XSF Discussion - 2017-02-28


  1. daniel

    I wonder if it's too much to ask from gsoc students to join the muc

  2. MattJ

    I don't think it's too much to ask

  3. Zash

    Newspeak?

  4. jonasw

    or Zeitungsenten ("newspaper ducks") in german

  5. Ge0rG

    which is probably translated as "hoax"

  6. Tobias

    nah... 📰🦆 sounds way better

  7. jonasw

    that’s even outside unicode 8.x. you’re unfair. ;P

  8. Tobias

    jonasw, it just shows the effort :)

  9. Zash

    Over U+9000?

  10. dwd

    daniel, There's a gsoc@ MUC specifically for them to join, and we ask them to.

  11. Tobias

    so we don't interrupt the ongoing board meeting here

  12. Ge0rG

    This board meeting is the best one. The longest board meeting. It's awesome.

  13. dwd

    Tobias, Alright for you. I've been taking minuites for the past six months.

  14. Ge0rG

    My Android won't show that secod glyph either, what is it?

  15. Tobias

    those minutes will probably blow up mailman when the meeing concludes

  16. Guus

    to be fair, I think that the subject has only been set like two weeks ago...

  17. daniel

    Ge0rG: time to get a new phone

  18. Ge0rG

    daniel: time to get a new OS update.

  19. Tobias

    Ge0rG, it's one of the ducks, obviously

  20. Ge0rG

    but maybe I'll get me a Nokia.

  21. dwd

    The subject was indeed set only in response to my assertion that nobody uses the subject.

  22. dwd

    And then left as-is, because nobody uses the subject...

  23. Tobias

    which kind of shows this UX inconsistency definilty needs to be fixed with MIX :)

  24. dwd

    Tobias, I'd honestly prefer we built a feature people actually wanted to use. But not a hill to die on, etc.

  25. dwd is just a grumpy old man on this - haha - subject.

  26. Guus

    ghee, who knew that there was content under that 'recent events' list on the wiki? :)

  27. Zash

    what the

  28. Guus

    ?

  29. Zash

    Looking at https://xmpp.org/software/libraries.html and noticed that the link for Verse points to the older unsupported version I never used, instead of the new one that's basically a subset of Prosody libraries.

  30. Guus

    I am looking forward to your PR :)

  31. Zash

    MattJ: Do you have a web page for the new verse, other than the source repo?

  32. Guus

    http://code.matthewwild.co.uk/verse ?

  33. Guus

    ah, that's the repo

  34. Guus

    http://www.matthewwild.co.uk/projects/verse/home

  35. Zash

    Guus: PR'd

  36. Guus

    merged

  37. uc

    Zash: hi, looking at babbler, it too points to old version.

  38. Zash

    uc: Your turn to write a PR :)

  39. MattJ

    Thanks Zash

  40. uc

    Ok sorry, I think I forgot I clicked on something, it looks ok.

  41. Zash

    MattJ: You can thank me by writing docs for Verse :)

  42. Zash

    Guus: The in-Github editors syntax highlighting seemed upset about the unescaped * in "IP*Works Internet Toolkit". Is whatever does the rendering fine with \* ?

  43. Ge0rG

    Can we please-pretty-please announce a sunset period for old clients, servers and libraries to jdev@ and kick out everything that didn't react within a month?

  44. Guus

    Zash - i don't know. Try and find out? I've added Vagrant-based instructions that should make it pretty easy to run a virtual machine with the website

  45. Guus

    Ge0rG: sure.

  46. Tobias

    Ge0rG, blablabla

  47. Ge0rG

    unfortunately, the according discussion in [board|council] dissipated into bikeshedding.

  48. Tobias

    Ge0rG, we need have an implementation ready first for our website publishing

  49. jonasw

    Tobias: have you worked on the jinja thing?

  50. Tobias

    jonasw, haven't gotten around doing that yet

  51. jonasw

    Tobias: need help? :)

  52. Zash

    Guus: Vawhatnow?

  53. jonasw

    I can into pelican and jinja2

  54. Tobias

    jonasw, if you have the time, feel free to do a PR on the xmpp.org repo that does this kind of thing. I'll be happy to review it

  55. Guus

    ash: https://www.vagrantup.com/

  56. Guus

    Zash: https://www.vagrantup.com/

  57. jonasw

    Tobias: okay :)

  58. Zash

    Website too flashy, I'm skeptical.

  59. Tobias

    if we have this ready in PR form and tested that it works, we can announce the new process on jdev, and merge the PR a week later and done

  60. Guus

    Zash: it predates stuff like docker, I think

  61. Ge0rG

    Tobias: how is website publishing happening now? I read Guus' #246 PR merge mail and wondered why I can't find the "getting started" page

  62. Bunneh

    Ge0rG: Mix #246 https://github.com/xsf/xeps/pull/246

  63. Ge0rG

    Bunneh: no. wrong repository!

  64. Zash

    Ge0rG: How is Bunneh supposed to know?

  65. Guus

    Ge0rG: Yeah, I've been wondering about that too

  66. Ge0rG

    Zash: dunno. How am I supposed to tell it?

  67. Guus

    not sure what happened there - Locally, it worked fine.

  68. Guus

    I am *assuming* that the website gets periodically updated from github, automatically. If there's an actual person involved, then someone is now blocking that change and I'm not aware :)

  69. Tobias

    Ge0rG, it's three parts, pelican building HTML files, and sed replacing a longish string in one HTML file with the list of XEPs

  70. Ge0rG

    Tobias: that was only two parts.

  71. Tobias

    the list of XEPs is generated on demand by the XEP editor, while the website is automatically rebuilt from master 3-4 times a day i think

  72. Tobias

    Ge0rG, don't tell me how to count my thoughts :P

  73. Guus

    Tobias: Ge0rG is referring to a page that I added in https://github.com/xsf/xmpp.org/pull/246 - which was merged two days ago, but is not available on the website.

  74. Ge0rG

    Tobias: the two biggest problems in Computer Science: 2. Event Ordering; 1. Naming Things; and 3. Off-by-one errors

  75. Guus

    I assume I messed up somewhere, but I haven't spent the time to figure out what went wrong.

  76. jonasw

    FYI, starting to work on the overhaul of library pages with magic expiry

  77. Guus

    \o/

  78. Tobias

    jonasw, thx...if that works nicely, we can extend that to client and server pages too

  79. jonasw

    well, yes, I’m doing that all in one rush.

  80. jonasw

    or at least in a way which is easily extensible

  81. Ge0rG

    jonasw: sounds interesting

  82. Guus

    Ge0rG: I'd be grateful if you can figure out what went wrong with my merge though.

  83. Zash

    Is there like a manifest of pages cached somewhere?

  84. Ge0rG

    Guus: I'm sorry, I have no idea about how the website works internally

  85. Guus

    Ge0rG: neither do I, but that's not stopping me :)

  86. jonasw

    I’m going to spread the word on the XSF-GSOC, do any other projects have a nice overview page like this? https://conversations.im/gsoc.html

  87. Tobias

    jonasw, there is https://wiki.xmpp.org/web/Summer_of_Code_2017 but with less nice CSS on top of it

  88. jonasw

    thanks!

  89. jonasw

    Tobias: https://github.com/xsf/xmpp.org/pull/269

  90. jonasw

    worksforme locally, let’s see what travis thinks of it :)

  91. Tobias

    jonasw, thx...will five that a review soon

  92. Kev

    That looks interesting, thanks.

  93. Tobias

    jonasw, thx...will give that a review soon

  94. Ge0rG

    jonasw: you could replace `last_renewed` with a bit of git-blame magic :P

  95. jonasw

    Ge0rG: what if someone fixes a typo or converts URLs to https without interacting with the project?

  96. Tobias

    right

  97. Ge0rG

    jonasw: and there is the opposite problem of a project that is maintained but where the record doesn't change ;)

  98. Tobias

    the idea is that the authors can issue PRs, that update the last_renew timestamp to a time in the past.

  99. Kev

    It's not much fun to issue PRs just for updating a timestamp, but it's also low-maintenance for the XSF and that seems like a good thing. And it's not too onerous.

  100. Kev

    It's certainly a not-very-contentious thing to get done Right Now.

  101. jonasw

    as mentioned in the PR, updating a timestamp is done by .

  102. Ge0rG

    Kev: +1

  103. jonasw

    as mentioned in the PR, updating a timestamp is done by ./data/update-entry.py data/libraries.json $libraryname && git commit -avm "Update timestamp of $library" && git push

  104. jonasw

    that’s low maintenance even without PRs.

  105. jonasw

    gah, there are obvious bugs in that line, but you get the idea

  106. Link Mauve

    I haven’t yet sent a formal proposal about a format for developers to describe their software, but I have worked on it and am planning on sending that soon-ish.

  107. Link Mauve

    It would remove the need to do a PR against every website listing their software.

  108. Link Mauve

    https://linkmauve.fr/files/client-sample.xml for a WIP of which I’m very not satisfied yet, but trying to include the information I want to have available.

  109. jonasw

    Link Mauve: please make your server send a content-type for xml. firefox probably tries to render this as html because there’s no Content-Type header.

  110. Zash

    y u no disco#info

  111. Link Mauve

    As discussed at the summit, I also want it to be usable like on the w3c specification pages, where they list implementations directly on the page.

  112. Link Mauve

    Zash, because it’s highly incomplete, requires an instance of it to be online and reachable through s2s, requires this software to be a client or a server, etc.

  113. jonasw

    Link Mauve: looking at the XML: logo maybe as favicon?

  114. Link Mauve

    jonasw, “Content-Type: text/xml; charset=utf-8”

  115. Zash

    Link Mauve: I mean the format, not the method

  116. Link Mauve

    Firefox is probably trying to be smart with the xmlns:xhtml.

  117. jonasw

    Link Mauve: why did firebug lie to me.

  118. Link Mauve

    Zash, and extend it with all of the informations we need?

  119. jonasw

    agh, looked at the wrong header because it came out of the cache :(

  120. Link Mauve

    Zash, and extend it with all of the information we need?

  121. jonasw

    firefox bug then, I have never said a thing, Link Mauve

  122. jonasw

    Zash: Link Mauves XML even contains disco:identity

  123. Zash

    Link Mauve: Maybe, what info is required?

  124. Link Mauve

    jonasw, the final thing would probably be a RDF-like format, but I don’t know enough about RDF or the semantic web yet to design it like that immediately.

  125. Zash

    Link Mauve: Sounds overkill

  126. Link Mauve

    Zash, have a look at the sample I posted.

  127. Link Mauve

    Zash, maybe, as I said I don’t know enough about it to make an informed decision.

  128. jonasw

    Zash: not neccessarily: using established formats makes it easy to parse with existing tooling

  129. jonasw

    og:image etc. are well-established tags, I’d be interested how tools like facebook react if you simply link that thing (and make the webserver pretend it’s XHTML… just to fool them)

  130. jonasw

    although, facebook etc. are notoriously bad with XHTML, especially when namespace prefixes are used :(

  131. Link Mauve

    jonasw, I would guess you don’t even need to pretend it’s XHTML, text/xml is already a valid XHTML content-type.

  132. jonasw

    it’ll probably still break on namespace prefixes :/

  133. SamWhited

    Everything is bad when namespace prefixes are used :) I'm always half tempted to suggest we write XMPP 2.0 with the only change being that namespace prefixes aren't allowed.

  134. Link Mauve

    I originally wanted to use these og: properties, but there was e.g. no way to specify the licence, or to specify what is a logo and what is a screenshot, so I gave up on that idea.

  135. jonasw

    SamWhited: with a proper XML parser, namespace prefixes are irrelevant to the application.

  136. Zash

    SamWhited: <stream xmlns="urn:xmpp:stanzas"> yeeeeaaaah

  137. SamWhited

    Zash: yes please!

  138. Zash

    or just urn:xmpp?

  139. jonasw

    SamWhited: <iq xmlns="jabber:client"> for each stanza? :)

  140. SamWhited

    jonasw: No, default namespaces are still a thing, just not prefixes.

  141. Zash

    jonasw: jabber:client and jabber:server ought to go away completely

  142. jonasw

    right

  143. SamWhited

    Half the XML parsers out there aren't proper, or are buggy… it's just needless complexity that makes implementing XML difficult (which in theory I don't have to care about, but if <language-of-choice>'s built in XML parser is broken, I do)

  144. Zash

    SamWhited: This means no namespaced attributes.

  145. SamWhited

    Zash: Sounds good to me

  146. Zash

    SamWhited: You can start by getting Pidgin to get rid of {http://www.google.com/talk/protocol/auth}client-uses-full-bind-result='true' :)

  147. jonasw

    SamWhited: the instant stream resumption xep would break then :)

  148. Zash

    Redesign it

  149. SamWhited

    jonasw: Yah, it would be a backwards incompatible change; I'm pretty okay with that for a 2.0 version (not that I actually expect this to happen, it's just fun to think about; I have RFC modifications floating about for this somewhere :) )

  150. SamWhited

    Also, RE Pidgin: … wat?

  151. jonasw

    SamWhited: if you get rid of namespace prefixes altogether, why not go with JSON right away :)

  152. SamWhited

    jonasw: Because JSON doesn't have namespaces, and isn't really streamable.

  153. jonasw

    Link Mauve: https://tools.ietf.org/html/rfc4287 might be interesting for your usecase

  154. Zash

    SamWhited: GTalk compat stuff that annoys me because to no end as it shows up in logs all the time.

  155. SamWhited

    Zash: That hurts me :)

  156. Link Mauve

    jonasw, Atom would be fine as a container format, to notify subscribers of new releases, but it doesn’t define any of the elements we will need in there.

  157. jonasw

    Link Mauve: atom:rights, atom:logo, atom:published, atom:updated, atom:title seem all like very relevant things; and it explicitly allows extensions in foreign namespaces

  158. Link Mauve

    jonasw, indeed, maybe I’ll use that as a container format, especially since I plan on requiring it to be hosted as a PubSub feed, so multiple websites can get notified of new versions.

  159. jonasw

    Link Mauve: https://www.iana.org/assignments/link-relations/link-relations.xhtml#link-relations-1 those may also be interesting (cf. https://tools.ietf.org/html/rfc5988 )

  160. Link Mauve

    jonasw, thanks.

  161. jonasw

    (I once wrote a blog/static webpage framework before I came across pelican, I spent quite some time figuring out how to put metadata correctly into websites so that they produce nice snippets in social media)

  162. Kev

    ralphm: Could you please add me to and make me an admin of https://trello.com/xmppstandardsfoundation/members ?

  163. Kev

    'kevinsmith', I believe. The avatar is pretty obviously me.

  164. SamWhited

    Do we already have a gsoc MUC somewhere? (eg. where should we point people who ask about XSF gsoc?)

  165. Zash

    gsoc@muc.xmpp.org ?

  166. SamWhited

    oh hey, yup, that worked. Thanks.

  167. SamWhited

    I should get a client that allows me to actually list rooms one day.

  168. SamWhited

    (although I suppose I should have just guessed that one)

  169. dwd

    SamWhited, Instead you have a conversational UI to search rooms with full natural language support, called "asking Zash".

  170. SamWhited

    dwd: It works pretty well in Conversations and Mcabber!

  171. dwd

    SamWhited, Cross-platform server-side, FTW.

  172. jonasw

    @council: could you put https://mail.jabber.org/pipermail/standards/2017-February/032328.html on your agenda for the next meeting?

  173. SamWhited

    jonasw: What would the actual discussion be about?

  174. jonasw

    whether a modification of XEP-115 is worth the trouble

  175. Zash

    Clarifying is always good

  176. SamWhited nods

  177. jonasw

    it’s more than clarifying

  178. SamWhited

    I'll add it as soon as us-east-1 comes back and the entire internet stops being broken.

  179. jonasw

    I can write up what I’m thinking about; it would re-do the concatenation of the disco information because as it currently stands it’s weird and it’s been discussed a few years back.

  180. SamWhited

    (or maybe Trello having trouble is unrelated, but I just got an alarm from Amazon and now nothing works, so I'm making the assumption that they're related…)

  181. jonasw

    SamWhited: to be clear, I specifically include the suggestion by Florian: > And after we decided a successor of SHA-1 for XEP-0115 we could also fix the existing flaws of XEP-0115 like [1], because this would require a namespace bump anyway.

  182. Zash

    What requires a namespace bump?

  183. jonasw

    Zash: https://mail.jabber.org/pipermail/standards/2017-February/032324.html > But it may be sensible to change the mandatory hash algorithm of XEP-0155. And after we decided a successor of SHA-1 for XEP-0115 we could also fix the existing flaws of XEP-0115 like [1], because this would require a namespace bump anyway.

  184. Zash

    Are there any clients using features such that their caps hash would change if the special characters were escaped?

  185. SamWhited

    Changing a new thing to be mandatory would require a bump, I think

  186. Zash

    What if we pretend that the algorithm was always like that?

  187. Zash

    Just, poorly documented

  188. Zash

    And put some text into an implementation note

  189. jonasw

    what escaping are you talking about?

  190. Zash

    Hrm, I lost my caps compression experiment :(

  191. Zash

    > Joe Hildebrand (one of the authors of the XEP) mentioned that his intention was that you would escape any "<" to "&lt;" in feature names. But this isn't specified in the XEP and isn't obvious.

  192. Zash

    jonasw: The [1]

  193. jonasw

    right, that wouldn’t help with Attack 3 and 4 outlined in [1]

  194. Zash

    poke waqas

  195. Ge0rG

    Let's bump all the namespaces at once. It even better. Let's bump the namespace of XMPP to XMPP2!

  196. jonasw

    Ge0rG: you’re late to the party, SamWhited outlined XMPP 2.0 above

  197. SamWhited

    Ge0rG: That's part of my evil plan, *shhh*

  198. moparisthebest

    is it going to be json over http?

  199. moparisthebest

    cause then I'm out >:)

  200. Ge0rG

    With a DAG based storage backend?

  201. jonasw

    moparisthebest: https://i.imgur.com/cT3NEdI.gif ;-)

  202. moparisthebest

    I mean we might as well re-invent it right, why not, NIH syndrome is cool

  203. Zash

    Globally distributed DAG in MongoDB with extra blockchain on top?

  204. jonasw

    I am torn between existential despair and laughter.

  205. SamWhited

    Zash: You forgot the Docker; gotta use some Docker.

  206. SamWhited

    Otherwise it's not webscale.

  207. jonasw

    oh and Cloud

  208. moparisthebest

    right, and obviously the only choice for language is javascript running in node.js

  209. Zash

    http://howfuckedismydatabase.com/nosql/fault-tolerance.png

  210. moparisthebest

    yea that is my favorite one from that site

  211. moparisthebest

    maybe my favorite cartoon of all time

  212. jonasw

    now I need to watch Erlang The Movie again.

  213. moparisthebest

    especially the sick erlang burn (sorry ejabberd guys)

  214. SamWhited

    Erlang is one of the coolest languages ever made, and concepts from it (and other similar CSP style languages) should have become part of mainstream programming 20 years ago… and I still can't stand to write anything in it just because I hate reading it.

  215. jonasw

    disclaimer: I never knowingly saw a bit of erlang code.

  216. moparisthebest

    same jonasw I'm kind of ashamed to admit I've never looked at it at all :)

  217. SamWhited

    Just for fun, if you're interested, watch this and spot the Erlang reference :) https://www.youtube.com/watch?v=8pTEmbeENF4

  218. SamWhited

    (and then still don't go write Erlang, because it will make your eyes bleed)

  219. jonasw

    I wonder whether it’s worse than Cortex-M0 ASM

  220. moparisthebest

    I guess arc would be the only one that would know :)

  221. Ge0rG

    Some years ago, when I still was running ejabberd, a student approached me for inspiration. I told him that erlang is awesome and totally different, and now he's working at a telco development company.

  222. moparisthebest

    using erlang?

  223. jonasw

    :D

  224. Ge0rG

    Yes

  225. moparisthebest

    my favorite dig at erlang is this: https://www.erlang-solutions.com/blog/mongooseim-2-0-0beta2-the-power-of-an-xmpp-platform-with-the-simplicity-of-a-rest-api.html

  226. Ge0rG

    Developing tr069 equipment and Hotspot login things

  227. moparisthebest

    knocks XML for being 'not trendy', uses erlang...

  228. waqas

    Zash?

  229. Zash

    waqas: there was mention of the caps issue earlier

  230. waqas

    I haven't read the backlog, but did it start with sha1?

  231. Zash

    I guess

  232. jonasw

    waqas: context is this: https://mail.jabber.org/pipermail/standards/2017-February/032324.html it appears that now is a good chance to fix xep 115

  233. waqas

    Caps is completely broken. Updating the XEP to suggest XML escaping isn't going to fix it. Please read old threads for why. The caps algorithm is bad. sha-1 to sha-2/3 is meaningless given how broken the algorithm is.

  234. jonasw

    waqas: yes, i mean actually fixing

  235. Ge0rG

    Wasn't there a workaround for clients to recalculate the checksum?

  236. waqas

    Not a working one Ge0rG. The simple workaround is to not share caps cache across JIDs.

  237. waqas

    And no server side implementation does that for PEP

  238. MattJ

    The "old thread" is https://mail.jabber.org/pipermail/standards/2011-August/025011.html

  239. waqas

    Which links to my older thread: https://mail.jabber.org/pipermail/security/2009-July/000812.html

  240. waqas

    Wow, it was 8 years ago

  241. MattJ

    Feel old? :)

  242. Ge0rG

    That ejabberd story made me feel old as well. Sigh.

  243. Ge0rG

    Also that I'm using this nickname for over 20 years already.

  244. daniel

    Security awareness doesn't seem to run very strong among in the xsf

  245. Zash

    That's what the IETF is for

  246. daniel

    That xep should be retracted

  247. SamWhited

    It could use some pretty serious work…

  248. Zash

    It could use xep-300

  249. daniel

    SamWhited: just retract it. Copy past the xml over in a new xep with a new namespace and do the nul thing with sha2 Dave suggested 8 years ago

  250. daniel

    If you don't retract it it get forgotten for another 8 years

  251. SamWhited

    oh, yah, it's draft, so maybe that would be the more practical course of action

  252. jonasw

    daniel: +1

  253. jonasw

    although it might be wise to not use NUL but the field separators in the last control characters up to U+0020

  254. jonasw

    that allows to convey the structure

  255. jonasw

    and they’re still disallowed in XML

  256. jonasw

    I’d be happy to write that up.

  257. Zash

    Are you sure that they are disallowed?

  258. waqas

    Note that the null thing isn't sufficient. The data model is nested, and you need at least two delimiters, if not more.

  259. waqas

    \0 and \1 would work. Both are disallowed in XML.

  260. jonasw

    waqas: that’s why I suggest to use FS DS etc. from ASCII

  261. jonasw

    Zash: https://www.w3.org/TR/2008/REC-xml-20081126/#charsets characters does not cover 0x00 through 0x1f, except for 0x09 (tab), 0x0a (newline), 0x0d (carriage return)

  262. Ge0rG

    There are field and record separator characters in ASCII. I'm even using those in my xmpp client

  263. jonasw

    this includes CDATA sections as well as normal text and attribute data

  264. jonasw

    Ge0rG: +1

  265. Ge0rG

    But I felt dirty for implementing them.

  266. jonasw

    why? :)

  267. Ge0rG

    Because I was abusing Android's key value XML storage to contain a table of ASCII separated key value pairs

  268. jonasw

    :D

  269. waqas

    Ge0rG: Was the hack really that dirty? I don't know what you did, but I'm reminded of the story of Mel. Read that one? :)

  270. Ge0rG

    waqas: nope

  271. waqas

    Ge0rG: http://www.pbm.com/~lindahl/mel.html

  272. Ge0rG

    https://github.com/pfleidi/yaxim/blob/master/src/org/yaxim/androidclient/data/YaximConfiguration.java#L195-L202

  273. Ge0rG

    waqas: ah, that story!

  274. waqas

    Zash, jonasw, Ge0rG: This is the important email in the thread, explaining the problem: https://mail.jabber.org/pipermail/standards/2011-August/025035.html

  275. waqas

    daniel: ^

  276. jonasw

    waqas: thanks

  277. jonasw

    that’s why I’m in favour of using the ASCII control codes for structural information. there are four control codepoints for that.

  278. waqas

    Sigh, that thread is painful to read. I was being such a pain :P

  279. jonasw

    you are right though :)

  280. waqas

    Always

  281. SamWhited

    Being a pain about security issues is a good thing.

  282. SamWhited

    Please keep doing it :)

  283. waqas

    Unfortunately it wasn't effective. Things went nowhere :)

  284. Zash

    Talking didn't help? How unusual :)

  285. jonasw

    SamWhited: being in council (other council members may of course chime in) what do you think is more sensible? (a) write up a fresh XEP based on the idea of XEP-115 with new hash function and new algorithm to generate the input for the hash function, based on waqas thoughts (b) write up a patch for XEP-115 with new mandatory hash function and new algorithm to generate the input for the hash function, based on waqas thoughts (c) wait for the next council meeting before doing anything. (d) none of the above, please fill in here: _____________

  286. jonasw

    XEP-115 was hurting my eyes ever since I started implementing it, and I want to see it fixed.

  287. SamWhited

    jonasw: I'm with daniel; (a) makes the most sense to me. Actually doing it is a whole different matter though :)

  288. jonasw

    then I’m starting to do it right now.

  289. Zash

    <{newcaps}c node=''><{hashes}hash algo='sha-wesome'>ASDF</hash>{<hash/>...}</c>

  290. SamWhited

  291. Zash

    jonasw: do it

  292. Zash

    Do things and talk about them.

  293. waqas

    I think we should just have a new XEP with a new namespace and a super simple algorithm.

  294. waqas

    Trying to patch XEP-115… I'm sure many would like to do that, but I've said my piece on my that's a bad idea.

  295. SamWhited

    Does anyone happen to know where the canonical version of rfc2629.dtd lives (as an actual file so that I don't have to go through and remove all the page breaks and headers that get injected if I try to copy / paste from the RFC)?

  296. SamWhited

    Or does it live anywhere? All I can find are old draft copies on random non-IETF websites

  297. SamWhited

    or 7991 or whatever we're on now

  298. jonasw

    good night everyone

  299. SamWhited

    aha! Found a tiny ihdden link on the xml2rfc page

  300. SamWhited

    Trello just deployed some stuff to not-aws so it's back now; pretty sure someone wanted something on the agenda, but I don't remember what now… something about SHA-1.

  301. Zash

    jonasw 18:51 @council: could you put https://mail.jabber.org/pipermail/standards/2017-February/032328.html on your agenda for the next meeting?

  302. SamWhited

    Another thing I wish either of my clients had so that Zash wouldn't have to take the features place: Search.

  303. SamWhited

    (thanks)

  304. moparisthebest

    I'd be more concerned as to how Zash got access to your MAM archive SamWhited

  305. moparisthebest

    prosody backdoor? someone call the guardian!!!!!

  306. Zash

    By the use of a magical device called a scroll wheel.

  307. Zash

    It can see into the past

  308. SamWhited

    I'm not actually sure there is a way to scroll in mcabber; I assume there is. I should probably figure out the shortcut for that.

  309. Zash

    Wild guess: Pg Up

  310. moparisthebest

    I can see the headline now "Popular chat server has backdoor, developer codname "ScrollWheel""

  311. moparisthebest

    I can see the headline now "Popular chat server has backdoor, developer codename "ScrollWheel""

  312. SamWhited

    nah, that changes to the previous/next chat.

  313. Zash

    ScrollWheel. SamWhited. Coincidence? I think not.

  314. SamWhited

    looks like Ctrl+P

  315. SamWhited

    TIL

  316. SamWhited

    I feel like I knew that at one point

  317. waqas

    That's for printing...

  318. Zash

    SamWhited: Hah. So, exact opposite to irssi.

  319. SamWhited

    yah, the keyboard shortcuts aren't the most consistent thing; some of them are random, some are irssi style, some are vim style

  320. SamWhited

    mostly I just use the vim style ones and don't know any of the others

  321. arc

    what the bloody hell

  322. arc

    refering to the email that was just sent

  323. SamWhited

    heh, yah, I wonder where he got that random list of people to send it too

  324. arc

    is he refering to the old defunct and should be removed XEPs or something new?

  325. SamWhited

    ¯\_(ツ)_/¯ one possible outcome of the IoT SIG's work would be to replace the existing stuff (or improve it before we consider advancing them) like we discussed at summit, so I guess he meant the old ones?

  326. daniel

    The idea to throw 115 away came primarily from the desire to act now and deal with a replacement later

  327. Ge0rG

    "The "S" in IoT stands for Security." just has become my quote of the year.

  328. daniel

    SamWhited: /buffer up.

  329. SamWhited

    oh hey, that too; thanks

  330. moparisthebest

    another question because I'm curious, some members of council and board are up for membership renewal this time

  331. moparisthebest

    what happens if they don't get renewed?

  332. SamWhited

    There's only one way to find out! :)

  333. moparisthebest

    :)

  334. moparisthebest

    ok everyone vote no for Link Mauve so we can find out!

  335. Ge0rG

    moparisthebest: what incentives are you going to offer? Should I PM you my Bitcoin address?

  336. moparisthebest

    I'm curious, I'm not paying money curious :)

  337. Guus

    I for one shall follow Link Mauve in the to be created real XSF. The other XSFses are fake. #sad

  338. Ge0rG

    Guus: you will create the best xsf. An awesome xsf. There is no other xsf than yours?

  339. Guus

    Believe me. I create the GREATEST XSF. Be careful of the other ones. Full with bad hombres.

  340. Guus

    But I am sleepy. Anarchy is postponed until tomorrow. Goodnight.

  341. moparisthebest

    still waiting on a joke about a wall

  342. SamWhited

    moparisthebest: Guus' probably going to turn off federation with the other XSFs (and make them pay for it)

  343. moparisthebest

    thanks

  344. Guus

    I see that my work here is done.

  345. Zash

    Something something we're going to build a mod_firewall ... oh wait

  346. Ge0rG

    Zash: and forbid the Russians to send us messages?

  347. SamWhited

    ooh yah, that one's better

  348. Ge0rG

    You meant "bitter"?

  349. SamWhited

    Too true

  350. Zash

    We need a joke about proof of work things too

  351. waqas

    Pow!

  352. Ge0rG

    Zash: the xsf has proven to work by holding its longest board meeting yet. We don't know how long it is, but it's going on for two weeks already, and it's the best board meeting. It's an awesome board meeting

  353. Ge0rG

    How much Bitcoin can you make with cheap jokes?

  354. Ge0rG

    How many xsf members does it take to replace a lightb^W cryptographic hash function?

  355. Tobias

    waqas, you mean kung pow?

  356. Ge0rG

    Tobias: really awesome movie!

  357. Tobias

    indeed