KevWe are, at least, in a somewhat better position than that.
Ashley Wardhas joined
ralphmfippo: good question, re google
fippoi'm not opposed to adding exceptions based on SRV records
fippobut I am somewhat opposed to doing that
fippoonly to find out they're going to shut the whole thing down
KevI don't entirely understand why Google is special here (I partly do, but not entirely).
KevIf folks believe that it is morally wrong to let their users communicate over non-TLS links, then that it's Google isn't relevant.
fippokev: 20% of deployed servers are apps afaik
dwdI'm writing exactly that to the list by co-inky-dink.
KevIf people believe it isn't morally wrong to let their users communicate over non-TLS if it's someone the users actually want to communicate with, they should add exceptions for all non-TLS domains, not just Google's.
Kev(Where "exceptions for all non-TLS domains" is what we have at the moment)
fippokev: would be interesting to get the numbers on that
KevI'm not at all keen, as I've been saying for ages, on cutting out non-TLS S2S while we know it's being used.
fippocan you get a list of all non-tls domains from jabber.org?
Kevdwd: Explicit whitelisting, MITM, etc.
Kevfippo: I do not believe so.
dwdKev, We have TLS exceptions for all domains. Not just non-TLS ones.
KevAnd with enough words that I can parse that? :)
dwdWill you connect to dave.cridland.net if it doesn't offer TLS at all?
dwdEven though it *does* offer TLS, with a proper CA issued certificate, as well.
dwdAnyway, mail sent, with More Words™.
KevThen yes, that's what I was saying.
KevThat explicit whitelisting prevents a MITM downgrade on servers that do support stuff.
KevSo explicit whitelisting isn't quite what we have now, it's true.
dwdI'm wondering if just a DNS record might help. Not mad keen on filling DNS with rubbish, mind.
dwdThe case where an attacker removes the DNS record leaves us in the same situation as we're in now, though, so while DNSSEC feels desirable, I think an unsigned record would still be useful.
KevI don't see a problem with getting this deployed by the new year :)
dwdHmmm... Actually we could use unsigned DANE records for this.
Kevralphm: Like IPv6 day, if IPv6 day turned off IPv4 for the day.
dwdBTW, just to float a t-shirt idea for FOSDEM - what about a set of t-shirts each in a different colour, with the slogan of "Give me a Jingle on my Jabber!", and the (old, original) Jabber logo? This somewhat presumes we'd want to push the Jabber name for the deployed federation.
LloydAnother idea: xmpp/jabber stickers, I found some spare space on my laptop :)
intosiI like the bulb and jabber name :)
intosiAnd we say stickers every year, and only managed to make some once.
LloydLaura had some organised for surevine recently, I'm sure she could help here - I didn't say a word though ;)
intosiI guess Laura is now volunteered for the FOSDEM crew ;)
ralphmdwd: I'm +1 on Jabber theming. In the past I made a SVG version of both the bulb and later the jabber.org logo, after hunting down the actual font used in the original JSF logo.
ralphmFor stickers, I'd just do the bulb, no text.
ralphmKev: well, yeah, I suppose. They haven't gotten to disabling IPv4 just yet. We move faster :-D
ralphmdwd, intosi, Lloyd: we started this wiki page just after last FOSDEM. Let's use this page to do some planning. http://wiki.xmpp.org/web/index.php?title=FOSDEM_Checklist
dwdLloyd, I'm intending on stickers.
dwdLloyd, Actually I was looking at both XMPP/XSF stickers and Jabber ones, but I was also aiming to get some "Hello my jid is" stickers done if I can.
ralphmdwd: but everyone and their dog will intercept your communications!
dwdOh, and I'm looking at prices for some zippy hoodies, seeing as the non-zippy ones seem to have been a hit. My wife tends to wear my older/smaller one a lot, which amuses me. But zippy hoodies aren't going to be cheap.
dwdHmmm... "Federation is my favourite F word"...
intosiAdded schwag part to the wiki page.
dwdFWIW, I don't want to redo the existing Orange/Grey XMPP Hoodies; I'd rather keep older schwag as "you had to be there".
intosiEditing conflict, I was adding more or less the same text for t-shirts ;)
intosi+1 on not redoing previous hits.
intosiAnd -1 on the oops.
KevDoesn't mean we can't redo things in the same style, though.
KevI liked the hoodies a lot.
dwdRight, me too - wearing mine at the moment, and as I say, Kellie was wearing hers yesterday.
dwdShe does ban me from wearing mine on the same day. Matching clothes in marrioed couples is, she feels, a bad thing.
KevIf one hoodie is awesome, surely two hoodies is at least twice as awesome.
dwdLike Howard and Hilda from Ever Decreasing Circles?
KevI understood each of those words. In isolation.
dwdKev, http://en.wikipedia.org/wiki/Ever_Decreasing_Circles - An image search for `howard and hilda "ever descreasing circles"' will find you images.
intosidwd: and why does your wife want to avoid this? ;-)
intosiralphm: Buurman & buurvrouw :)
Zashis also wearing the hoodie
Kevdwd: Images found. Why is this bad?
dwdshakes head in despair.
dwdHow much did we charge for the hoodies last time? I can't remember.