XSF Discussion - 2017-09-13

  1. Guus

    That was my first thought

  2. jonasw

    good morning :)

  3. jonasw

    edhelas, wait what, pizzas?

  4. edhelas

    jonasw, yup, but you have to finish MIX before :(

  5. jonasw


  6. jonasw

    I hope MIX doesn’t become our Duke Nukem Forever

  7. SouL

    Haha :D

  8. jonasw

    even though I’m lucky that I don’t have contact to the people from ten years ago to whom I jokefully made promises based on "when Duke Nukem Forever gets released"

  9. Ge0rG

    haha, I remember the bets on which comes first - DNF, PS3 or DM8000 (a highly anticipated Linux-driven HDTV set-top-box)

  10. jonasw

    which of those lost?

  11. Ge0rG

    the release order was PS3 -> DM8000 -> DNF

  12. emxp

    moparisthebest, Guus: yes, an article about this said this too, but it's about the 'health of a community". but what do you think. would this be interesting for XMPP?

  13. Guus

    emxp: i have not looked closely enough to formulate an opinion.

  14. emxp

    Im gonna search for an article in english about it

  15. edhelas

    the deadline to submit a talk to T-DOSE (in NL) is at the end of the month

  16. SouL

    edhelas, I hope we can get recordings :)

  17. edhelas

    the on_sub_and_presence config for PEP start to be a massive souce of stanza spam on login on my side

  18. edhelas

    I'm wondering if we could not put it by default and use MAM to handle that properly ?

  19. edhelas

    basically change that part in the XEP

  20. goffi

    edhelas: why you don't filter it (removing +notify) ?

  21. edhelas

    > A server MAY include messages of type 'headline', but this is not generally suggested. to > A server MUST include messages of type 'headline', but this is not generally suggested.

  22. edhelas

    goffi, because I still want to be notified when an item is pushed/changed

  23. goffi

    right, I was thinking about explicit subscription, but it doesn't change anything about on_sub_and_presence

  24. goffi

    edhelas: were do you find "A server MAY include messages of type 'headline', but this is not generally suggested." ? do you have a link ?

  25. Holger

    goffi: https://xmpp.org/extensions/xep-0313.html#sect-idm139061241577408

  26. goffi

    oh in MAM, OK

  27. Holger

    Very XMPP-like. "It might work this way but maybe not, you never know!"

  28. edhelas

    by puting headlines in MAM we could simply forget "on_sub_and_presence" and set pubsub#send_last_published_item to "never"

  29. goffi

    edhelas: headline are not supposed to be stored offline, I would change it for MUST NOT

  30. Holger

    The question is whether that rule makes sense.

  31. goffi

    and pubsub notifications should not be headline IMHO

  32. Holger

    And if it does, maybe we want to find a different solution to do what edhelas suggests.

  33. Holger

    I think the basic idea makes a lot of sense.

  34. goffi

    at least not by default

  35. daniel

    Well this forces clients to do MAM

  36. Holger

    The obvious problem is that this won't work for clients that don't support MAM.

  37. Holger


  38. daniel

    And MAM is a lot harder than just parsing incoming notifications

  39. daniel

    This doesn't only effect legacy clients

  40. daniel

    And MAM is experimental

  41. edhelas

    well we can still put headlines in MAM and progressively deprecate that in Pubsub

  42. goffi

    again, headline should not be stored offline

  43. Holger

    daniel: Because you might not fetch all history since your last session from MAM?

  44. Holger

    I see the issues. But I totally agree that resending unmodified PEP nodes on each and every login is stupid and can become a scalability issue.

  45. daniel

    Holger: well I'm thinking about someone implementing a new client from scratch wanting to support avatars or omemo and they would also have to implement mam from the very beginning

  46. daniel

    It will just make it more complicated to write clients

  47. moparisthebest

    that's a different broader topic, but we need to start advancing XEPs

  48. edhelas

    daniel, We can have both, still have on_sub_and_presence and MAM. But knowing that the server handle the headlines, I'd just drop the incoming PEP stanzas and handle only the MAM ones.

  49. daniel

    moparisthebest: yes

  50. moparisthebest

    xeps everyone has to implement for 'modern' chat experiences currently range from experimental to deferred and everything in between

  51. moparisthebest

    even 'draft' doesn't sound that great, and, apparantly, nothing EVER gets moved to final :)

  52. Holger

    If we put stanzas in MAM we'll also put them in offline storage so testing single-client usage should work without depending on MAM. Multi-client UX is bad without MAM anyway.

  53. daniel

    And there was some backlash when I tried to add more features to pep from people who want to keep pep really simple.

  54. Holger

    But I see how we don't want to require clients to always retrieve *all* MAM history.

  55. daniel

    I imagine those people won't be happy when we depend pep on mam

  56. jonasw

    I don’t have a strong opinion on your other pep suggestions, but depending pep on mam sounds horrifying.

  57. jonasw

    but ... it kind of makes sense :/

  58. edhelas

    and MAM is part of the 2017 compliance suites

  59. mimi89999

    What is it all about?

  60. edhelas

    well this is about finding links and coherence between the existing XEPs

  61. goffi

    I don't see the issue, 1) on_sub_and_presence is the default but can be disabled, 2) pubsub notification should be normal messages, not headline, so they will be in MAM 3) and again headline should not be stored offline

  62. jonasw

    edhelas, sure, but avatars are Core Client, MAM is Advanced Client

  63. Zash

    Weren't there something where you'd include a timestamp of your last notification and things would avoid sending notifications unless they have newer data

  64. goffi

    Zash: pubsub since ?

  65. goffi


  66. daniel

    But in general; the amount of bootstrapping and the resulting traffic I have to do on a full connect is enormous

  67. goffi

    Nyco already talked about this in a summit, but no action has been taken.

  68. edhelas

    daniel, +1

  69. moparisthebest

    and you can tell even in conversations which tries to hide it (if you disconnect an account, then toggle it back on, the 'Connecting...' phase takes FOREVER)

  70. edhelas

    for my account, I have ~5/6MB to download from the server

  71. Holger

    goffi: type=normal will only go into MAM if it has a body, according to the rules.

  72. goffi

    Holger: oh I see, then this should be changed. But keeping headline is really bad idea IMO

  73. Holger

    goffi: And I think it's desirable to agree on a single way for syncing PEP items. If one client depends on on_sub_and_presence and another one disables it, that won't help UX.

  74. goffi

    Holger: the fact is that it can be disabled already now

  75. daniel

    goffi: about the amount of data on connect? That was the summit two years ago even

  76. goffi

    daniel: yes

  77. jonasw

    aaand we’re back to persistent/transient messages :)

  78. Holger

    goffi: I was not arguing it can't :-) I was wondering about what's desirable.

  79. daniel

    Yes. I would really like to have a recursive disco caps hash thing that also hashes items

  80. goffi

    Holger: I generaly like the fact that you can adapt to your special case, but the trick is as it is done now, we can't be sure that we have the desired bahaviour without checking node config

  81. jonasw

    daniel, just the list of disco items or whole pubsub items?

  82. daniel

    Or rewrite Conversations to hold state across restarts and just resume all the time

  83. daniel

    jonasw: disco items mainly

  84. jonasw

    just disco items isn’t difficult

  85. jonasw

    we could add this to XEP-0390

  86. daniel

    (and their caps hashes of course)

  87. jonasw

    daniel, I’m not sure how that helps though

  88. goffi

    I'm not sure it would help to hash items, it's working well with feature because it's a quite static data, but items can change a lot and often (think about MUC rooms)

  89. daniel

    So I don't have to refetch all items' features on every connection

  90. jonasw

    what kind of items?

  91. daniel

    jonasw: when trying to figure out where the conference server or http upload server is

  92. Holger

    goffi: Our specs can be adapted to many use cases, but we're sometimes bad at specifying a single solution for a given use case, which results in bad interop. This would be another such case, IMO.

  93. jonasw

    daniel, ah, right

  94. jonasw

    daniel, do servers really have that many items that it matters?

  95. daniel

    jonasw: yes

  96. goffi

    Holger: I agree

  97. jonasw

    interesting, examples please?

  98. jonasw

    I wonder what’d be in there aside of a conference and an upload domain maybe

  99. daniel

    3 or 4 at least. Http upload, conference, pubsub

  100. daniel

    Echo sometimes

  101. daniel


  102. goffi


  103. daniel

    Gateways on old and stupid servers 😊

  104. jonasw

    daniel, I wonder whether we could expand the disco#items response to include hashes if servers support it

  105. jonasw

    that is a reasonable extension, and perfectly backwards compatbile

  106. daniel

    jonasw: yes I should probably raise this on the list again

  107. jonasw

    I’m all in for adding this to XEP-0390 if nobody finds a notable issues with it.

  108. daniel

    Two step process. Include the hashes in the items response. And then do a hash over the items

  109. daniel

    *the items hashes

  110. daniel

    I have a few ideas regarding Syntax but I'm on my phone right now. Can type them out tomorrow or so for the list

  111. jonasw

    daniel, I was thinking <item ...><caps xmlns="..."><hash>...</hash>...</caps></item>

  112. edhelas

    so regarding my proposal ?

  113. daniel

    There were also concerns from server items regarding how the server should know the caps hash of the item

  114. daniel

    (I think I brought this up before)

  115. daniel

    *from server developers

  116. daniel

    Thank God mailman offers a convenient way to search the archive and Flows offer to setup discord way rejected

  117. Holger

    Discourse even :-)

  118. goffi

    daniel: why "on old and stupid servers" ?

  119. daniel

    goffi: because 2005 just called and wants their broken transports into networks nobody uses back

  120. edhelas

    https://xmpp.org/extensions/xep-0312.html , looks like MAM to me

  121. daniel

    A call our friends at matrix never received by the way

  122. goffi

    daniel: there are gateways for IRC, mattermost, Skype, etc. I would not say nobody use those

  123. edhelas

    gateways that are implementing 20% of the features, buggy, breaks after weeks/months

  124. edhelas

    maybe except for IRC

  125. goffi

    thats for bad gateways

  126. edhelas

    because it's a quite stable protocol

  127. goffi

    Is there any spec to resend message by a server when destinee server is offline? Something like SMTP which retry after a delay?

  128. Ge0rG

    goffi: one could use 0198 on s2s links

  129. goffi

    GeOrG: that works for short outage in existing server, but I'm thinking more about first message to offline server.

  130. Ge0rG

    goffi: it might be a better UX to reject the message immediately. How are you supposed to know if that server exists at all?

  131. goffi

    you're not, but would be nice to try for a little while like email.

  132. Zash

    Some servers do

  133. jonasw

    goffi, I think trying for a while isn’t a good idea for IM

  134. jonasw

    (for certain definitions of "while")

  135. jonasw

    a few minutes may be ok

  136. Zash

    That's great when it's spam they are trying to send, and you end up with one billion connection attempts

  137. goffi

    Zash: same for email, and it works quite OK

  138. Zash

    Email isn't Instant Messaging

  139. Ge0rG

    But Jabber is the Email of IM!

  140. Holger

    goffi: I'm about to implement just that. I think it's horrible that we don't survive remote server reboots.

  141. Holger

    goffi: But I don't think we need any spec for that.

  142. Ge0rG

    isn't "survive" very relative?

  143. Ge0rG

    I think it would be a better UX, in a federated IM network, to have a "send again" button on failed messages.

  144. Zash

    Fail early, fail often!

  145. Holger

    Users love errors.

  146. Ge0rG

    Holger: yeah, silent failure is much better.

  147. Holger

    Did I suggest that?

  148. Holger

    Of course you return an error if retrying fails for n minutes.

  149. Ge0rG

    I think that having N>1 wouldn't be wise.

  150. Holger

    Ge0rG: IIRC I can submit a message from Yaxim while I'm offline? Why don't you return an error?

  151. fippo

    goffi: servers would have a hard time keeping track of order requirements. so this is probably a responsibility of clients.

  152. Holger

    Ge0rG: Why not? Because INSTANT?

  153. Holger

    Ge0rG: Why do we accept pending 0198 sessions for N minutes where N>1 then?

  154. Ge0rG

    Holger: because instant, yes.

  155. Ge0rG

    Holger: yaxim has a clear UI indication for offline messages.

  156. moparisthebest

    just make sure you have appropriate backoff set up, otherwise a server gets DOS'd, then good servers trying to reconnect and send messages end up DDOS'ing it

  157. Ge0rG

    Holger: do you have the same on s2s?

  158. goffi

    Holger: the issue is as a client I want to know if I can rely on this behaviour or not

  159. Holger

    Ge0rG: No. Just like I don't for the last hop from the recipient's server to the recipient's client.

  160. Holger

    goffi: You should rely on the message either being delivered or an error being bounced, IMO.

  161. goffi

    fippo: order would be hard to keep indeed

  162. Ge0rG

    Holger: but that server at least knows if the client exists.

  163. goffi

    Ge0rG: XMPP is not only about instant messaging

  164. jonasw

    Ge0rG, Holger, you could return a type="continue" error while retrying :)

  165. Holger

    Ge0rG: So we must return an error immediately because you can't wait 5 minutes for the error if you sent a message to a non-existent contact? Seriously?

  166. Ge0rG

    jonasw: a what?

  167. jonasw

    Ge0rG, https://tools.ietf.org/html/rfc6120#section-8.3.2

  168. Ge0rG

    Oh god. I wonder if there are any clients implementing that.

  169. Holger

    Might be a good idea.

  170. jonasw

    Holger, write a XEP which specifies that behaviour for any intermediary and also adds an element which indicates until when delivery will be re-tried

  171. Zash

    Something like the "We're still trying to deliver your email" notifications?

  172. jonasw

    Zash, yupp, but with more easily available semantics

  173. Holger

    Please hold the line!

  174. Zash

    Is there anything saying how many type=error replies you can get?

  175. jonasw

    not that I recall

  176. Zash

    Except for <iq>

  177. Ge0rG

    jonasw: what kind of stanza do you send to revert a type="continue" condition?

  178. jonasw

    Ge0rG, any other?

  179. Ge0rG

    jonasw: any other what?

  180. Ge0rG

    any other error?

  181. jonasw

    I see

  182. jonasw


  183. jonasw

    things are getting interesting again

  184. jonasw

    Ge0rG, maybe an opt-in is better for this type of stuff

  185. jonasw

    in which case another type="continue" "error" (meh) could be sent which indicates that the delivery has continued to the next hop

  186. Ge0rG

    we need a new error type "continued"

  187. jonasw

    that requires a change to RFC 6120 ;-)

  188. Ge0rG

    isn't this about EXTENSIBLE?

  189. moparisthebest

    also as an email client you have no idea if your email is delivered ever, or whether you will get a delivery failure notification or not either

  190. Holger

    I think just retrying a few times instead of giving up immediately will make everyone else happy :-P

  191. moparisthebest

    so it's a pretty bad comparison

  192. Holger

    moparisthebest: You'll get a bounce a few days later.

  193. moparisthebest

    you *might*

  194. goffi

    it's not because email doen't do it that we can't

  195. goffi

    we have discovery for that

  196. moparisthebest

    also we know (I think) we are only going through 2 hops max, client1 -> server1 -> server2 -> client2

  197. moparisthebest

    email can travel through unlimited server hops, each of which can have their own policy where they just scrap your email and notify you or not

  198. moparisthebest

    the original argument was 'email retries so we should retry too' but that's not actually the case is my only point, in reality maybe your email server retries, but you can't count on anything

  199. Holger

    Dunno whether I said that, but my main point is "users want retries to happen automagically rather than having to cope with temporary issues themselves".

  200. goffi

    moparisthebest: no, the original question was "Is there any spec to resend message by a server when destinee server is offline?", and SMTP was just given as an example

  201. goffi

    and if a server implement that, I would be able to know it with disco, so I can display it properly in UI

  202. moparisthebest

    fair enough, I think I agree with Holger though, that there really doesn't need to be a spec, the server should optionally retry once or twice over a short time, and send back an error if unsuccesful

  203. goffi

    I was hoping for something on a long time (e.g. personal server offline for the week-end because of maintenance), on a short time a spec is probably not needed indeed.

  204. moparisthebest

    so I send a message to someone@conversation.im and don't get an error message for a week because I missed the ending s ?

  205. goffi

    moparisthebest: no, I think more about "your message has not been delivered, we'll try to continue sending it for 2 days before giving up"

  206. moparisthebest

    I still think a user tends to wait instead of double checking their spelling though

  207. Ge0rG

    Holger: how many attempts do you want to make? and what exactly are you going to attempt?

  208. Ge0rG

    Holger: I think it is valid for a server to cache a stanza and attempt all the SRVs, direct DNS entries, IPs etc before giving up, but no more than that.

  209. moparisthebest

    what if the DNS server is being rebooted ? :)

  210. Ge0rG

    I really think that it's better to expose an error in the first <60s and to allow the user to resend with one click.

  211. moparisthebest

    also you really aren't supposed to do that with SRV or DNS records

  212. moparisthebest

    yea I agree

  213. moparisthebest

    I mean, give or take a few seconds

  214. Holger

    Ge0rG: Well I would make this configurable, but my initial idea would be to retry for 5 minutes by default, as that's a typical 0198 timeout which seems to work for most people.

  215. goffi

    we were talking about using MAM for notification before, delivery would be important there: if a notification is sent while destinee server is offline, it will not get it, and the pubsub item may be missed. This would not be the case with a pure PEP notification.

  216. Holger

    Good point.

  217. Holger

    Maybe 0312 is not a bad solution for edhelas' issue.

  218. Arc

    board meeting in 3 minutes

  219. Arc

    ralphm: nyco: Martin: MattJ: here?

  220. MattJ


  221. Martin


  222. Arc

    So, the classic Bside board this week

  223. Zash


  224. nyco


  225. Arc

    3/5 but mattj, martin, and myself are a classic combo

  226. nyco


  227. Arc

    ah nyco ruins it

  228. nyco


  229. nyco

    I can go

  230. Arc

    who's chairing this week?

  231. Arc

    nyco: its a joke

  232. nyco

    I am joking too

  233. nyco

    sorry for the misunderanding ;-)

  234. Arc

    humor subroutines confirmed

  235. nyco


  236. Arc

    so who's chairing this week?

  237. Martin

    I can chair, if just to break the silence...

  238. nyco


  239. Martin

    Ok, *bangs gavel in traditional fashion*

  240. Martin

    1) Roll call

  241. Arc


  242. nyco


  243. MattJ


  244. Martin


  245. Martin

    2) Minutes, volunteers?

  246. dwd


  247. Martin


  248. Martin

    3) Topics for decisions

  249. Martin

    Running from Trello here: https://trello.com/b/Dn6IQOu0/board-meetings

  250. nyco

    SCAM: blog post on hold POSS booth meetup in Krakow

  251. Martin

    3.1) SCAM. Where did we end up with this?

  252. nyco

    if my agenda is related to the board

  253. Martin

    The agenda comes from Trello. If it's not on Trello, it doesn't get in.

  254. Guus


  255. Guus

    I've left a lot of questions for the board

  256. Martin

    OK, lets try and rattle through them then

  257. Martin

    3.1.1) Can SCAM have a budget for things like stickers and folders?

  258. Arc

    I thought we already approved that

  259. Guus

    nope - board approved a one-time reimbursement.

  260. Arc

    what kind of budget were you thinking?

  261. nyco

    sure, how much budget?

  262. Arc

    Guus: ?

  263. nyco

    that is below 1k

  264. Ge0rG

    maybe it would be useful to define per-purchase and per-month caps, and to require individual board approval for higher budgets?

  265. Guus

    500~1000 USD / year

  266. Guus

    sorry, I'm in a building that's being closed down, after which I've got a 2h commute - might be unresponsive.

  267. nyco

    yeah, that corresponds to our capacity, roughly

  268. nyco

    I'll have to go at :30

  269. MattJ

    That seems reasonable to me, though I realise that I don't have any idea how the XSF currently stands financially

  270. Arc

    we're doing good

  271. Martin

    ^ What MattJ said

  272. dwd

    Roughly $10k balance, as I recall.

  273. Arc

    I'm good with $1k/year

  274. MattJ


  275. Martin

    Ditto, +1

  276. Martin


  277. nyco

    we vote on what?

  278. Martin

    $1k/year for SCAM

  279. nyco


  280. Martin

    Good, moving on

  281. Martin

    3.1.2)Can SCAM get access to the social media account(s) (for event announcement purposes). Notably: Twitter. The blog is accessible enough via PRs on the website project.

  282. MattJ

    How is Twitter currently handled? Who else has access to it?

  283. stefandxm

    is there a meeting going on?

  284. dwd

    stefandxm, Yes, XSF Board.

  285. stefandxm

    ty, then i will back off :)

  286. nyco

    we could use tools such as HootSuite or Buffer, so that everyone has its own account/password

  287. Guus

    (back, now from a parking lot with crappy reception)

  288. nyco

    so that the SM accounts passwds are not shared

  289. Arc

    or write a twitter-xmpp bot that does the same :-P

  290. Arc

    that was a joke

  291. Guus

    I'm less interested in the how, as in the approval itself.

  292. Martin

    So, we need to find out who has access, and hook them up with Guus, agreed?

  293. nyco

    is it a board duty to approve that?

  294. Ge0rG

    Arc: that bot would then post a dozen of russian spam messages a day, just to make a point.

  295. dwd

    nyco, In as much as it has not been devolved elsewhere.

  296. Guus

    I'd be happy to find the person(s) with access myself, btw.

  297. nyco

    SCAM should be responsible for SM accounts

  298. Zash

    Wasn't there a social media team or such before?

  299. Guus

    nyco: unsure, but topic for another meeting. SCAM is not commteam.

  300. Guus


  301. nyco

    ah good point

  302. jonasw

    given the time is nearly up, are we still discussing technical details or is this on-topic?

  303. nyco

    I guess commTeam could merge in SCAM

  304. jonasw

    cause I’d like to have my trademark application discussed

  305. nyco

    for what it does...

  306. Guus

    nyco. please, first the questions at hand

  307. Guus

    I've been waiting for weeks on feedback

  308. Guus

    given the time limitation: your votes please?

  309. Ge0rG

    can't you just approve that SCAM team shall get access to SM?

  310. Martin

    OK, so, we're happy for SCAM to have access to SM?

  311. Martin

    +1 for me

  312. nyco

    +1 of course, I add the SCAM should be responsible for those accounts

  313. Martin

    Arc, MattJ, votes?

  314. MattJ


  315. Guus

    Martin, in the interest of time: could you quickly do the member confirmation, for the record?

  316. Martin


  317. Guus

    should be a formality

  318. Guus


  319. Martin

    3.1.3) Does board approve Daniel Gultsch as a member of SCAM?

  320. Martin


  321. nyco


  322. Arc


  323. Martin


  324. Martin

    OK, approved. Next:

  325. Martin

    3.1.4) Does board approve Nicolas Vérité as a member of the SCAM?

  326. Martin


  327. nyco

    +1 ;-)

  328. MattJ


  329. nyco

    it hurts, voting for myself

  330. Martin


  331. Arc


  332. Martin

    OK, approved. NExt:

  333. Martin

    3.1.5) Does board approve Guus der Kinderen as the team leader of SCAM?

  334. Martin


  335. nyco


  336. Arc


  337. nyco


  338. Martin


  339. MattJ


  340. Martin

    OK, approved. Next:

  341. Martin

    3.1.6) Setting up MUC and mailinglist for SCAM

  342. Martin


  343. Arc


  344. nyco

    is it needed?

  345. nyco

    we should create stuff when it is needed, because that's one more thing to manage and maintain

  346. Guus

    I've suggested to take over the summit-ones

  347. edhelas

    doing it here would we enough no ?

  348. Guus

    but could create new ones if desired

  349. Guus

    I don't have a strong preference either way.

  350. Guus

    nyco: I'd prefer the team to be addressable by people seeking assistence.

  351. Arc

    ive gtg

  352. nyco

    I see

  353. nyco


  354. Arc


  355. Martin

    OK, approved, next:

  356. Martin

    3.2) Apply for trademark sublicense for JabberCat

  357. Martin

    Relevant GitHub PR here: https://github.com/xsf/xmpp.org/pull/358

  358. nyco


  359. Martin

    +1 from me

  360. MattJ

    I think a mailing list is ok (because we don't have one suitable already), but probably this MUC would suffice (and has more people active in it)

  361. Guus

    (Thank you for pushing all my questions through. The SCAM trello card can be archived now)

  362. Martin

    Sorry it took so long Guus, glad we got there in the end.

  363. nyco

    gotta go as well

  364. Martin

    MattJ: Do you have an opinion on the trademark license? Just needs your +1 to get it done.

  365. MattJ


  366. dwd

    As a point of order, it looks like the Board may not be quorate anymore. Although I cannot recall its quorum rules. (Also, if ralphm is actually about that'd solve the issue).

  367. Guus

    (nyco voted on the last item, but is now gone)

  368. Martin

    Nyco did his +1 before disappeareing

  369. Martin

    And we're not quorate any more, so I guess we should disband

  370. nyco

    sorry, bye! ;-)

  371. dwd

    Yes, indeed. Just noting this might curtail the meeting.

  372. nyco

    thx all!

  373. Ge0rG

    I'm okay with postponing my questions to next week.

  374. Guus

    sorry Ge0rG - mine are now out of the way though.

  375. Ge0rG

    This was a very intense and productive board meeting, so thanks to everybody

  376. Martin

    Ge0rG: If you send them to the members list, I can put them in Trello so they're ready, or are they in there somewhere already?

  377. Ge0rG

    Martin: all in trello already

  378. Martin

    Skipping 4) and 5) due to no people. And 6). 7) +1W

  379. Martin

    Done. Phew.

  380. Ge0rG

    SPAM and trademark fees

  381. Guus

    Martin: regular folk like us can add comments to cards, but not create cards. So, if board creates cards, others can fill in the blanks (not sure if everyone knows that). Could be helpful.

  382. Martin

    Ge0rG: Righto, yup, they're in there.

  383. Martin

    Guus: Good call, dwd, can you mention that at the end of the minutes?

  384. Guus

    there might be some cards that can now be removed, by the way. I've left housekeeping comments.

  385. dwd

    Ge0rG, FWIW, I'd be rather against a SPAM team/SIG. I think it can be, and should be, conducted in an existing venue (operators?)

  386. Guus

    ok, I'm going to drive home now. Thanks again for pressing things through.

  387. moparisthebest

    just generally curious, is there anything stopping cisco from just changing their mind and revoking the license to use jabber to the xsf and any sublicensees ?

  388. stefandxm

    i've a generic xml/xmpp question. about xml:lang; how is it suggested to use in iq stanzas. should the receiver respond with the same xml:lang or should if you make a "requested language" attribute have it explicitly added?

  389. SamWhited

    xml:lang is inherited, so you should just use whatever xml:lang they specified (probably on the stream, but maybe in the individual payload)

  390. stefandxm

    yes, but what about the response

  391. stefandxm

    ie; "i want information about xyz and i want the information in language nnn"

  392. stefandxm

    should that be implicitly understood by the language used in the request or should it be added in the payload as a specific attribute/request ?

  393. SamWhited

    It should be added in the payload or on the IQ itself if the one they sent doesn't match the stream.

  394. SamWhited

    XMPP is a bit odd in that there are two streams going on, one for input and one for output. xml:lang won't be shared between the two

  395. stefandxm


  396. stefandxm

    so should i add a "requested-lang" to the payload in the iq 'get'

  397. stefandxm

    or should i make it implicitly / recommended that the responder uses the same lang as the request is marked

  398. SamWhited

    So the flow is that you decode the IQ they sent you, check the xml:lang (which is probably inherited from the input stream, but might also be set on the IQ or payload itself), then check your output encoders xml:lang (probably set on the initial stream) and if it doesn't match set xml:lang on the IQ or payload before you send it

  399. SamWhited

    No, the "requested lang" *is* the input's xml:lang value

  400. SamWhited

    yes, the second one

  401. stefandxm


  402. stefandxm

    makes it easier for me :)

  403. SamWhited

    (someone who actually knows XML should double check me on that, but I'm pretty sure everything in the http://www.w3.org/XML/1998/namespace namespace gets inherited)

  404. jonasw

    SamWhited, not sure about the namespace, but xml:lang for sure gets inherited

  405. Ge0rG

    dwd: I don't care much where SPAM is handled, but there might be value in making it invite only

  406. moparisthebest

    the non-response is kind of what worries me, almost as if no one here knows anything about the jabber licensing scheme ... :)

  407. moparisthebest

    the point of xmpp for me is not to rely on the ongoing goodwill of some huge company, if we are indeed relying on the ongoing goodwill of cisco to use jabber, well, then I should just go back to google, hangouts?, or whatever it's called nowadays

  408. SamWhited

    moparisthebest: I don't know anything about the jabber licensing scheme, but the question also didn't make sense to me. A license *is* the thing that stops Cisco from changing their mind, no? Isn't the whole point of having a license or an agreement or whatever so that it's not just their word?

  409. SamWhited

    Also, it has nothing to do with using XMPP as that last thing suggests; it's just the term "Jabber".

  410. moparisthebest

    SamWhited, the only document I ever saw was a vague promise with a big NOT A LEGAL OR BINDING DOCUMENT prefix, from jabber inc to xsf before cisco bought them

  411. moparisthebest

    this is what I'm asking about, *is* there a license, and what does it look like, what are the terms

  412. jonasw

    moparisthebest, maybe you should try to get a hold of stpeter

  413. jonasw

    I think he’s most likely to have details and possibly even the related paperwork

  414. moparisthebest

    the license might say "cisco reserves the right to terminate this license at it's whim" for instance

  415. moparisthebest

    and that's fine, but if only stpeter has it, that's a problem too

  416. jonasw

    we just need to get large enough that Cisco wouldn’t dare to because we can generate enough negative press for them by whining publicly about it :>

  417. moparisthebest

    then if stpeter gets hit by a bus and cisco decides to revoke it (or sue everyone), then what? :P

  418. jonasw

    the bus factor thing has been discussed in one of last months board meetings btw

  419. moparisthebest

    SamWhited, true except there has been a push recently to standardize client language etc on the term 'jabber'

  420. SamWhited

    moparisthebest: https://xmpp.org/docs/Trademark_Enforcement_Agreement.pdf, https://xmpp.org/docs/Trademark_License_Agreement.pdf, https://xmpp.org/docs/Trademark_Letter_Of_Intent.pdf

  421. jonasw

    SamWhited, nice find

  422. SamWhited

    See also: https://xmpp.org/about/xsf/jabber-trademark/background

  423. moparisthebest

    ah yea all I saw before was the letter of intent

  424. SamWhited

    which was the first result in a Google search for "Jabber license agreement" or something to that effect.

  425. jonasw

    anyone have a URL to the "Jabber Trademark Position Statement"?

  426. jonasw

    ah, it’s attached to the letter of intetn

  427. edhelas

    does a pubsub node should return <feature var='http://jabber.org/protocol/pubsub#publish'/> if the JID is not authorized to publish an item in that node (applies for all the other stuff in the disco#info) ?

  428. moparisthebest

    jonasw, SamWhited do I read that wrong? https://xmpp.org/docs/Trademark_Enforcement_Agreement.pdf is expired because it's only good for 12 months from 2003 and if it terminates in any other way than transferring trademark to JSF, trademark goes back to JINC ?

  429. moparisthebest

    I am not a lawyer and hate legal things grr

  430. jonasw

    moparisthebest, that document is only about enforcement of the trademark things I think

  431. moparisthebest

    so we probably just care about https://xmpp.org/docs/Trademark_License_Agreement.pdf now, I guess

  432. moparisthebest

    a couple questions about that, does it change anything legally that neither Jabber Inc nor JSF are a thing anymore (former purchased by cisco, latter now XSF) ?

  433. jonasw

    no, it doesn’t

  434. jonasw

    with the purchase Jabber Inc merged into Cisco, which is why everybody is talking about Cisco instead of JINC now

  435. jonasw

    the XSF is simply a renamer of JSF afaict, so legally the XSF has fully inherited whatever the JSF did

  436. jonasw

    IANAL though

  437. moparisthebest

    What does point 5. mean? "No Right to Assign or Sublicense" ?

  438. jonasw

    I don’t know.

  439. jonasw

    I wonder whether there’s a follow-up document to that enforcement thing

  440. moparisthebest

    and lastly after we answer that about #5

  441. moparisthebest

    cisco can terminate this within 30 days if xsf doesn't enforce something

  442. moparisthebest

    what are the chances of the xsf being able to enforce anything ever, let alone within 30 days?

  443. moparisthebest

    there is no lawyer on staff for sure, right?

  444. jonasw

    moparisthebest, take action and enforcing are two different things

  445. jonasw

    but yeah

  446. jonasw

    good job, gandi. searching for jabbercat.org domain name, it suggests gibberish.cat >.>

  447. SouL

    Are you going to use jabbercat.org, jonasw?

  448. jonasw

    SouL, I plan to

  449. moparisthebest

    sounds like you should use jabber.cat instead jonasw :)

  450. jonasw

    moparisthebest, gone

  451. jonasw

    and cat has terms I don’t want to have to adhere to

  452. moparisthebest

    sounds like the XSF needs to get to enforcing

  453. moparisthebest

    oh really like what?

  454. jonasw

    domain names are fair use something

  455. jonasw

    moparisthebest, with .cat, you need to support the catalan culture/language in some way

  456. jonasw

    people apparently simply put a google-translate-ed version of their page up

  457. moparisthebest

    ah ok, well, you'd support instant messaging in catalan right? :)

  458. moparisthebest

    jonasw, are domain names fair use? because https://xmpp.org/about/xsf/jabber-trademark/usage-guidelines.html 1.3 has a whole section about when they are not allowed

  459. jonasw

    yeah, it describes what falls under "fair use" and what doesn’t ;)

  460. SouL

    jonasw, as I said, if you want to use .cat I can really help with that! And they don't really care, so...

  461. jonasw

    jabber.cat is also a jabber service apparently: https://jabber.cat/

  462. jonasw

    so I don’t want to fight them :)

  463. moparisthebest

    jonasw, did you notice the first word haha, funny

  464. moparisthebest


  465. jonasw


  466. moparisthebest

    isn't that your library name-ish?

  467. SouL

    Això means "this" :)

  468. jonasw

    hm, not really (aioxmpp vs Això)

  469. SouL

    well, "that"

  470. moparisthebest


  471. moparisthebest

    shift it around a little aixòmpp and now you can register a .cat, no one will even notice

  472. jonasw

    vanitasvitae, firefox refuses to connect to geekplace.eu (you linked that in your protoxep thread on standards@) with HTTPS due to SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED

  473. vanitasvitae

    Hm, thats Flows site.

  474. moparisthebest

    my firefox is fine

  475. SouL

    I wanted to get xmpp.cat but it was taken already

  476. jonasw

    maybe those are my facist cipher settings ... I think I disabled RC4 or something

  477. moparisthebest

    see what ssllabs says shortly, it's scanning

  478. moparisthebest

    ah it's using CAcert

  479. jonasw

    ah, maybe it’s the 1024 RSA thing then?

  480. jonasw

    ah, maybe it’s the 1024-bit RSA or the MD5 signature thing then?

  481. moparisthebest

    tell flow 2015 called and wants him to use letsencrypt

  482. moparisthebest

    no CAcert isn't a trusted CA

  483. jonasw

    I imported it once

  484. Zash

    Everyone must use Let's Encrypt!

  485. jonasw

    since I used it myself extensively

  486. jonasw

    Zash, *Everyone MUST use Let's Encrypt!

  487. moparisthebest

    jonasw, probably Signature algorithm SHA512withRSA

  488. moparisthebest

    that's, not exactly standard

  489. moparisthebest


  490. jonasw

    meh, that link re-analyzes

  491. moparisthebest

    oh I didn't think it did, that's annoying

  492. moparisthebest

    your problem from your error message is you disabled SHA512withRSA as a cert algorithm, or, if you don't have CACert as trusted, it's root cert is signed with MD5withRSA

  493. jonasw

    whatever it is

  494. moparisthebest

    I hate to say it, but the site works with http too...

  495. peter

    jonasw: To answer your question from the editor@ room, there is no successor to the trademark license enforcement agreement of May 2003. That's when we were transitioning from JSF/Jabber to XSF/XMPP (read the list archives, someone called me Hitler!), and interest in registering anything with the word JABBER™ in it had already waned. It's fascinating to me that this issue is still alive 14 years later. :-)

  496. moparisthebest

    peter, also from https://xmpp.org/docs/Trademark_License_Agreement.pdf what does point 5. mean "No Right to Assign or Sublicense" ?

  497. moparisthebest

    I'm not a lawyer which is why I'd universally prefer something not trademarked like 'xmpp' than something I have to ask questions about like 'jabber' :(

  498. jonasw

    peter, I’m confused then. on what basis does the XSF operate according to the Exhibit A of the Letter of Intent, the text which has now become the usage guidelines on the website?

  499. peter

    moparisthebest: that means the XSF can't assign its right to sublicense the mark to another organization.

  500. moparisthebest

    that makes sense I guess

  501. peter

    jonasw: what's the URL for the letter of intent?

  502. moparisthebest

    and hopefully it wasn't an 'assignment' to go JSF -> XSF ? :)

  503. jonasw

    peter, https://xmpp.org/docs/Trademark_Letter_Of_Intent.pdf

  504. peter

    moparisthebest: no, that wasn't assignment, just a legal name change for the organization

  505. jonasw

    (that text I am talking about (Exhibit A there) is the Jabber Trademark Position Statement, which I couldn’t find elsewhere; it is referenced as basis in the Enforcement Agreement)

  506. jonasw

    also, wtf, that mailing list thread from back then

  507. peter

    jonasw: I'm confused by your confusion. :-) Could you explain your concern a bit more?

  508. jonasw

    peter, I’m still trying to find the legal documents which give the XSF the permission to sublicense Jabber, as we were wondering if and under which circumstances Cisco could terminate our (the XSF’) right to sublicense

  509. peter


  510. jonasw

    I can’t read that from the License Agreement, because the terms the XSF seems to be operating on (the part of the Exhibit A / Jabber Trademark Position Statement / Usage Guidelines on the website) is not referenced there

  511. jonasw

    but IANAL, you have been there back then and may know more

  512. jonasw

    also, to lighten things up (quoting from that mail thread): > He is an extremely patient and tireless driving force > who deserves a great deal of recognition. Shame on you for your lack of > support. That is my perception, and I’ll use this opportunity to say Thanks for that.

  513. peter

    Aw, thanks. :-)

  514. peter

    jonasw: BTW are you a native speaker of English? If not (and even if you are!), these legal documents can be difficult to understand.

  515. moparisthebest

    I'm a native english speaker and still have problems groking lawyer-speak :)

  516. jonasw

    peter, no I’m not :(

  517. jonasw

    (the issue with legalese in any language is of course that you often don’t know you didn’t understand it :()

  518. jonasw

    still I’d expect some document which defines the guidelines under which the XSF can sublicense (but I may be wrong), but there doesn’t seem to be one if the Enforcement Agreement didn’t have a successor and expired (like I read it) after 12 months.

  519. moparisthebest

    the enforcement agreement he is talking about is https://xmpp.org/docs/Trademark_Enforcement_Agreement.pdf

  520. jonasw

    thanks, moparisthebest

  521. moparisthebest

    and I also read that it expired after 12 months

  522. peter

    So, a letter of intent is just that - a statement of principles and intention to work together toward something (in this case, an actual agreement regarding the trademark). At that time, there was quite a bit of controversy in the community about Jabber Inc., a drive to change the name to XMPP, and so on. The letter of intent was communicated to the community in late 2002, and as a result we developed the actual license agreement in March of 2003, and following that the enforcement agreement in May of 2003, see http://xmpp.org/docs/Trademark_Enforcement_Agreement.pdf

  523. peter

    Ah, yes.

  524. moparisthebest

    but that expired in may of 2004 right?

  525. peter

    There was supposed to be a 12-month "trial period" and then a discussion about potentially transferring the trademark to the XSF. Everyone got busy with standardization of XMPP at the IETF and with business as usual at Jabber Inc. I seem to recall that we addressed this a bit later on. Let me go AFK for a few minutes and look in the physical files, which are in my home office here. brb

  526. jonasw

    thank you for your effort, peter :)

  527. moparisthebest

    man he really is the best, no one else would get up from a desk and thumb through files :)

  528. peter


  529. peter

    OK, so I don't see it in my physical files. I'll need to check the email history.

  530. peter

    My personal email history does not reveal anything, either. I do have a recollection that we addressed this 12-month topic at one point, but it was a long time ago. I might need to look at the archives of the board@ list.

  531. peter

    Oh, but we decided not to have archives for the board@ list. :(

  532. jonasw

    sure? the mailman claims it is members only

  533. Guus

    Don't we have any at all, or perhaps no public ones?

  534. jonasw

    you don’t find them at /pipermail/board, but at /mailman/private/board

  535. jonasw

    here: https://mail.jabber.org/mailman/private/board

  536. peter

    I have admin privs on all the lists and I just checked.

  537. jonasw


  538. Guus

    To bad

  539. peter

    The Board Archives Currently, there are no archives.

  540. jonasw

    so for all we know the XSF currently does not have any authority over the Jabber™ whatsoever?

  541. peter

    I can ssh to the machine and poke around.

  542. peter

    jonasw: the XSF has authority, just not completely *documented* authority.

  543. jonasw

    okay :)

  544. peter

    I've been in communication about various trademark issues with JINC legal counsel and Cisco legal departments before JINC was acquired, after JINC was acquired, and after I left Cisco. There has never been any question that the XSF has continued authority to sublicense use of the JABBER mark.

  545. peter

    And I made sure that this was specifically re-affirmed when Jabber Inc. was acquired by Cisco in 2008.

  546. peter

    We just don't have a good paper trail on things after 2003.

  547. Guus

    Alex perhaps?

  548. moparisthebest

    peter, just recently there has been a bit of a push to revive 'jabber', and I'm more concerned if you get hit by a bus and cisco turns evil, they could probably just pull it?

  549. moparisthebest

    at least if there is no paperwork

  550. peter

    I can ask my contacts at Cisco legal if they have any additional paperwork.

  551. moparisthebest

    even now I'd guess recollections wouldn't hold up in court

  552. peter

    Guus: I've always been the keeper of the paperwork.

  553. Guus


  554. peter

    I'd be more worried about the bus factor than "just pulling it".

  555. peter

    After all, Cisco's (and before that Jabber Inc.'s) actual *behavior* since 2003 shows a continuous recognition that the JSF/XSF has the right to sublicense use of the mark.

  556. peter

    However, it would be a good thing for me to reach out to my contacts in Cisco legal because (a) people come and go (b) the new people don't necessarily know (c) maybe they have copies of something I don't have.

  557. moparisthebest

    that's true I think they do heavily consider past, uh, actions/behavior

  558. Ge0rG

    I'm slightly worried that Cisco legal will contact "the XSF" with a 30 day deadline to handle some specific case of trademark misuse, and that letter won't arrive in time (or board won't meet in time) and we will lose our sub-license.

  559. peter

    Ge0rG: Thanks for your concern. When I reach out to Cisco legal, I will mention the desirability of having a backup person to contact in case I get hit by a bus.

  560. Guus

    (also, we'd be bummed for other than trademark reasons, Peter)

  561. moparisthebest

    thanks for clarifying Guus :)

  562. Guus

    trying to spread the love ;)

  563. peter

    Guus: :-)

  564. Guus

    peter, if you have time for another, although more trivial, issue: according to Raja, you and someone else were involved with creating the xmpp logo.

  565. Guus

    I've asked him about that weird orange bit that continues to bug me. He is going to check his original designs, but was confident that it wasn't him that designed it like that. But, from what I gather, the design was a team effort of sorts

  566. Guus

    context: https://github.com/xsf/xmpp.org/pull/363

  567. Guus

    so, as a potential co-designer of that logo: what's your take on it?

  568. peter

    I have a graphics idiot and would not have been involved with that level of design. :-)

  569. peter


  570. peter

    Guus: you contacted Raja Sandhu about it?

  571. peter

    I don't recall anyone else being involved.

  572. Guus


  573. peter

    He's a nice guy, say hi for me. :-)

  574. Guus

    he mentioned you and someone else that he couldn't name.

  575. peter


  576. peter

    I never weigh in on graphics stuff because I know nothing.

  577. peter

    It was probably Matt Tucker.

  578. peter

    I think Matt introduced us to Raja.

  579. Guus

    fair enough. It's a long time ago

  580. Guus

    ah, I wondered about that. I saw Jive's logo in his portfolio :)

  581. peter

    Matt was CTO of Jive Software back in the day.

  582. peter

    He's started something new recently, I should check in with him.

  583. dwd

    peter, Igniterealtime FOundation, for one thing. :-)

  584. Guus

    Matt and me talk on occasion - he joined the Ignite Realtime Foundation board

  585. peter nods

  586. Guus

    but he started a new business too

  587. peter

    not igniterealtime, something more recent

  588. peter


  589. Guus

    Koan, iirc

  590. peter


  591. Guus

    that's it

  592. jonasw

    peter, thanks for all the clarifications :)

  593. peter

    So says LinkedIn, anyway. ;-)

  594. peter

    jonasw: sure thing!

  595. peter

    I have a phone call here in a few minutes, bbiab.

  596. Ge0rG

    peter: my concern wasn't even the bus factor but just potential practical issues with a process that's not exercised but has grave consequences when it fails....

  597. Guus

    who's controlling our website? As in: do we have a work team?

  598. jonasw

    Guus, thanks for adding that commit, I totally forgot

  599. Guus

    no worries. My grand plan is to give you access to modify the website yourself.

  600. Guus

    we could use some additional merge-button-pushers

  601. Guus

    and you're effectively doing most of it anyway :)

  602. jonasw

    don’t count on it now that I’m editor

  603. Guus

    meh, it's just about you having the ability to press 'merge'

  604. jonasw

    yeah, hitting merge is responsibility ;-)

  605. Guus

    so that someone active, other than me, can apply changes if I fall of the edge of the world for a bit.

  606. Guus

    jonasw: no more than providing the PR itself :)

  607. Ge0rG

    People could inject evil things into their PRs, like matrix propaganda. We need to watch out!

  608. Ge0rG


  609. jonasw

    The Matrix was a great movie

  610. jonasw

    so nothing wrong with that

  611. moparisthebest

    what about the sequals though

  612. jonasw

    which sequels?

  613. moparisthebest

    good answer

  614. Guus

    but, my original question: who gets to say who gets access?

  615. jonasw holds baseball bat threateningly

  616. jonasw

    Guus, interesting question :)

  617. jonasw

    is website a subset of social media? ;-)

  618. moparisthebest

    gajim has decided to color Guus and Ge0rG the same and between that and the G I can no longer tell the difference :'(

  619. Zash


  620. moparisthebest

    didn't you guys have a proposal for fancy coloring?

  621. moparisthebest

    or, consistant coloring

  622. jonasw

    moparisthebest, yeh

  623. jonasw

    I have a pre-proto-xep in my xeps dir

  624. jonasw

    I should add some finishing touches for ProtoXEPing it

  625. moparisthebest

    yes please

  626. Ge0rG

    It turned out to require fancy floating point math

  627. jonasw

    not *that* fancy

  628. Ge0rG

    Like my last proposal for MUC limiting.

  629. jonasw

    muc limiting does FPM anyways

  630. jonasw

    (as does anything in lua)

  631. Ge0rG

    In LUA

  632. moparisthebest

    for a super optional client-side coloring xep I think a floating point requirement is acceptable

  633. Guus

    do we still have a technical review team?

  634. Guus

    it's purpose apparently is to find out how we can help stPeter more. :)

  635. Ge0rG

    Least Usable Algorithms.

  636. Guus

    https://wiki.xmpp.org/web/Review_team (I recognize but a few of the member names - possibly due to out-of-date content after the crash recovery)

  637. Ge0rG

    This page was last modified on 26 August 2011

  638. Guus


  639. Guus

    I was going to add just SCAM, but I tried to make it consistent by adding all teams.

  640. dwd

    As noted against the PR, I think two of those teams are dead (and one is not a team, but a SIG, but lives yet).

  641. dwd

    The two are Comms, Review, and UPnP. Let's start again. Nobody expects the Spanish Inquisition. Our three defunct teams are...

  642. Guus

    You lost me. 😁

  643. Guus

    Ah, three defunct teams, according to you, are Comms, Review and UPnP.

  644. Guus

    Do we have members of those teams here to confirm?

  645. Guus

    Peter, Kev, Nyco, from memory...

  646. jonasw

    moparisthebest, I took a look at my draft for the color protoxep. there were a few edges to polish, unfortunately I’ll head to bed now. hopefully I get around to publish it tomorrow.

  647. moparisthebest

    sweet, no rush

  648. dwd

    Guus, No, Kev wasn't ever on the Review team, as he was on Council throughout its existence (as was I, I think).

  649. dwd

    Guus, I'm not sure anyone who was on it is still even a member.

  650. fippo

    let me check when upnp was done (aka: spec published)

  651. fippo

    the upnp spec was published in february 2015 @ http://upnp.org/specs/arch/UPnP-arch-DeviceArchitecture-v2.0.pdf

  652. Guus

    fippo: what does that mean in regards to the teams existence?

  653. fippo

    guus: "job done" i'd say

  654. fippo

    and upnp.org seems not to exist anymore

  655. moparisthebest

    still registered though Open Connectivity Foundation, Inc.

  656. fippo

    well, didn't notify the XSF about the change in name so... :-)