XSF Discussion - 2017-09-14

  1. Guus

    peter: Raja hi's you back. ;)

  2. Guus

    Can someone verify that we formally disbanded the Communiations Team and the Review Team?

  3. Guus

    dwd seems to think so - lacking any documentation, it'd be good to have a second person weighing in.

  4. Guus

    ah, I forgot that there was a discussion on a mailing list. I'll continue it there.

  5. jonasw

    is there an archive of board meeting minutes aside from the mailing list?

  6. Guus

    the website has them, but not after 2015

  7. Guus

    ah, no

  8. Guus

    those are council votes and member vote meeting minutes

  9. Guus

    not board

  10. Guus

    jonasw: you might know: can we configure the mailing list daemon to have mailing list archives, without accepting new messages? Close the list down, without removing the archive?

  11. jonasw

    Guus, yes

  12. jonasw

    there are a few ways. one would be to remove all members, another would be to set all members to moderated and add a matching moderation/rejection message

  13. jonasw

    that way the list formally continues to exist, anyone (who has permission) can read the archives, and if needed you can resume list operation at some ponit

  14. jonasw

    downside: the moderation/rejection notice thing can turn into backscatter quickly, but if simply discarding all messages is ok, that’d work too

  15. Guus


  16. jonasw

    all of this can be done via the webinterface

  17. jonasw

    my two cents is that removing the supposedly inactive teams from the website after two rather experienced members mentioned that they have shut down is probably fine

  18. jonasw

    if someone complains, git revert isn’t hard

  19. jonasw

    but I would probably wait it out too, if I was in your position ;-)

  20. Guus

    jonasw: I'm modifying the PR as we type, and pointing to that PR in a mail reply.

  21. Guus

    people can weigh in on that, and if they don't, we'll eventually merge the PR

  22. Guus

    (but the PR doesn't take care of the MUC/Mailinglist entities, if they're there, so a bit more work might be needed)

  23. Guus

    done / mailed.

  24. Guus

    also, I'm out for now

  25. Guus


  26. jonasw


  27. jonasw

    now I’m wondering whether it’d make sense to have loosly defined groups of occupants in MUCs which can be addressed with @foo, like @iteam. possible implementation: people who want to belong to a group publish <member xmlns="...">iteam</member> in their presence. their client will highlight on @iteam. other clients can show that @iteam refers to a specific group of people.

  28. Ge0rG

    jonasw: ITYM MIX.

  29. jonasw


  30. jonasw

    this is entirely independent of the relay as long as it publishes presence

  31. Ge0rG

    jonasw: I think that the idea has merit, but I'd rather use the affiliation mechanism for that.

  32. jonasw

    meh, probably breaks horribly with MSN

  33. jonasw

    but a JID can only have one affiliation, and affiliations also have influence on the permissions

  34. Ge0rG

    Damn. We can't have nice things.

  35. Ge0rG

    jonasw: [xep 317] is there.

  36. jonasw

    (publishing this in presence has the advantage that things like CSI can act on that)

  37. Ge0rG

    Sigh. Bots?! https://xmpp.org/extensions/xep-0317.html

  38. jonasw


  39. Ge0rG

    Is there an XEP to require bots to respond with a link to [xep FOO]?

  40. jonasw

    that looks much like what I proposed

  41. dwd

    jonasw, Hats were intended as ad-hoc role based access control (sorta).

  42. jonasw

    syntactically anyways

  43. dwd

    jonasw, You're after self-selecting groups, right?

  44. jonasw


  45. dwd

    jonasw, Self-selecting groups sound like an interesting concept.

  46. jonasw

    (that XEP needs some wording on "MUC service supporting hats MUST NOT forward <hats/> payload in presences sent by clients"

  47. jonasw


  48. jonasw

    dwd, thanks ☺

  49. jonasw

    essentially it’d be publishing a list of words your client highlights on

  50. dwd

    jonasw, I think XEP-0317 might need killing with fire, if it weren't an amusing bit of XSF lore.

  51. dwd

    jonasw, Hmmm. Well. It's codifying a <reference/> system, that's for sure. Not so sure it'd be a simple text match, but maybe it would be in MUC.

  52. jonasw

    mmm, using reference for that is appealing

  53. SouL

    jonasw, I would love that feature. I miss it at work, for example. But it is really useful I think.

  54. dwd

    jonasw, But anyway, it's a "publish a list in presence" thing, I think, if they're self-selecting, for MUC. For MIX, we could do something more formalised.

  55. jonasw

    dwd, MIX could simply gather that from presence into a pubsub node

  56. jonasw

    then clients don’t have to worry about things

  57. jonasw

    hm, then again, you probably don’t want to have the list to be the same in all rooms

  58. jonasw

    this would be a nice XEP to build on top of MUC, MIX and references.

  59. dwd

    jonasw, MIX occupants might not have any presence, though.

  60. jonasw

    dwd, yes, and there are other issues with that, so MIX indeed needs a different mechanism for this

  61. dwd

    jonasw, Oh, and yeah, MIX presence is just broadcast presence, isn't it?

  62. Ge0rG

    dwd: while we are on reference systems, were you able to get a grip on the reactions mechanism author?

  63. tux

    Good morning!

  64. jonasw


  65. jonasw

    tux, good morning and congrats :)

  66. dwd

    Ge0rG, Sort of. Doesn't work as cleverly as I'd thought.

  67. tux

    jonasw: thanks :)

  68. dwd

    Ge0rG, But also our internal document describing it is 0 bytes. :-)

  69. tux

    I tried to find out what "SCAM" means in the XSF context, but could not really find anything. (Mostly a resources page on the XMPP wiki; Google is not really helpful here.) Could anybody please enlighten me? Or the newbies via members list? Am I just blind to the relevant paragraph/link?

  70. dwd

    tux, Summits Conferences And Meet-ups.

  71. jonasw

    tux, it is Summits, Conferences And Meetups team

  72. Ge0rG

    I think there are two important issues with hats/notify-strings/whatever in presence: 1. it helps a MUC service / user's server to determine "important" messages and to push them to CSI-inactive / Push enabled clients. 2. this is another data leak in E2EE scenarios

  73. tux

    Ah, thanks :D

  74. dwd

    tux, Outreach work team, basically.

  75. Ge0rG

    tux: https://wiki.xmpp.org/web/XSF_Summits_Conferences_And_Meetups_workgroup

  76. jonasw

    Ge0rG, don’t do it with E2EE unless you can encrypt whole stanzas *shrug*

  77. Ge0rG

    jonasw: you know my position on E2EE :P

  78. jonasw


  79. jonasw

    I indeed do

  80. tux

    That page even mentions "SCAM", but Wiki search for SCAM only returns this page: https://wiki.xmpp.org/web/SCAM/Material

  81. Ge0rG

    so, "jonasw> Ge0rG, don’t do it with E2EE" - full stop.

  82. jonasw

    Ge0rG, E2EE in MUC contexts is not my department

  83. Ge0rG

    tux: there is also a wiki category "SCAM". Somebody should add a descriptive text to it.

  84. tux

    Ge0rG: if its fine with you I'd just add the link for now

  85. dwd

    Ge0rG, Thanks for volunteering, Somebody.

  86. tux

    (link to scam team page)

  87. jonasw

    Ge0rG, can you rename and redirect the "XSF_Summits_Conferences_And_Meetups_workgroup" page to "Summits, Conferences And Meetups (SCAM) workgroup" or something?

  88. jonasw

    then it’d turn up in the search more reliably

  89. jonasw

    (I heard you have wiki powers)

  90. Ge0rG

    dwd: I was trying to motivate our new member, actually

  91. dwd

    Also, it's a "Work Team", which has a formal meaning within our bylaws.

  92. jonasw

    Ge0rG, ah, then while renaming fix it to Work Team too :)

  93. dwd

    We should probably create a parallel "Special Interest Group", too, in order to have an open group without executive powers.

  94. Ge0rG

    dwd: we should watch out that we don't end up with more groups than we have active members.

  95. tux

    I've just done this for now: https://wiki.xmpp.org/web/SCAM/

  96. jonasw

    tux, good start, but trailing slashes are uncommon in wiki URLs

  97. jonasw

    also, try a #REDIRECT instead (<https://www.mediawiki.org/wiki/Help:Redirects>)

  98. tux

    (Why does the wiki engine not remove the trailing slash from the URI? -.-)

  99. Ge0rG

    tux: because you added one?

  100. Ge0rG

    /es are kind of funny in mediawiki

  101. jonasw

    / is just another character to mediawiki

  102. jonasw

    it doesn’t care

  103. jonasw

    while it cares way too much about capitalisation

  104. tux

    I see.

  105. tux

    Okay ,I should have moved the SCAM/ page instead of creating another one

  106. tux

    the SCAM redirect is done, but I cannot get rid of SCAM/

  107. jonasw

    you might need Ge0rGs superpowers to remove SCAM/

  108. jonasw

    yes, &action=delete gives a permissions error

  109. tux

    Ge0rG: can you please remove SCAM/ ?

  110. tux is off to a meeting

  111. Ge0rG

    tux: done as requested

  112. tux

    Ge0rG: thanks :)

  113. edhelas

    would it be possible to add https://wiki.xmpp.org/web/T-DOSE_2017 to SCAM ?

  114. Ge0rG

    edhelas: at your service

  115. edhelas

    Guus, you just got a mail from Jean-Paul Saman to know what is the status

  116. edhelas

    if there is people that lives in Belgium, NL or Europe in general and are interested about a nice little event in Eindhoven in November please have a look at the T-DOSE 2017 page on the wiki :)

  117. SouL

    Guus, regarding the logo, if you check this: https://xmpp.org/images/promo/xmpp_server_guide_2017.pdf it looks OK there. Are there two versions of the logo or the author of that PDF updated the logo himself?

  118. Guus

    SouL: unsure

  119. SouL

    I was sure that I saw the logo like you say on Github, but didn't want to say anything until I could find a proof

  120. Guus

    SouL: I'm traveling. Please comment in github

  121. edhelas

    hi, I'm working on my PR for pubsub#multi-items in the 0060

  122. edhelas

    what do you think of "The service supports the storage of multiple items per node and requires the pubsub#max_items configuration item to be exposed to the user, and allow sensible values."

  123. goffi

    edhelas: I don't see how max_items can indicate that there is no maximum (unlimited items)

  124. goffi

    I think it's missing

  125. edhelas

    should we add that feature as well ?

  126. edhelas

    what about setting it to zero ?

  127. goffi

    it it's made mandatory with multi-items, it should be there for sure

  128. goffi

    also max_items use underscore (_) while multi-items uses dash (-), should be made coherent

  129. goffi

    hum it's max_items which is not coherent with others, too late to change probably

  130. goffi

    max_items is not even in https://xmpp.org/extensions/xep-0060.html#features with others :(

  131. edhelas

    should I add it ?

  132. edhelas

    I'll add it

  133. goffi

    edhelas: max_items is not enough by the way ? If I have max_items > 1 I have multi-items right?

  134. goffi

    I guess you should yes

  135. goffi

    it will be reviewed by council anyway

  136. edhelas

    yes but it's a feature exposure

  137. edhelas

    if you have max-items exposed, I don't know if you can support more than 1

  138. edhelas

    multi-items ensure that

  139. goffi

    edhelas: if max-items = 10 we know that we can support 10, and we should have a value for unlimited

  140. edhelas

    or basically we change max-items and we say that it should be here if the server doesn't support more than one

  141. goffi

    looks like redundant to me, but I may be missing something

  142. edhelas

    goffi, what if the node is not even configured, or not existant ?

  143. edhelas

    how can I know if the service can handle more than one ?

  144. goffi

    edhelas: oh you want this to be exposed by the service, not the node, OK

  145. goffi

    max_items don't make sense for a service indeed

  146. goffi

    or maybe it does, not sure actually

  147. edhelas

    ralphm, here ?

  148. edhelas

    goffi, afaik, max-items is not a feature exposed by the service, but just a configuration variable

  149. edhelas

    that's why it's max_items and not max-items

  150. edhelas

    multi-items actually tell that info to the user and force max_items to be set above 1

  151. goffi

    edhelas: but we need to know how many items, if it's multi-items but with 2 items max, it's not useful for e.g. a blog

  152. edhelas

    this is something different, I'm talking about the service features again here

  153. goffi

    that doesn't change the point

  154. jonasw

    Guus, your logo thing is a cannot unsee

  155. edhelas

    what you are requestion is exposing max_items to the node metadata, like the title or the number of subscribers

  156. edhelas


  157. edhelas

    goffi, I'll add that in the metadata

  158. goffi

    edhelas: it's also a service thing, if I create a new node, I need to know if I can store more that 5 items for instance

  159. edhelas

    this all "authorisation" thing is quite buggy in the 0060

  160. edhelas

    "if I create a new node" => there's no way to know if you are even allowed to create a new node, or publish in it

  161. edhelas

    0060 is based on a "fail to try" pattern

  162. edhelas

    this would require to expose the access model

  163. goffi

    I don't see harm in that

  164. edhelas


  165. goffi

    edhelas: it's missing a way to indicate "no limit"

  166. edhelas

    goffi, https://github.com/xsf/xeps/pull/500#issuecomment-329440142

  167. goffi

    edhelas: OK good

  168. Guus

    jonasw: welcome in my world of cannot unsee.

  169. Link Mauve

    “16:08:43 SamWhited> Because we have a lot of different clients and servers and enough interoperability problems without denying every element that has some clients proprietary extension in it.”, funny you say that, I’ve found a bunch of bugs in various implementations by doing exactly that. ^^

  170. Link Mauve

    Not that I would use it in release mode, but for debug it’s a fantastic tool.

  171. goffi

    Link Mauve: what are you talking about? Looks interesting (I have not message from SamWhited in my logs, but I may be missing a part)

  172. Holger

    goffi: http://logs.xmpp.org/xsf/2017-09-12/#15:05:02

  173. Link Mauve

    goffi, it was about making a strict XMPP parser, which checks that no foreign element or attribute is set on known elements.

  174. Link Mauve


  175. Link Mauve

    I already found many issues in many different implementations, both clients and servers.

  176. jonasw


  177. jonasw

    the world’s small

  178. jonasw

    Link Mauve, do you do your DNS yourself?

  179. Link Mauve

    jonasw, no, I use the domain crate.

  180. jonasw

    I see, anyways, I PM’d you with some issues I found, you may want to raise them with your provider

  181. Link Mauve

    Also, xmpp-parsers itself doesn’t handle any connection, it only parses XML into Rust structures.

  182. jonasw


  183. jonasw

    different thing

  184. jonasw

    I was talking about DNS for linkmauve.fr

  185. Link Mauve

    Oh, then yes I do. ^^

  186. Ge0rG

    The author of https://www.bleepingcomputer.com/news/security/this-spam-service-will-charge-25-to-stop-spamming-you/ seems to be very interested in XMPP <https://www.bleepingcomputer.com/author/catalin-cimpanu/> I wonder if we should contact him and involve him a bit in SPAM.

  187. Link Mauve

    Fixed, I forgot to bump my SOA, so my secondary didn’t receive the newer revision.

  188. SouL

    Ge0rG, sounds like a very great idea! Nice to read this also "the easiest way to reach Catalin is via his XMPP/Jabber address at campuscodi@xmpp.is."

  189. Ge0rG

    SouL: yeah, I was positively impressed.

  190. stefandxm

    Iam making a protocol for time series data. I am seeking feedback to see if I should make an XEP of it. It is available at http://opensource.clayster.com/lwtsd/Communications/lwtsd/

  191. jonasw

    Ge0rG, yes we should

  192. jonasw

    will you do it?

  193. stefandxm

    (it is work under progress)

  194. stefandxm

    or in progress :-)

  195. dwd

    stefandxm, The best way to seek such feedback is to submit it to the XSF as a protoXEP.

  196. stefandxm

    dwd, yeah. but its quite a lot of work to rewrite it to xep format so I'd like some comments before committing to that

  197. intosi

    stefandxm: I note you added an element starting with xml (xmlschema), which is generally reserved for the XML spec itself (see XML 1.0 §3)

  198. stefandxm

    ty. ill fix that

  199. intosi


  200. stefandxm

    iam also struggling with my xml schema expertise in specifying "type" information. i tried to use xs:facet as xsd itself is doing but i couldnt get it through the parser

  201. Link Mauve

    stefandxm, ugh, your server (opensource.clayster.com) doesn’t support HTTPS. :/

  202. stefandxm

    but the parser seems broken in mono so it might be valid

  203. stefandxm

    link mauve, i know.

  204. Ge0rG

    jonasw: I will after reading all his articles

  205. jonasw

    stefandxm, I’m having a hard time to figure out what the specifciation does and how it works in the end. A few examples would be useful

  206. stefandxm

    jonasw, did you check the graphs in http://opensource.clayster.com/lwtsd/Communications/lwtsd/#operations-overview ?

  207. jonasw

    yes, but those don’t show me why you’d use that specification for what

  208. stefandxm

    but yes, examples are coming

  209. jonasw

    and what those resources are etc.

  210. stefandxm

    they are abstract so it may be that ;-)

  211. jonasw

    possibly :)

  212. jonasw

    examples would be great

  213. stefandxm

    yeah. coming

  214. intosi

    Work in progress, thanks for sharing this early!

  215. stefandxm

    also, in the protocol definition it doesnt make sense to "sell in" the protocol itself. but its a bit tough to read from scratch i know that

  216. stefandxm

    in the commercial side we make tutorials and stuff for the protocols but it doesnt make sense to add to the protocol itself

  217. jonasw

    generally it sounds like something I could use myself, but I’m having a hard time to get a quick grasp on what it does

  218. stefandxm

    but xml examples is coming

  219. stefandxm

    its a generic data manipulation for time series data ie data that has a originated time. like sensor data

  220. stefandxm

    it has operations for write and read and subscriptions

  221. stefandxm

    the subscriptions work with triggers (and filters to be in another namespace). but it doesnt push the data it only informs new data is available

  222. stefandxm

    then the consumer needs to re-subscribe within a read to get new notifications

  223. jonasw

    in general, it may be sensible to look at RSM (<https://xmpp.org/extensions/xep-0059.html>), maybe you can re-use some syntax from there

  224. stefandxm

    i dont see how i can apply it in a generic sense

  225. stefandxm

    i want to support paginating in both total data set and within resource data set

  226. stefandxm

    since each resource may include n points

  227. intosi

    That's where RSM is generally useful, provided you have stable ids for every data point within a set.

  228. stefandxm

    it wont

  229. stefandxm

    you may also consider the data as being volatile

  230. intosi

    Then how will you do pagination?

  231. stefandxm

    by seeking and time frames

  232. intosi

    Time range?

  233. jonasw

    stefandxm, if you treat the exact timestamp as ID, you have what you need for RSM, afaict

  234. stefandxm

    but there may be many points on exact same timestamp

  235. intosi

    ^ what jonasw said

  236. intosi

    Not inherently ordered then?

  237. stefandxm

    so the source will have to store them as unique. which is not impossible but then you get modification/upsert hell

  238. intosi

    (within the same timestamp)

  239. stefandxm

    so the id will most likely not be an id in real life scenario

  240. stefandxm

    for me an id should be an id and not a seek index

  241. stefandxm

    so for say a schema where the schema has not changed the id solution makes sense to me

  242. stefandxm

    but not for the data points were ids are not required

  243. intosi

    Fair enough, which is also why MAM has separate start / end timestamps to be used in conjection with RSM

  244. intosi


  245. stefandxm

    the "volatileness" of the data in the data source makes it imo impossible to make seeking/pagination 100% without overhead. but in an application that can be addressed

  246. stefandxm

    but ive never seen a generic approach that works for all applications

  247. stefandxm

    unless you want to remove the "volatileness". which is often doable but not always (demands a lot more resources/memory in the data source)

  248. stefandxm

    btw. this is a moving forward from our side to replace the retracted xeps by peter waher named sensor data, control and the numberless iot events

  249. stefandxm

    and make it more generic and suitable for applications not using "iot"

  250. stefandxm

    the biggest challenge i see with this protocol is making the schema for resources easy to be implement but still extendable. thats why there is a simplified schema and a xmlschema (the element i will rename)

  251. Flow

    If i'm not mistaken the major concern with peter's IoT XEPs was them not being very XMPP idiomatic

  252. stefandxm

    personally i have many concerns with them

  253. stefandxm

    but since they are history its no point to argue about them imo

  254. Flow

    course, that's more a thing of preventing history repeating itself

  255. Flow

    stefandxm: what is a "schema for resources"?

  256. stefandxm

    yeah and thats why we are not sure if going via xsf is the perfect fit. but as long as we try to do it generic and xmpp-ish iam willing to give it a try :)

  257. stefandxm

    flow, describing data types and capabilities

  258. stefandxm

    ie if a resource is an int or a string and if you can read it, write to it and what filters it supports to reduce noise in subscriptions

  259. Flow

    I don't see the challenge exchanging data without prior knowledge about the structure, amount and type of the data

  260. Flow

    And I assume by "capabilities" you mean something like "remote control"? If so, that's also mostly solved by ad-hoc commands I'd guess

  261. stefandxm

    nah, just the stuff i wrote above really

  262. stefandxm

    but they may be done by writes with user specified types

  263. stefandxm

    for me data schematics is always a challenge :-)

  264. stefandxm

    but imo i managed to get it rather neat. but i am not sure everyone will agree hehe

  265. stefandxm

    ok. i believe i updated the xml* thing with new names (now extended schema)

  266. moparisthebest

    are there security concerns with loading up unknown/untrusted schemas that you get sent?

  267. moparisthebest

    I don't really know anything about it, but I'm wondering if you could maliciously replace some XMPP schemas or something

  268. Ge0rG

    jonasw: "Consistent Color Generation" --> "Consistent Nickname Color Generation"

  269. Ge0rG

    or "User"

  270. jonasw

    Ge0rG, there are other use cases for that, such as roster groups

  271. Ge0rG

    jonasw: as it is, the name lacks context.

  272. jonasw

    Ge0rG, comment on that on-list, so I don’t forget when I prepare an update

  273. Ge0rG

    jonasw: I think that having a too-specific qualifier beats no qualifier.

  274. moparisthebest

    I saw it as more generic, like you said, roster entries, bookmarks, etc

  275. moparisthebest

    but yea name doesn't matter

  276. Ge0rG

    moparisthebest: names DO matter.

  277. moparisthebest

    xep names don't matter that much to me

  278. Ge0rG

    moparisthebest: they matter to client devs

  279. moparisthebest

    just curious now, why?

  280. Ge0rG

    moparisthebest: it is already hard enough to find relevant XEPs

  281. stefandxm

    mop: there are concerns with dtd schemas

  282. stefandxm

    mop, so they are defaultly prohibited by most parsers

  283. moparisthebest

    stefandxm, are those the type of schemas you are talking about sending or not?

  284. stefandxm

    these are not

  285. stefandxm

    these are XML Schemas (xsd)

  286. stefandxm

    but if you chose to follow dtds then you may have problems

  287. moparisthebest

    what if I send a schema for, uh, MAM or something but that I maliciously changed, would that overwrite the correct MAM schema?

  288. stefandxm

    i guess that should be a topic yes

  289. stefandxm

    how to properly localize the namespace to the session

  290. moparisthebest

    and that might even be specific to XML libraries or whatever

  291. stefandxm

    or rather just not allow it to replace any existing schemas known to the client

  292. stefandxm

    and only use them for the session

  293. moparisthebest

    just might need to be considered

  294. stefandxm


  295. stefandxm

    very good suggestion

  296. stefandxm

    i shall fix

  297. moparisthebest

    I guess the only danger is if there is not a safe way to do this with any library or XML in general, then the design is inherently insecure and you can't be sending schemas around

  298. moparisthebest

    I would think there is a safe way but I just don't know at all

  299. stefandxm

    there is secure ways

  300. stefandxm

    tbh i never considered someone would do it an non-secure way

  301. stefandxm

    but i think it should be clarified

  302. stefandxm

    in any way this is a more secure way than following URIs

  303. stefandxm

    as long as the xmpp server is secured

  304. stefandxm

    and you only use the schema in the entity to entity session

  305. Tobias

    jonasw, you know about http://tools.medialab.sciences-po.fr/iwanthue/ ?

  306. jonasw

    Tobias, you linked that, yes

  307. Tobias

    ah..k :)

  308. Ge0rG

    Yay, it looks like the psi and psi+ devs got resurrected and released a new version last month!

  309. stefandxm

    moparisthebest: ive added a note on it now

  310. moparisthebest

    Excellent :)

  311. stefandxm

    problem with xml schemas are basically the same as the xml itself. its vulnerable to parse it and its vulnerable not to use it hehe

  312. stefandxm

    another thing along these lines; ive been thinking about the maxOccours in the schemas

  313. stefandxm

    it would make sense to add a sensible max rather than having unbounded

  314. stefandxm

    esp in the requests

  315. stefandxm

    this way its possible for the server to protect the receiver. but it also would mean that basically the clients should tell the server what namespaces they want to filter

  316. stefandxm

    today for instance ejabberd has a max stanza size but its impractical to have it statically defined

  317. stefandxm

    having it defined on say namespace level and client would be a solution

  318. stefandxm

    or namespace, entity (jid) and namespace

  319. dwd

    jonasw, That's weird. I was talking about the existence of this algorithm about an hour and a half before you submitted that.

  320. Ge0rG

    the coloring algorithm?

  321. Ge0rG

    It was discussed in here several times over the last months

  322. dwd

    Yes, I know.

  323. dwd

    I was demonstrating the difference between Gajim and another XMPP client, and Gajim colourizes - I mentioned there was this algorithm knocking about as well.

  324. Ge0rG

    I hope that the proto-XEP will ignite discussion. Hope dies last.

  325. Ge0rG

    I think that jonasw is aiming at a Ph.D. in sensible XMPP client design.

  326. stefandxm

    iam missing the [] Compensate for f.lux on the site

  327. jonasw

    stefandxm, compensating for flux/redshift is definitely out of scope ;-)

  328. jonasw

    (a) that’s time dependent and (b) tricky

  329. Ge0rG

    I think that f.lux compensation should be done display-wide, not in an XMPP client.

  330. jonasw

    dwd, ha, so I can count on your +1 ;)

  331. Ge0rG

    Unless there is an XMPP client that can go back into 1955.

  332. stefandxm

    am i the only one finding it confusing to talk about IM UIs as "xmpp clients"? :)

  333. Ge0rG

    stefandxm: those are different things!

  334. Ge0rG

    Jabber client is the right term, of course.

  335. stefandxm

    i remember the discussion from the summit this spring. i still find it confusing to have a protocol organ for a message bus discussing/voting on UI matters

  336. jonasw

    re-instate the JSF to discuss IM-specific matters for maximum confusion!!!k

  337. stefandxm

    and i cannot see how the expertise can be shared between systems protocols and ui design

  338. stefandxm

    so far ivent met a single proffesional ui designer than can do system protocols and vice versa

  339. Ge0rG

    stefandxm: which is a very pointed explanations of why all Jabber clients suck.

  340. stefandxm

    i think the clients can be good but not all uis

  341. stefandxm

    adium has a great ui but sucky xmpp client

  342. Ge0rG

    stefandxm: I'm not a professional UI designer, but I know a little bit about UX and I am pondering about jabber client design a great deal of time

  343. Ge0rG

    jonasw: "Jabber Software Alliance" or "Business Jabber Alliance" or some such.

  344. stefandxm

    swift im has a horrid ui but a great xmpp client

  345. Ge0rG

    stefandxm: now you made me curious, what's wrong with swift?

  346. stefandxm

    it only supports one account and its ugly :)

  347. Zash

    Incorrect and subjective.

  348. stefandxm

    incorrect in what way?

  349. Zash

    It supports multiple accounts

  350. stefandxm


  351. Zash

    Hidden away tho

  352. stefandxm


  353. stefandxm

    haha speaking of uis

  354. Zash

    Command line flag iirc

  355. Ge0rG

    stefandxm: I think that "ugly" is highly subjective and only a very small influence on the UX

  356. stefandxm

    it doesnt have a "help" either

  357. jonasw

    I’m confident that JabberCat will be awesome ;-)

  358. stefandxm

    georg, an ui that doesnt follow the native look will always be ugly in my book

  359. jonasw

    +1 stefandxm

  360. Ge0rG

    stefandxm: web is the new native.

  361. Zash

    stefandxm: no --help ? whats this then https://q.zash.se/f445feffd14b.txt

  362. stefandxm

    zash was talking about the ui

  363. jonasw

    Ge0rG, noooo

  364. Zash

    stefandxm: I think the goal is to be simple enough to not need a built in help

  365. Ge0rG

    my point is: the look of widgets is secondary to proper usability.

  366. stefandxm

    Number of accounts to open windows for (unsupported)

  367. stefandxm

    multiple windows?

  368. stefandxm

    not a shared contact list?

  369. jonasw

    Ge0rG, the look yes, but the feel not

  370. Ge0rG

    jonasw: true.

  371. Ge0rG

    But I'd rather have a Qt-based client on windows that doesn't drop messages than a native one that can't fulfil basic IM expectations

  372. jonasw

    Qt is close to native on any platform

  373. jonasw

    closer than any web client at least

  374. Zash

    jonasw: Always close, but always feeling slightly off

  375. jonasw

    Zash, but over the uncanny valley, I thnik

  376. Zash

    As someone who grew up with GTK+, all Qt apps look off to me

  377. stefandxm

    on linux iam ok with Qt looking app. on osx its horrid

  378. Ge0rG

    stefandxm: I also think that multi-account support is a power user feature only needed by 1% of Zimpies.

  379. stefandxm

    georg, i dont think tahts true :)

  380. Ge0rG

    stefandxm: but having support for multiple accounts makes the UI much more complex

  381. moparisthebest

    if you really need it you can always use a xmpp->xmpp transport right? :)

  382. stefandxm

    i dont know anyone that has only one im account

  383. jonasw

    Ge0rG, multi-account is tricky, but I think I found a reasonable UX solution for jabbercat

  384. stefandxm

    Ge0rG, sure. but adium does it neatly

  385. jonasw

    stefandxm, I know a lot, all my non-nerd friends

  386. stefandxm

    jonasw, they dont have google etc?

  387. SouL

    What? I feel I'm a normie now, with just one XMPP account.

  388. jonasw

    stefandxm, google doesn’t have any usable XMPP anymore

  389. stefandxm

    i run google hangout, work jid, private jid and icq through one im client

  390. stefandxm

    jonasw, yes they do

  391. SouL

    All my gmail contacts appear as offline

  392. stefandxm

    not mine

  393. stefandxm

    i use it daily

  394. SouL

    How? Is still usable on the gmail page?

  395. Ge0rG

    SouL: gmail f***ed xmpp.

  396. stefandxm

    SouL, yes and with hangout app (included in android)

  397. Ge0rG

    stefandxm: you are the power user.

  398. SouL

    Whaat? That's new to me.

  399. stefandxm

    its been like this since ever

  400. SouL

    Your contacts had to do something, or what, stefandxm?

  401. stefandxm

    they never removed xmpp support

  402. jonasw

    SouL, don’t let yourself be fooled, gmail federation is broken-ish

  403. stefandxm

    SouL, no

  404. stefandxm

    federation is not working no

  405. Ge0rG

    I need a gmail-xmpp using volunteer please, for testing https://github.com/pfleidi/yaxim/issues/201

  406. stefandxm

    but its still xmpp and works great for chatting

  407. Zash

    I may have a multilple accounts, but I only use one, the rest are for testing and stuff.

  408. Zash

    Most of my friends only have one too.

  409. SouL

    Ah man, there's no federation... Then there's nothing new :)

  410. stefandxm

    Ge0rG, you may add me if you want. stefan@skogome.net

  411. Ge0rG

    stefandxm: is that gmail-hosted?

  412. stefandxm


  413. Ge0rG

    stefandxm: thanks, give me a minute to boot my other android.

  414. stefandxm

    but you need to be friends

  415. stefandxm

    so its traditional xmpp

  416. Ge0rG

    stefandxm: I don't have a mac unfortunately, so I can't check adium.

  417. stefandxm

    pidgin also works

  418. stefandxm

    i run pidgin on linux for same reasons as i run adium on mac

  419. Ge0rG

    but pidgin!

  420. stefandxm

    pidgin is great ui. but sucky xmpp client =)

  421. Ge0rG

    all xmpp clients suck. Especially the Jabber ones.

  422. Zash

    Which one(s) suck less?

  423. Ge0rG

    mutt. Oh, wait.

  424. stefandxm

    i havent been able to start swift im on linux

  425. stefandxm

    dependency hell

  426. jonasw

    Ge0rG, mutt with that french xmpp<->imap gateway?

  427. stefandxm

    (and it didnt compile)

  428. Ge0rG

    jonasw: I don't even want to imagine _that_.

  429. jonasw


  430. jonasw

    Ge0rG, heard of deltachat?

  431. jonasw

    .oO(deltachat in front of imap<->xmpp gateway :-O)

  432. Holger

    stefandxm: https://github.com/swift/swift/blob/master/BuildTools/InstallSwiftDependencies.sh

  433. Zash

    IMAP is pretty cool, why else would they be trying to kill and replace it with some JSON garbage?

  434. Holger

    ... works for me.

  435. jonasw

    for extra fun

  436. stefandxm

    Holger, i dont use any of those distros

  437. stefandxm

    so would give Unsupported system if i tried

  438. stefandxm

    or wait, it had a || there

  439. jonasw

    I always find it odd when people who use interesting exotic distributions complain about difficulties building and installing software :)

  440. stefandxm

    it might work now then

  441. stefandxm

    but last time it didnt

  442. stefandxm

    jonasw, why?

  443. moparisthebest

    wait there is an imap/xmpp gateway?

  444. stefandxm

    jonasw, i think the more you know about linux the more problem you will have with dependencies

  445. Zash

    I must know nothing then.

  446. moparisthebest

    stefandxm, just curious, which distro?

  447. stefandxm

    linux mint kde on this one

  448. stefandxm

    quite horrible tbh

  449. moparisthebest

    that's just ubuntu with some extra repos pretty sure?

  450. stefandxm

    but i gave up on debian experimental after the third broken upgrade in a year >D

  451. stefandxm

    moparisthebest, true and not true

  452. moparisthebest

    oh, actualy, Holger 's script has a LinuxMint entry, same as Ubuntu

  453. stefandxm

    i know

  454. stefandxm

    i commentented on it above :)

  455. stefandxm

    but linux mint versions are not interchangeable

  456. stefandxm

    same as with debian of course

  457. Zash

    Isn't the purpose of Debian experimental to be horribly broken?

  458. tux


  459. stefandxm

    sure is

  460. stefandxm

    but only way to get updated packages

  461. tux has relatively good experience with debian unstable, if you know what you are doing

  462. moparisthebest

    yea, I used Kubuntu for about 10 years but 16.04 broke everything so bad I switched to Arch and have been rather happy with that for a year

  463. moparisthebest

    breaks less than debian unstable from what I gather, but still newest everything

  464. stefandxm

    tux, me too.. for a long while =)

  465. Ge0rG

    there are three flavors of debian: rusty, stale and broken.

  466. SouL

    Did you consider KDE Neon, moparisthebest?

  467. tux

    by the way: I just verified that a current PSI+ can be built with Debian Stable. I'll do a backport pacakge in the near future.

  468. jonasw

    tux, you’re a debian developer?

  469. moparisthebest

    SouL, ah KDE neon, I tried it and it was still a bit too broken, and that was before they discovered they didn't enable PGP package signing and also left their package repo open for anyone to upload files to... :)

  470. moparisthebest

    SouL, that would be https://www.kde.org/info/security/advisory-20161114-1.txt

  471. tux

    jonasw: nope, never really got around to do that, but I know how to build debian packages

  472. SouL

    moparisthebest, I downloaded it two months ago and it is what I'm using, since I was using Kubuntu too, before.

  473. moparisthebest

    did they start signing packages with PGP yet?

  474. moparisthebest

    otherwise I'd stay far away just for security reasons

  475. moparisthebest

    glad it works well now though, I tried around July 2016

  476. Ge0rG

    Gmail is weird. it reflects my own presence to me.

  477. Holger

    Isn't that standard behavior?

  478. Ge0rG

    Holger: I mean the presence of my own full JID, not of my other sessions

  479. Holger

    Ge0rG: "The user's server MUST also send the presence stanza to all of the user's available resources (including the resource that generated the presence notification in the first place)."

  480. Holger

    Or am I missing something?

  481. Ge0rG

    Holger: whoops. Then it's just the first time I notice this. Thanks for clarifying

  482. nyco

    hey SCAM team members, we have a booth at the POSS, Paris Open Source Summit

  483. nyco


  484. nyco

    the stand will be on V29

  485. nyco

    Guus, Daniel...

  486. nyco

    europeans, join!

  487. tux

    Interesting, this afternoon I thought about how nowadays one must also take the hash colour into account when creating a nick name, then I thought about how to ensure that every colouring scheme is identical and now there is this: https://xmpp.org/extensions/inbox/colors.html

  488. tux

    Though I have mixed feelings about the color inversion - maybe have to try this out on a demonstrator.

  489. tux

    Or maybe the luminosity (Y) should be adapted instead.

  490. tux

    Is it customary to reply to the XMPP extension proposals?

  491. jonasw

    tux, sure, feel free

  492. jonasw

    adapting luminosity would be more a heuristic, mixing with the inverse does work, I have sapmles

  493. tux


  494. jonasw

    (esp. adapting Y doesn’t work for coloured backgrounds)

  495. tux

    I just felt more natural to do these conversions in the YCbCr colour space

  496. jonasw

    that’s quite tricky I’m afraid

  497. jonasw

    because YCbCr is not additive

  498. jonasw

    RGB is, which is why the inversion-and-mixing thing works

  499. tux


  500. tux

    jonasw: in 5.4 the formulas don't give values for KR and KB

  501. jonasw

    tux, no mixing: https://sotecware.net/files/persistent/colors-xep/unmixed-bg.svg mixing: https://sotecware.net/files/persistent/colors-xep/mixed-bg.svg

  502. stefandxm

    i am curious when this is wanted at all?

  503. stefandxm

    does people want nick name colorization in chats?

  504. jonasw

    stefandxm, yes, they do

  505. tux uses that feature

  506. jonasw

    and also for avatars its great

  507. Zash

    Are there any algorithms for identifying words with similar 'shape'?

  508. stefandxm

    wont it just be a huge christmas tree?

  509. tux

    jonasw: I see, thanks for the sample :)

  510. stefandxm

    i remember i tried it on irc back in the days and it was dreadful

  511. jonasw

    Zash, I doubt it

  512. jonasw

    stefandxm, the xep also specifies that there MUST be a switch to turn it off, so...

  513. moparisthebest

    stefandxm, well persistence and standardization would help, all my clients color nicks, but differently across clients and even in the same chat, sometimes

  514. jonasw

    tux, you can mention the missing constants on-list

  515. tux

    stefandxm: Setting a good luminosity is key.

  516. jonasw

    they’re easy to find anywhere on the internet though

  517. tux

    jonasw: ack

  518. Zash

    stefandxm: looks fine to me: https://www.zash.se/upload/28QwkNpsRR5s.png

  519. stefandxm

    thats horrible to me :)

  520. tux

    maybe, but in a "we want to ensure everybody does the same thing" specification they should be mentioned.

  521. stefandxm

    because when you apply highlights and notifications they get drowned our have to be even more shouty (as in your example)

  522. moparisthebest

    so yesterday, to avoid highlighting them needlessly I'll change the name, gajim set both Buus and Be0rG to the same color and on glance I was confusing them

  523. jonasw

    moparisthebest, with XEP-XXXX, you can at least be sure that it will always happen, if it happens ;)

  524. jonasw

    doesn’t happen though, they have very different xorred crc32 values

  525. moparisthebest

    jonasw, that might be interesting, have sample color lists for say, this muc?

  526. moparisthebest

    or maybe #archlinux on freenode, some concrete real-life examples

  527. jonasw

    moparisthebest, can do

  528. jonasw

    may do soon

  529. jonasw

    I have it implemented for avatar surrogates in my client, but I obviously can’t easily show you a screenshot of my roster ...

  530. Ge0rG

    We really need some easy-to-setup test account with fake roster entries and fake presence.

  531. tux

    The discussion on whether there should be nick coloring is not really relevant, though. The thing is happening and the best reaction is IMHO to give it a good direction early on. (As with the proposed XEP.)

  532. moparisthebest

    also I'm a little colorblind so I hesitate to comment on actual colors, but I'll be able to tell if they look different enough for me, and others can look as well

  533. tux

    The decision is only if there should be a common scheme or if things just go wild.

  534. moparisthebest

    well, things are going wild right now

  535. jonasw

    moparisthebest, uuuuh

  536. moparisthebest

    this optionally adds a common scheme :)

  537. jonasw

    if you’d be willing to see how the color blind profiles work, let me know

  538. jonasw

    if you’d be willing to see how well the color blind profiles work, let me know

  539. jonasw

    until now I only have one sample (with a red/green blind person)

  540. moparisthebest

    sure jonasw , I'm not sure what I have is exactly called, but I see like, certain browns as army green, not positive

  541. jonasw

    that could be a light red/green defiency

  542. jonasw

    we should talk later, I’ll be off for half an our or something

  543. moparisthebest

    yep, I looked up the exact word one day but have forgotten :)

  544. jonasw


  545. jonasw

    moparisthebest, https://sotecware.net/files/noindex/users.svg

  546. jonasw

    moparisthebest, refreshed with three color columns, which are: plain, red/green-blindness corrected, blue-blindness corrected

  547. pep.

    I'm blue/purple-ish!

  548. pep.

    jonasw, how many colors is this?

  549. mimi89999

    jonasw: I don't get that thing...

  550. pep.

    jonasw, why do you care for color-blindness? It's just to quickly identify people right? you don't care if color-blind people don't see the same color as others?

  551. pep.

    It's not like people were going to compare colors

  552. pep.

    Or am I missing something?

  553. intosi

    Colour rotating nickname sets, that will be a thing.

  554. mimi89999

    intosi: 👍

  555. jonasw

    pep., the issue is that the deficiencies affect different ranges of the color space differently, so we can do better by avoiding those ranges

  556. jonasw

    pep., I don’t understand the question "how many colors"

  557. jonasw

    it’s as many colors as there are names

  558. jonasw

    up to 2^16 (due to folding crc32 into an unsigned 16 bit integer)

  559. pep.


  560. jonasw

    mimi89999, what’s your question?

  561. mimi89999

    jonasw: What is that svg about?

  562. jonasw

    mimi89999, it shows the colors the ProtoXEP which was announced on standards@ generates for the nicknames in this room

  563. jonasw

    in three variants, from left to right: "normal", "corrected for red/green-deficiency", "corrected for blue-deficiency"

  564. jonasw

    Ge0rG, I agree. I already thought about how to set that up. maybe some prosody docker image with pre-configured accounts

  565. jonasw

    I have a testbed, but it’s rather small, not large enough to effectively test the coloring things

  566. tux

    How about scraping sth like Twitter for a nickname set?

  567. SouL

    Aren't there libraries like faker for python? For stuff like that

  568. moparisthebest

    jonasw, thanks so, those columns, and again, I don't know if I'm seeing what you are seeing

  569. jonasw

    SouL, you still need to set up accounts etc.

  570. moparisthebest

    the middle column, is mostly pink/orange

  571. jonasw

    and add clients

  572. moparisthebest

    jonasw, you, kev, la|r|ma have *identical* orange colors, in the middle column

  573. moparisthebest

    is that what you see or no

  574. jonasw

    yes, that’s in all columns the case

  575. moparisthebest

    oh, right

  576. jonasw

    doesn’t matter that much really

  577. moparisthebest

    the middle seems the worst to me though, almost everyone is pink

  578. jonasw

    moparisthebest, interesting, and possibly bad

  579. moparisthebest

    is that what you see or not? :)

  580. jonasw


  581. jonasw

    there are some oranges in there

  582. moparisthebest

    it's subtely different shades of pink, but, mostly pink

  583. jonasw

    moparisthebest, reload

  584. moparisthebest

    maybe better, I was going to say all shades of green, but that's mostly at top

  585. moparisthebest

    no actually I think that is far better

  586. jonasw

    I think too

  587. moparisthebest

    again just for my eyes might be worse for everyone else who knows

  588. jonasw

    no, I think that makes sense

  589. jonasw

    in case of doubt is green easier on the eyes compared to pink

  590. jonasw

    simply because one is evolutionary more used to green tones and we can distinguish more shades of green

  591. moparisthebest

    above my head, seems to make sense though

  592. moparisthebest

    out of those 3 profiles I prefer middle for sure, I preferred left before

  593. jonasw

    moparisthebest, prefer it visually, or from being able to distinguish colors?

  594. moparisthebest

    seems more distinguishable yes

  595. jonasw

    moparisthebest, great :-)

  596. jonasw


  597. moparisthebest

    the left has a bunch of 2 or 3 in a row of almost identical shades

  598. jonasw

    can you reload once more?

  599. moparisthebest

    more blue-ish than green-ish ?

  600. jonasw

    maybe, not sure

  601. jonasw

    anyways, thanks for your input

  602. moparisthebest

    Bunneh, and next two, I hate highlighting random people

  603. moparisthebest

    the green sticks out more there, to me

  604. jonasw

    more than the shades on the left?

  605. moparisthebest

    no not in that case

  606. moparisthebest

    it does seem to have groups of the same color in a row, like groups of 2 and sometimes 3

  607. moparisthebest

    for alphabetical names that's bad, not sure if there is a solution though

  608. jonasw

    moparisthebest, I thnik that may be a property of CRC32 :/

  609. moparisthebest

    jonasw, what if you used something else, md5, Adler-32, Fletcher-32 ?

  610. jonasw

    adler32 is worse on those short inputs

  611. jonasw

    (tried it)

  612. jonasw

    18:43:19 jonasw> crytographic hash functinos are generally a bit better 18:44:36 jonasw> but people complain that those are hard to implement / have high overhead 18:44:50 jonasw> and even in those cases there are still close nicknames which aren’t ideal

  613. jonasw

    ahh, salting the CRC32 with 256 bits does something good

  614. jonasw

    moparisthebest, care to reload?

  615. moparisthebest

    I'm not sure md5 is hard or has high overhead :/

  616. moparisthebest

    yea hang on

  617. moparisthebest

    I think that's worse, look at tu-x and next 3

  618. moparisthebest

    next 2 I mean, also it still has the every few being the same

  619. Zash

    That graph says otherwise ;)

  620. jonasw

    moparisthebest, I don’t think that’s a bad thing in that special case. they differ by their first letter, so your brain generally can distinguish them well

  621. jonasw

    moparisthebest, re performance: https://sotecware.net/images/dont-puush-me/9n701UwrIuU2NFuTexy7rFpu3Auf7zbQlVsEyFTVqAM.png

  622. jonasw

    so md5/sha1 are an order of magnitude slower than CRC32 on those input sizes

  623. moparisthebest

    are we talking about the difference in 0.01s and 0.02s for all participants in a typically sized muc ?

  624. moparisthebest

    because, who cares

  625. jonasw

    moparisthebest, first, implementations may not always be able to cache the colors (daniel brought that up)

  626. moparisthebest

    I think it might even be less than that?

  627. jonasw

    it’s a factor of three in that region

  628. jonasw

    lowering slowly to 2.5 at the right edge of the reasonable range for nicknames and such

  629. moparisthebest

    3 times slower than a millionth of a second?

  630. Guus

    Link Mauve, you here?

  631. daniel

    Well maybe we should try md5. If it looks better we might want to live with it

  632. jonasw

    daniel, it does, but salting CRC32 with 64 bytes does the trick

  633. jonasw

    and is still fast

  634. moparisthebest

    unless I'm reading the graph wrong, 3/1,000,000s is technically 3x slower than 1/1,000,000s, but still well within the no one cares range

  635. jonasw

    moparisthebest, reload for md5-based colors

  636. jonasw

    I don’t think it does a lot of good

  637. moparisthebest

    hmm disappointing I agree it's basically the same issue

  638. moparisthebest

    sha1 doesn't do better either?

  639. moparisthebest

    is it not fixable based on low bytecount or can we just throw algorithms at it until one sticks :)

  640. jonasw

    moparisthebest, I think it’s not fixable due to the low amount of colours we can distinguish

  641. jonasw

    but indeed, we need to specify a salt input for CRC32, that improves things massively

  642. tux

    jonasw: is there a reason you're using crc instead of sha?

  643. tux

    Ah, nvw. Just read your answer to the question.

  644. tux

    Though I think that the processing time is not relevant here.

  645. moparisthebest

    tux: I don't think processing speed matters either here but md5 also wasn't any better so :(

  646. Link Mauve

    Guus, now I am.