have to demote first :)

  813. psa

    stupid specs

  814. psa

    evil corporations defined this garbage!

  815. psa


  816. Lance

    alright guys, lets make a new room and all move there

  817. MattJ

    I'm sure half the people on standards@ would agree with you

  818. psa has left

  819. MattJ

    and the other half won't

  820. stpeter

    well, Simon got the message :P

  821. bear


  822. bear

    MattJ - yea,udp seems overkill, maybe they are solving/asking the wrong question

  823. MattJ

    If they really want presence over UDP... SIP? :)

  824. Simon has joined

  825. Edwin Mons has joined

  826. ralphm

    stpeter: maybe not

  827. stpeter

    ralphm: we just don't know, do we? if the right people read your + posts, things will all turn out well ;-)

  828. Simon has left

  829. ralphm

    stpeter: hmm. I think the technical people mostly did, but have no say

  830. stpeter

    ralphm: likely

  831. bear

    which post?

  832. stpeter

    that's how big companies often work (i.e., evil corporations)

  833. ralphm

    I like how hangouts recently addes things like moods, in-call and device status. http://m.iclarified.com/entry/index.php?enid=35592

  834. ralphm


  835. ralphm

    bear: the ones rectifying google back in May

  836. bear

    ah - ok, thought maybe I broke my reading list again

  837. ralphm

    but eh PEP

  838. stpeter has left

  839. dwd has left