XSF Discussion - 2013-12-02

  1. Jef has joined

  2. bear has left

  3. tato has joined

  4. Zash has joined

  5. Jef has left

  6. Lance has left

  7. bear has joined

  8. tato has left

  9. tato has joined

  10. bear has left

  11. tato has left

  12. tato has joined

  13. Lance has joined

  14. tato has left

  15. Kev has joined

  16. SouL has joined

  17. Kev has left

  18. Alex has joined

  19. Alex has left

  20. Kev has joined

  21. Zash has joined

  22. Zash has left

  23. Lance has joined

  24. Zash has joined

  25. dwd has joined

  26. ralphm

    Simon: could you send me a copy of the e-mail you sent to Adewale. I was enjoying my weekend.

  27. Laura has joined

  28. Laura has left

  29. Lloyd has joined

  30. Jef has joined

  31. Kev has left

  32. Jef has left

  33. SouL has left

  34. Kev has joined

  35. SouL has joined

  36. SouL has left

  37. SouL has joined

  38. Zash has left

  39. Alex has left

  40. Kev has left

  41. stpeter has joined

  42. Zash has joined

  43. Lloyd has left

  44. Lloyd has joined

  45. bear has joined

  46. Lance has joined

  47. Lloyd has left

  48. Kev has joined

  49. Kev

    Getting to this thing tonight is not proving easy!

  50. stpeter

    this thing = ?

  51. Kev

    London XMPP meeting.

  52. Alex has joined

  53. Kev has left

  54. Kev has left

  55. Kev

    Is anyone in here going?

  56. Kev

    At this point it's not clear it's worthwhile me trying to make it, as it'd be half seven or eight before I got there.

  57. bear

    I don't think so

  58. Kev


  59. bear

    all of the people I know who are going are already there for the IoT part

  60. Simon

    Kev - Lloyd is there

  61. Jef has joined

  62. Simon


  63. stpeter

    chat with him while you still can :P

  64. Simon


  65. bear

    power failure! oh no!

  66. Kev

    And I'm still in the office. I'm really not making this :/

  67. Kev

    Simon: Is that Lloyd's email addr. as well?

  68. stpeter

    Kev: sorry to hear it :(

  69. Simon


  70. Kev


  71. ralphm

    Kev: who's the slave driver keeping you there?

  72. Kev


  73. ralphm

    Odd name

  74. stpeter


  75. stpeter tries to figure out his priorities for the remainder of the year

  76. ralphm

    1) avoid certain IETF mailing lists

  77. Kev

    2) avoid uncertain IETF mailing lists?

  78. ralphm

    3) done

  79. Simon

    Peter - your last paragraph reads very oddly: "Ideally, Google would decide to either shut off federation with the XMPP network entirely or at least support unauthenticated TLS for server-to-server connections. The limbo we're in is unfortunate."

  80. Simon

    Makes it sound like it would be ideal for google to stop federating :)

  81. Kev

    It reads as if stopping federation is best, and if they can't do that then they could at least TLS.

  82. Kev


  83. stpeter

    at this point, the lack of features and security in Google Talk is holding back progress, no?

  84. stpeter

    I agree that I might not have expressed myself very well

  85. Simon

    If progress = more features then yes. If progress = user_count, then no.

  86. ralphm

    Simon: weren't you the guy who wrote 'we tried to ignore as much of XMPP as possible'?

  87. ralphm


  88. Simon

    yes - because I think a lot of it is features that are irrelevent to 99% of end users.

  89. stpeter

    progress = better security

  90. stpeter

    (in this context)

  91. Simon

    Agree on better security. But it's a hard sell to server operators with paying customers and we might need to find a more nuanced solution. (/me really doesn't want opt-outs when it comes to TLS so I hope we can find a sensible way for Google to turn on TLS)

  92. ralphm

    Simon: my point is that if you want to promote using XMPP for anything, this is not promoting it, either. Even if it makes sense for *your* use cases, others disagree.

  93. ralphm

    As for Google, I don't give us a lot of odds getting this sorted out with them.

  94. Simon

    ralph: I'm talking about how we used it for our use case.

  95. ralphm

    Simon: *I* understand the context. For other people you are 'one of those XSF Board members'.

  96. Simon

    eg - we ignore vcards, we ignore PEP, we ignore as much as possible

  97. ralphm

    worthsmithing is not fun, but yeah

  98. Simon

    not in that email to Mozilla - I was very clear about how we used it for buddycloud. Buddycloud is not the XSF.

  99. ralphm

    Simon: again, I see that difference.

  100. tato has joined

  101. ralphm

    Not saying people at Mozilla are stupid, but, you know, people are busy and have different contexts.

  102. Simon

    Did anyone hear back from any Google folk today? Peter - were you able to ping any of your contacts?

  103. stpeter

    I shall do that now

  104. ralphm

    Similarly, as someone mentioned before in the board meeting, people outside of the XMPP community might see the Manifest as an XSF thing, even though it technically isn't. We need to be aware of such perceptions.

  105. Simon

    Ralph - I hear what you are saying - but we have to also address the fear that XMPP=100s of XEPs that must be followed. We know that they are optional. But someone at Mozilla or any other developer will look at XMPP and fear that it's a huge set of specs.

  106. ralphm


  107. Simon

    We should be clear about that - since we're discussing it here, at the Summit and at Board meetings then.

  108. ralphm

    As I said, we need to be careful in how we word things.

  109. ralphm

    I also wonder why people don't think of the IETF as 7000 of specifications you must implement to do anything on internet.

  110. stpeter

    as someone said recently on Twitter, XMPP is the C++ of messaging protocols :P

  111. Simon

    I have to say it sounds a little odd having a security initiative and then following it up by saying this ISN'T endorsed by the XSF.

  112. ralphm

    Nobody has said such a thing.

  113. ralphm

    The XSF might, still.

  114. bear

    then we should be talking about that now

  115. ralphm

    I do know that one of the initial responses I got was that (large?) companies generally don't really like manifestos.

  116. bear

    test day can be seperate from the manifesto

  117. ralphm

    sure it can

  118. stpeter

    large companies might not generally like security, either ;-)

  119. Simon

    Manifesto can be the trigger if that makes you feel more confortable. IMHO this is a really important selling point of XMPP and it's not quite right yet when you look at the results coming out of XMPP.net. (although getting better).

  120. ralphm

    Well, I think that if you recently publicly stated that you are going to start encrypting all your inter-DC traffic, you kinda care.

  121. stpeter

    ralphm: you might care about protecting your stuff but not your customer's stuff

  122. Simon

    ralphm - I hope so.

  123. ralphm

    If we arrive at 19 May, and this list *isn't* looking good then, yeah, we kinda failed.

  124. stpeter

    but I can't speculate about motivations, because I simply don't know

  125. Simon

    I'll ping Ade now and see if he heard anything.

  126. stpeter

    ralphm: if much more of our traffic is encrypted, then we've succeeded

  127. ralphm

    stpeter: good point

  128. Lloyd has joined

  129. Simon

    To me the most frustrating part is not even getting an ACK back from anyone at Google's XMPP team.

  130. ralphm

    Simon: welcome to our world

  131. Simon

    Jonas has generally been really helpful when I've pinged him about other issues.

  132. dwd

    Simon, Arguably, Google no longer has an XMPP team. I suspect the federation is running largely because it's not yet caused any further problems.

  133. stpeter

    dwd: the thought has crossed my mind

  134. Simon

    Do they need to call in the A-Team?

  135. dwd

    stpeter, I think there's also the impact of the IETF folk using it for meetings. It'd cause embarrassment if that failed. It has occured to me that if we could persuade the IETF to go encrypted, we might force the issue.

  136. stpeter

    dwd: well, you've seen the discussions about https for ietf.org, I take it :-)

  137. stpeter

    dwd: I gave a warning about this in my remarks at the plenary

  138. dwd

    Oh, I didn't see that.

  139. ralphm

    do you think it is a big issue?

  140. stpeter

    dwd: I was the last person to go to the mic at the technical plenary in Vancouver

  141. Kev

    "as someone said recently on Twitter, XMPP is the C++ of messaging protocols :P" Wow, that's really high praise

  142. stpeter


  143. Kev

    dwd: You mean there was someone who /wasn't/ watching that plenary?

  144. Kev has left

  145. jabberjocke has joined

  146. Kev has joined

  147. Kev has left

  148. Kev has joined

  149. stpeter has left

  150. stpeter has joined

  151. bear has left

  152. Lloyd has left

  153. tato has left

  154. fippo

    frankly, as long as jabber.org deploys tls-only that's enough for me

  155. fippo

    this will cause waves and break things

  156. fippo

    things that ought to be fixed.

  157. tato has joined

  158. fippo

    dwd: i'm showing googles webrtc team that ignoring jingle and xmpp is a very bad thing currently (-:

  159. stpeter nods to fippo

  160. tato has left

  161. tato has joined

  162. Jef has left

  163. tato has left

  164. dwd has left

  165. Lloyd has joined

  166. dwd has joined

  167. tato has joined

  168. tato has left

  169. dwd has left

  170. Lloyd has left

  171. tato has joined

  172. tato has left

  173. Kev has left

  174. jabberjocke has left

  175. jabberjocke has joined

  176. stpeter has left

  177. jabberjocke has left

  178. tato has joined

  179. tato has left

  180. tato has joined

  181. tato has left

  182. Alex has left