Guus, Ge0rG: Coming back to the 'new' Foundations discussion. My intention is a) focus on important issues in the xmpp comunity in general b) maybe put paid devs on these task or specific clients which are likey to improve the UX of xmpp in general (yes, money is an issue i know) c) build a platform/website to show what xmpp can do for standard users who never heard of xmpp before d) may provide general information about the network (number of users, how does xmpp work etc) - you get what my intention is? I dont talk about if that's likely to happen. I ask whether is the right way?
lumihas joined
Guus
emxp: I don't know. There likely is not one right way. If you see value in it, by all means.
Ge0rG
emxp:
(a) yes, 100%. I'm trying that for a while now.
(b) not only money is an issue, fair distribution of the money is as well.
(c) I'm not sure people are reading such websites, but it might attract some nerds / multipliers, so yeah! I wish we could host it on jabber.org...
(d) that's actually hard. The XSF is trying to, but you can hardly get reliable data from a federated system like XMPP
danielhas left
danielhas left
danielhas left
Tobiashas left
danielhas left
Tobiashas left
daniel
If you are good at fund raising by all means go ahead. I don't think developers will say no to money
daniel
Ironically fund raising is a full time job. So as soon as you start you'll have to raise enough money to at least pay your own salary
Tobiashas left
Flowhas joined
lskdjfhas joined
danielhas left
tim@boese-ban.dehas joined
Ge0rG
daniel: actually, to pay for two people.
tim@boese-ban.dehas joined
Ge0rG
...so that you have one effective developer
daniel
My personal approach is to create a sustainable business model. I know that's quite revolutionary idea in today's world. But you it might be more... sustainable...
zinid
sustainable model is to get hired :D
mathieui
daniel, did you think about pitching your idea to a VC to get funding? :p
daniel
zinid, only if that company itself has a sustainable business model. i'm sure the matrix developer can agree
Martinhas left
Martinhas joined
danielhas left
Ge0rG
I've heard that Erlang an C++ developers are in high demand...
emxp
daniel, Ge0rG: For me there is no direct discussion of fairness. the foundation can act transparent, only invest in open source code and only spend money to task/work they all agree to. based on some principles - opensource, leading for xmpp, of intrest for xmpp community etc.. If people dont agree to those projects, they wont spend. so the foundation is forced to define task which are in the interest of most xmpp users somehow... or they can define task, the necessary effort, and let people donate and offer like 10-20% of the necessary amount. It's better to have a central plattform to collect task, than wait for third party aproaches maybe
danielhas left
emxp
I think most people, dont like to donate, if they have no idea, about where the money goes
Kev
Pushing only OSS projects sounds like a Really Bad Idea, given where so much of the XSF's expertise and effort has come from over the years.
mathieui
Kev, yeah, although I can see the point if people are donating the funding
jubalhhas joined
emxp
mathieui: what do you mean exactly
emxp
Kev: Just an example. What software would you suggest to support?
Zash
Some may find it weird to donate to commercial projects.
Kev
Ah, this is a separate 'pay for software' foundation? I thought you meant the XSF.
Kev
If it's some 'pay for opensource XMPP foundation', it's fine to focus on open source.
Kev
Zash: Sure, so it has to be both non-commercial and open source? :)
Ge0rG
Kev: I think that OSS is the only way to ensure that the software won't just fold up and die at any moment in time after or before the funding stops.
Kev
Ge0rG: I don't think OSS ensures that at all. But I understand what you mean.
Ge0rG
Kev: with closed source, there is no way at all to achieve that.
Ge0rG
Kev: and there are many viable business models around OSS, so I don't think this is about offending commercial closed-source providers.
Kev
Also not true, but it's harder to get anyone to agree to it.
Ge0rG
Kev: it's always hard to agree on how to spend money. Your first remark is a good example of that.
fp-testerhas left
fp-testerhas joined
Kev
Ge0rG: If the business model is viable, we don't need a new foundation to be fundraising to inject money, I suppose? :)
Ge0rG
Kev: so we need to focus our money on non-viable business models. Wow, that sounds like a very awful framing of paying for non-commercial OSS development.
Kev
I don't have any problem with someone running a "raise money and we'll give it to projects" org, BTW. I misunderstood and thought it was suggested to do it through the XSF, which I disagree with.
Kev
I think the prospect is filled with difficulties, but as long as it's not the XSF that's shouldering them, more people working in XMPP is good :)
Ge0rG
The more I think about it, the more I like the idea of resurrecting the Jabber Software Foundation.
Which is my second "it used to be more appropriate in the past" epiphany after "message routing was better before Carbons, and we should try to get back to it"
Ge0rG: I suddenly have this urge to tell you something along the lines of "I told you so"
Ge0rG
Kev: I've been pondering about how to improve the message routing mess we are currently in, and my proposal for a future XMPP would be this:
- messages to the bare JID are persistent, routed to all online resoures and archived
- messages to a full JID are ephemeral, only routed to the target full JID (or bounced) and not stored.
Ge0rG
- resource locking must be burned with fire.
Ge0rG
and this is very close to XMPP message routing rules pre-Carbons
Kev
I'm fine with that in principle, although we're not ready for "resource locking must be burned with fire." because of not having a sensible caps story yet, but we could get there. We need to anyway, because of carbons.
Ge0rG
Except there is no sane way to get from here to there.
Ge0rG
Kev: because of carbons and archives.
MattJ
There are ways though
Ge0rG
and race conditions.
Kev
The idea of not doing full-JID fallback is sensible enough, in a MAM world.
Kev
But only if you archive. Hmm.
Ge0rG
Kev: if we make full-JID synonymous with ephemeral, there is no need for fallback.
fp-testerhas left
Ge0rG
But reassigning the semantics of full-JID is a tough call.
Kev
Except for requiring a forklift upgrade.
fp-testerhas joined
Ge0rG
Kev: I'm open to less radical suggestions.
Kev
I was trying to think through whether it was possible for a 'modern' client on a 'modern' server to accept messages in 'old' style, but still do sensible things.
Ge0rG
Kev: but I think it's important that we analyze the situation we are in, determine that it's a huge mess, and have a vision of where we want to be in X years.
Kev
I guess there is.
Kev
If we in some way mark sessions as being xmpp 1 or xmpp 2.
Zash
Design from the top instead of the bottom?
Ge0rG
Kev: https://wiki.xmpp.org/web/XMPP_2.0 ;)
Kev
Ge0rG: I don't disagree with that. I've been trying to do this for some time.
Kev
(that being working a way out of the mess)
Ge0rG
and I'd love that vision to be "XMPP(-IM) is a transport protocol to synchronize a message history between a user's devices on login and live.
Ge0rG
plus what we have with presence, that's working well more or less.
Kev
I think a long session at the next summit would be justified.
Ge0rG
Zash: yeah.
Ge0rG
Kev: +1 to that, though I don't know yet if I can attend.
Kev
Or a fully-virtual summit.
Zash
Ge0rG: Yeah, I too have this feeling that we've built a bunch of things that we don't know how they are supposed to fit togeather.
Kev
Or just a video chat between interested parties. Whatever.
Kev
I don't think IM/mail is the most productive way to work through such a core issue.
Kev
(But I could be wrong)
Ge0rG
Kev: I think that whoever is going to attend a live meeting needs to understand the problem first.
Zash
FOSDEM isn't too far away?
Ge0rG
Zash: it's not just a feeling, it's our current situation. Have a look at the interop between MAM and MUC, MUC and Carbons, etc.
Ge0rG
Even presence in MUC is a challenge.
Ge0rG
And the current situation is sufficiently f***ed up that we can't fix it by piling more protocols on top.
Kev
I think needing to understand the problem is why high-bandwidth is useful.
Kev
I'm not at all convinced that it can't be fixed by building on top, though.
Ge0rG
I'm pondering about writing something long-ish to explain the problem as I see it and possible solution directions
Zash
Ge0rG: MAM, MUC, Carbons, SM, Push, CSI etc
danielhas left
Ge0rG
Zash: yeah.
tim@boese-ban.dehas joined
Kev
All your examples there included MUC.
Zash
And the number of things involved has grown to be more numerous than what fits in my head
Kev
Binning MUC and replacing it might be an idea...
Ge0rG
Kev: what Zash said.
Ge0rG
Kev: how should Carbons and MAM interact with 0184 ACKs for example?
Kev
I think they're all necessary. Whether they're called individual things, or xmpp2core just gets really long.
Kev
You need archiving, you need groupchat, you need routing rules, you need app-level acks, you need push, you need bandwidth management...
Ge0rG
Kev: all those things are needed, yes.
Ge0rG
Kev: that's not the question. The question is how to make them work together.
Ge0rG
They are all individual patches for individual problems, and they interop badly.
stefandxmhas left
Kev
I'm far from saying everything's perfect. I challenge the notion that things can't be fixed without binning the core, though.
Kev
And we certainly need The Big Picture sorted.
Ge0rG
Kev: this is not about binning the core.
Ge0rG
Kev: but about some of the assumptions it made that are not appropriate any more.
Kev
You'll remember (you won't, actually, because it was before your time :)) that I started a protoXEP for this many many years ago, but we didn't have the building blocks to solve it. It was in the days before MAM et al.
Ge0rG
Kev: I'm not intending to replace XMPP with JSON-REST. But I want to start from The Big Picture and see what needs to be changed to make XMPP2 work well.
Martinhas left
Martinhas joined
Kev
I'm very much in favour of big-picture here.
emxphas joined
la|r|mahas left
emxp
Kev: Yes, i was talking about a different organsisation and if my thoughts are senseful
Zash
And big-picture needs a big whiteboard! :)
Kev
Maybe Ge0rG should publish a Thought-A-Day on each of the problems he sees with the current state, so it's not TL;DR, and at the end of the series we've got the full picture :D
jonasw
Kev, I thnik he started a blog series :)
Kev
Odd, I thought I had planet jabber in my feed.
jonasw
does the xmpp.org blog federate to that?
zinid
I'm lost, xmpp2.0 is coming?
zinid
just don't use XML anymore :)
Zash
funny
valohas left
valohas joined
emxphas joined
zinid
or JSON if that matters
zinid
JSON is XML of nowadays
zinid
kids from 2030s will laught at us again
Kevhas left
Zash
Wake me up when ASN.1 is cool again
zinid
never?
zinid
it's not modern, ya know
zinid
protocol buffers is THE THING
Yagizahas left
Ge0rG
actually, protocol buffers is one of the saner protocol designs.
jonasw
Zash, ASN.1 over XML over JSON over HTTP over XMPP over VTEP
jonasw
Ge0rG, I’m not convinced by their implicit defaults.
Ge0rG
Kev: I've started a blog post series on "Easy XMPP", which is different. I think for this one, I'd rather go with my personal blog and the "xmpp" tag there.
Ge0rG
jonasw: admittedly, I haven't had a deep dive into it. But any protocol that doesn't implicitly encode data lengths and uses escapable special markers is sane for me.
Zash
jonasw: Considering ASN.1 being something of a schema thing, and the existence of an XML encoding of it ... I wonder if there's a JSON one yet.
Ge0rG
https://blog.plan99.net/its-time-to-kill-the-web-974a9fe80c89 was an awesome post showing that all the modern web protocols actually fail the same way the US telephone network did in the 70ies. Mixing of meta-data and data.
Zash
Make Gohper Great Again
Ge0rG
The author is calling it "buffer overflows" and meaning "lack of explicit buffer lengths", but it's all the same story.
Zash
Don't LangSec people say that that's a giant security hole too?
Ge0rG
Zash: that what?
Ge0rG
Kev: I'm just not sure if I can start with individual problems and somehow arrive at the big picture.
Zash
Whop's, bit got flipped in the length field and everything turned into a giant buffer overflow!
Zash
Something something length fields don't fit into some simpler language category?
zinid
Ge0rG: why not prefix length? you can parse it in parallel, unlike scanning
Zash
Because Heartbleed?
Zash
Length prefixed fields helped so much there
Ge0rG
Zash: the issue with heartbleed was conflicting length fields.
zinid
Zash: using same logic I would say don't use C then
jonasw
zinid, that’s a reasonable statement :-)
Guushas left
zinid
well, yes :)
Ge0rG
Zash: besides, my point wasn't that old protocols are sane, just that the current ones are mad.
stefandxmhas joined
Martinhas left
Martinhas joined
zinid
yeah, like http2
zinid
tcp over http, wtf...
Zash
Gotta let Google have their optimizations
zinid
right, today everyone is accepting what Google suggests, to be exact, what's good for their bussiness
zinid
IETF is degrading
SouLhas left
Ge0rG
W3C has fallen.
Ge0rG
zinid: https://jacquesmattheij.com/the-web-in-2050 is for you :P
danielhas left
zinid
Ge0rG: wait, I didn't finish reading your first article (about kill web)
nycohas left
nycohas joined
stefandxmhas left
tim@boese-ban.dehas joined
zinid
Ge0rG: for the record, from your article:
> The fix: All buffers should be length prefixed from database, to frontend server, to user interface. There should never be a need to scan something for magic characters to determine where it ends. Note that this requires binary protocols, formats and UI logic throughout the entire stack.
tim@boese-ban.dehas joined
Zash
I forget where I read it, but you shouldn't underestimate human-readable protocols and formats. At least not for early versions. Later versions being binary might be sensible.
Zash
It was kinda cool way back in the day to open the XML console and see something that made sense.
Zash
Or View Source and reading the HTML and stuff.
Zash
can't do that anymore tho, not with all the minifications and whatnot.
zinid
Zash: yes, it was cool because there were no encryption, I used tcpflow for this ;)
Holger
Not sure why $length:$readable_data would be impossible though.
zinid
actually, there can be well-defined mechanism to dump structures in human-readable form
zinid
like they do for WebAssembly
danielhas joined
Guushas left
Zash
Do binary protocols usually have that tho?
Zash
Like, included by default and accessible?
jonasw
Zash, protobuf does
zinid
Zash: I don't think so, but it's not that hard to write rules how to dump protobuffs structures for example
jonasw
Zash, $homebrewbinary probably doesn’t
zinid
and dumping structures is trivial and not error prone (almost)
zinid
unlike parsing them
Zash
Sure sure, but text formats make it really easy to get into fiddling with things, which helps with early adoption.
Zash
Of course it comes back to bite you later, but still.
jonasw
*shrug*
jonasw
XML worksforme
Guushas left
zinid
this is the same argument as Python vs Haskell
zinid
Python will bite you later for sure
zinid
duck typing accepts no excuses
Zash
Duckt tapeing ftw
jonasw
duct taping?
jonasw
kinky
Zash
DuckDuckTape?
Ge0rG
Holger: it's not impossible with human-readable formats, but then you end up with whitespace or newline in the wrong place and the parser freaks out :(
jonasw
Ge0rG, #poezio? ;-)
zinid
anyway, I'm relaxed, because I implemented XML codec for ejabberd, it does the same as asn.1/protobufs/etc and it works (despite everyone cries you should not validate)
Ge0rG
jonasw: no way :P
jonasw
Ge0rG, a good example of a working system is the chunked HTTP encoding
danielhas left
danielhas joined
Ge0rG
jonasw: how many HTTP entities will accept unix LF instead of CRLF, what do you think?
lskdjfhas left
lskdjfhas joined
jonasw
Ge0rG, right, it’s CRLF
Zash
The finer points HTTP header syntax will make you mad
jonasw
Zash, I’ve seen a fun talk about that
jonasw
forgot how it was called
Ge0rG
jonasw: also is there a CRLF at the end? https://stackoverflow.com/questions/33878377/why-are-some-servers-not-using-crlf-after-the-last-chunk-length-of-zero ;)
jonasw
but they made ascii-art out of well-formed HTTP headers, soo....
jonasw
TIL there are trailers
Ge0rG
movie trailes? or the ones you live in?
stefandxmhas joined
jonasw
Ge0rG, the ones behind the last chunk in chunked transfer encoding
jonasw
read the answer you linked :)
Ge0rG
Oh. My. God.
jerehas joined
SouLhas left
jcbrandhas left
ralphmhas left
lovetoxhas joined
vanitasvitaehas left
valohas joined
danielhas left
danielhas joined
tim@boese-ban.dehas joined
tim@boese-ban.dehas joined
jcbrandhas joined
jerehas joined
emxphas left
jerehas joined
Ge0rGhas left
waqashas joined
ralphmhas left
dwdhas left
dwdhas joined
emxphas joined
valohas joined
SamWhitedhas joined
vanitasvitaehas joined
Martinhas left
danielhas left
danielhas joined
stefandxmhas left
stefandxmhas joined
mimi89999has joined
Martinhas joined
Valerianhas joined
danielhas left
Alexhas joined
SamWhitedhas joined
edhelashas left
edhelashas joined
xnyhpshas left
Tobiashas left
SamWhited
> tcp over http
I start twitching every time I hear that because it makes me think of BOSH…
Holgerhas left
danielhas left
Holgerhas joined
stefandxmhas left
stefandxmhas joined
Martinhas left
Martinhas joined
danielhas left
zinid
bosh... plz god no
Holgerhas left
Zash
speaking of which, anyone feel like going around the interwebz and purging old pre-standard xmpp-over-websockets implementations?
MattJ
Sorry, I have a soft spot for BOSH
zinid
I have a bunch of issues related to mod_bosh, it's brutally hard to debug with all that overcomplicated sid/rid/cid crap
zinid
just terrible protocol
Holgerhas joined
SamWhited
Indeed… impossible to debug, hard to implement in any reasonable way, can't really be decoupled from the underlying thing it's transporting (although the XMPP over websocket protocol is that way too)
Zash
Thanks Web & JavaScript!
SamWhited
it's a right pain.
Ge0rG
There is a followup to kill-the-web: https://blog.plan99.net/what-should-follow-the-web-8dcbbeaccd93
Martinhas left
Zash
CORBA YEAAAAAh
fippo
have you heard of dns over http aka DOH?
Zash
fippo: It needs moar JSON
Martinhas joined
zinid
Can't we deprecate bosh btw? Do we still need it when we have websockets?
pep.
https://caniuse.com/websockets I suppose we could
Ge0rG
zinid: are you going to pay the developers of all BOSH clients to migrate?
Ge0rG
Also I wonder how that will work with TCP interruptions, bad firewalls / web firewalls, etc.
Ge0rG
Also how good is WebSocket library support for non-webbrowser applications?
Zash
Maybe we should have standardized two xmpp-over-websocket versions. One with WebJS fiddlery and one that's just the same as TCP but over WS
Zash
Does Websockets work with all those restrictive corporate firewalls that are forcing everything into becoming https on 443?
Ge0rG
Zash: I think WS is masquerading as HTTPS, but of course with irregular traffic patterns.
Ge0rG
Zash: so it will work with the subset of firewalls that don't look too deeply into the traffic and don't have low timeouts
danielhas left
danielhas left
la|r|mahas joined
la|r|mahas joined
danielhas left
lumihas joined
ralphmhas joined
Yagizahas joined
Holgerhas left
Holgerhas joined
efrithas joined
moparisthebest
zinid, excellent work on TLS SRV patch :)
zinid
> are you going to pay the developers of all BOSH clients to migrate?
Wow, we now care about backward compatibility? What about private storage, vcard avatars, privacy lists? Who payed the developers?
zinid
moparisthebest: thanks
mathieui
zinid, nobody, and most clients are still using private storage
zinid
regarding firewalls: it's just https traffice, timeouts will be handled by stream management
zinid
mathieui: I know ;)
dwd
zinid, I think we still need BOSH. We have to use it on occasion.
moparisthebest
I'm biased, but I think web clients use websockets, and non-web clients use direct TLS, both are equivalent when over 443 as far as evil firewalls go
zinid
moparisthebest: I think this webby stuff is mostly for browsers now, no?
zinid
not sure why would a non-web client use bosh/ws
moparisthebest
iirc gajim has a bosh implementation
moparisthebest
but I agree it *should* be
zinid
dwd: can't we use ws occasionally? :)
dwd
We experience browsers with websockets explicitly disabled. This is far from ideal, but still, they exist.
moparisthebest
dwd, I didn't know that was a possibility
mathieui
zinid, when you have no other choice for direct connection, ws/bosh in desktop clients seem like a nice fit
Kev
We experience browsers too old to websocket, too.
Kev
(Yes, yes, I know, I know, but they do)
mathieui
hopefully they will be 0dayed into history before long
zinid
damn, so I need to fix those mod_bosh bugs :(
zinid
thank you!
dwd
zinid, Also, I don't think your IPv6 is working.
zinid
dwd: it doesn't, yeah
zinid
something wrong with firewall probably
dwd
Kev, No, we're seeing new browsers, but with it disabled. And no, I didn't know either.
moparisthebest
mathieui, but for a desktop client direct TLS is also a (far easier) option whenever ws/bosh is
Kev
dwd: Yes, you said that, I didn't doubt it.
mathieui
moparisthebest, sometimes you cannot
zinid
dwd: the problem with ipv6 is I have nowhere to test it from
zinid
dwd: I don't have ipv6 at home, so...
moparisthebest
mathieui, aren't you connecting to ws/bosh over direct TLS ?
moparisthebest
unless you mean, fully in-the-clear-no-tls-xmpp :/
pep.
moparisthebest, sometimes non-standards ports are blocked
mathieui
no, I mean, you can proxy those from 443 with nginx
moparisthebest
and you can alpn (or protocol-inspect, ew) xmpp and http to xmpp server or nginx on 443
moparisthebest
it all depends on the server to have it set up properly, but bosh/ws does too
jonasw
moparisthebest, alpn will be blocked by firewalls if they really want to
la|r|mahas joined
la|r|mahas joined
la|r|mahas joined
moparisthebest
yes it can be, and probably will one day, but not by wifi hotspots in coffee shops most likely
moparisthebest
also why it's not required, daniel and I talked about it back in the day, conversations will probably try with alpn and if it fails then without it, or vice versa
Holgerhas joined
Zash
not *yet*
moparisthebest
so today, using alpn, you can have client -> sslh (based on alpn) -> (prosody,nginx)
zinid
yeah, ALPN is a really bad idea if you want to bypass the DPI: you're literally saying: "hey, I'm jabber"
moparisthebest
today you could also, without alpn, have client -> stunnel (or something decrypting TLS) -> sslh (based on xmpp/http) -> (prosody,nginx)
moparisthebest
the original spec sent the SRV name in SNI and used that to multi-plex :P
moparisthebest
no one liked my wanton abuse of SNI though :'(
dwd
moparisthebest, Wouldn't work in Java, I think.
danielhas left
zinid
for the record, I heard it TLS v1.3 sni and other extensions will not be that easy to inspect
zinid
can somebody confirm?
zinid
I tried to read the I-D, but it's brutal
moparisthebest
yea TLS lib support for "serve the certificate for xmpp.org when server1.xmpp.org is in SNI" is probably spotty/non-existant
moparisthebest
I used sslh to multiplex on SNI and prosody just served the 1 cert regardless meh
moparisthebest
zinid, I know people were pushing to encrypt SNI/ALPN but last I heard it was abandoned to the future, they might have done something to obfuscate it or something, not sure
Martinhas left
zinid
moparisthebest: too bad, because the government firewall is annoying (it detects SNI)
danielhas left
Martinhas joined
moparisthebest
which government?
zinid
russian
moparisthebest
ah that sucks
dwd
zinid, We could work around that.
dwd
zinid, Use starttls to establish the session and then resume it on directtls.
moparisthebest
you are just announcing it another way, also they could inspect the certificate coming back couldn't they?
danielhas left
zinid
dwd: but starttls can be detected easily
danielhas left
moparisthebest
so my work on 443 just holds your connection up temporarily, connects on it's own to see if the TLS handshake succeeds (and only supports TLS 1.0), and only if successful lets your connection through
moparisthebest
so if you only support TLS 1.1+ it won't allow that either, without also supporting 1.0...
tuxhas left
zinid
yes, they could inspect the certificate
Valerianhas left
zinid
so I would prefere all parameters to be encrypted
zinid
*prefer
moparisthebest
it's a shame to have to consider that at a country level
moparisthebest
but nowadays even 'free-er' countries like UK look like they are moving in that direction...
zinid
right, you never know who's next
zinid
so this should be developed now
zinid
thus I'm wondered the TLS folks abandoned the idea
moparisthebest
it's been a year or two since I looked, hopefully it was picked back up idk
moparisthebest
the reason was because it breaks all the multi-plexing TLS business like I do with sslh
but whatever they come up with there in theory should apply equally to ALPN
moparisthebest
Zash, he is saying https://tools.ietf.org/html/draft-ietf-tls-sni-encryption-00 is 20 pages long
zinid
moparisthebest: there is a lot non-normative text, it's fine after all
moparisthebest
I can't find anything about ALPN encryption
SamWhited
I hadn't seen that; might be interesting to try and do an early implementation in our TLS 1.3 stack. I might give that a shot one of these days if I can convince my boss to loan me to the crypto team for a bit.
SamWhited
Does it look relatively implementable in its current form?
If we all are in all the same rooms, can't we just merge them into one?
Zash
Ge0rG: You are the one who started another? :)
jonasw
... after people complained about off-topic discussions here
jjrhhas left
Zash
The off-topic discussions there are too on-topic!!
tim@boese-ban.dehas joined
Ge0rG
Zash: that's not my fault.
mimi89999
Ge0rG: 😁
zinid
last time I checked there was dead silence in this room
zinid
now it's active, that's cool
Ge0rG
zinid: board meeting approaching
zinid
Ge0rG: nah, I mean several years ago
waqashas left
MattJ
ding
Arc
dong
Martin
Ding ding, board o'clock
MattJ
Looking promising :)
jjrhhas left
nyco
hey
Arc
4/5 this looks very promising
MattJ
ralphm, ?
nyco
I have to leave at :30 max
MattJ
Ok
jjrhhas left
Arc
i cant stay much beyond :30 either
Martin
Ok, let's get cracking then
Martin
1. Roll call
MattJ
Here
Arc
Here
nyco
Présent
Martin
2. Minutes, any volunteers? dwd?
jonasw
I can do it
Valerianhas joined
jonasw
but I’ll also have to leave at :30
Martin
Thanks jonasw, much appreciated.
Martin
3. Topics for decisions
Martin
Drawing from here: https://trello.com/b/Dn6IQOu0/board-meetings
Martin
3.1: Logo amendments. Struggled to get this tied off last week, thoughts?
Arc
+1
nyco
+1
MattJ
I think it was left last week that ralphm wanted other board members to express their opinion as well
nyco
voted on the GH issue
nyco
done
MattJ
I was in favour, but it seems some folks are fairly against the change
MattJ
I continue to be +1, for the record
Martin
OK, me too
Arc
We are the only ones who even notice the glitch. It doesnt substantially alter our logo in any way a non-xsf member would ever notice.
jcbrandhas left
Arc
we notice it because we end up with it in front of us in inkscape, like guus did
Guus
board is now 4 times +1, one time 0.
Arc
(and btw, I printed the "fixed" logo on the trifolds for fosdem and nobody even noticed)
Guus
Arc: someone did.
Guus
*twitch*
SouL
Yes, I did :(
SouL
That was supposed to be a happy smiley face, issues for using more than one keyboard layout.
Ge0rG
That logo has been triggering my OCD for years.
jonaswpokes the participants
Martin
OK, so we're decided, it's approved
Arccheers
Martin
Moving on
Martin
4. Commitment list
Martin
4.1 D&0 quote?
jonasw
in one sentence for the minutes, what’s that?
nyco
no news? let's move on?
Martin
jonasw: I don't know. There's nothing more in Trello and this card precedes me being on Board
jonasw
I am amused.
nyco
stpeter is assignee
jonasw
I won’t put that in the minutes ;-).
nyco
thx
nyco
Council/board bios?
nyco
Arc and Martin, type here a short sentence! ;-)
Martin
4.2 Board bios
mimi89999
You chose the version where the 2 parts of the logo don't cross?
Martin
Will do my best
ralphm
Hi. I'm commuting, but following along
Guushas left
nyco
next item?
Martin
5. Items for discussion
Martin
5.1 XSF Editor team. There's a comment from Guus that this might be solved?
ralphm
.
Martin
…ok… anyone else got anything on this?
jonasw
I suspect no.
nyco
nope, next? ;-)
Arc
I have no basis to say anything on the topic
Martin
5.2 Legal notice on old public domain XEPs
Martin
https://github.com/xsf/xeps/pull/345
Martin
Looks like it's been merged, so I think the card's out of date
danielhas left
Martin
5.3 Ongoing marketing activities & budget. It seems I added this card, but back in February, which is definitely too long ago for me to remember what it's about
Arc
you know we can, for once, close the meeting early :-)
ralphm
So if we don't know what to discuss, can we remove it?
Martin
ralphm: That's what I'm doing. If there's nothing, it's gone.
ralphm
I have one minute thing: elections
nyco
yes please
stefandxmhas left
ralphm
Shouldn't we have started this year's round?
Martin
5.4 Blog post on hold: nyco?
Guushas left
Guushas joined
jonasw
is that anything board needs to discuss?
danielhas left
Martin
Nothing. OK. Next. AOBs.
Martin
ralphm: Elections?
ralphm
Yeah, sorry for jumping the agenda
nyco
blog post is published, so unblocked, but needs some fixes, in discussion with Guus, card can be archived
ralphm
But we need to have them
jonasw
Alex, you around?
MattJ
ralphm, Alex said he was working on it
nyco
what elections?
ralphm
I missed that
jonasw
^
jonasw
what elections? board?
MattJ
a couple of weeks ago
ralphm
Council and board
MattJ
jonasw, yes
efrithas left
jonasw
yeah, alex mentioned he’d work on it after the Q3 application meeting
Guus
Indeed, Alex mentioned he was going to address that soonish.
jonasw
"ASAP" were his words back then :)
ralphm
Ok. Martin can you put that in our Trello?
Arc
our last job as a board
ralphm
What, no
ralphm
Preparation takes weeks
ralphm
Finding candidates, then the online voting, etc
Arc
i mean, seeing a new board into their new role
Guus
(is board involved in the prep or execution?)
ralphm
Well ultimately we are responsible, yes
ralphm
Details are in the bylaws
ralphm
Also
Arc
Guus: tricking, er, fooling, er, convincing 5+ people to take the role is the board's responsibility. we can't leave until its done
jonasw
itym "welcoming"
ralphm
We should all consider if we would like to run again, as will council, and try and find good candidates for board
Arc
jonasw: yes, "welcoming"
SamWhited
I always get those confused :)
goffihas joined
nyco
I'm gone, sorry, bye all!
MattJ
Thanks nyco
Arc
yea i need to head out soon. is there AOB?
valohas joined
MattJ
I think we're done
Guus
The XEP status thing?
Martin
Think we're done, if people are going to start breaking off
Guus
Didn't Sam add a card?
jonasw
meh, someone forgot to put that on the trello I’m afraid, Guus
ralphm
Thanks!
jonasw
ah, no it was there
ralphm
Guess we're done?
Martin
Ah, yes, "Rename Draft to Stable"
jonasw
but ralphm interrupted the agenda before it could be reached
Alex
yes I am here, cacthing up o the messages :-)
Arc
is it pressing such that we can't do it next week?
jonasw
personally, I don’t think so
Guus
Not pressing I think
SamWhited
It's not pressing
ralphm
Agreed
Martin
Right, then we're done.
Martin
+1W for next?
Arc
+1W
ralphm
Yay. Thanks for chairing Martin
ralphm
Wfm
Arc
yes thanks for chairing
MattJ
Thanks
jonasw
Alex, can you give me a quick statement for the minutes on the status of the preparation of the elections for board & council?
ralphmtakes back hammer and bangs gavel
Arc
thanks ralphm :-)
Alex
jonasw: I was trying to find out when we had the election last year, need to look this up on teh memberlist, becasue the meeting minutes form last year are not on the new Wiki
jonasw
okay
jonasw
I’ll note that down as "preparation in progress"
ralphm
Last year was too late
jonasw
with some "data recovery needed due to data loss"
Alex
wanted to do this this week, but had to travel unexpted again then for the whole week to a customer
ralphm
We've been slipping over the years. Used to be in August
emxphas joined
Alex
hopefully I can get some work done in the hotel in the evenings
ralphm
Cheers
ralphm
I know how life can conflict with foundation duties
ralphm: yes, but we also said we should stick the 12 month term
ralphm
Yeah, I know
ralphm
So this is a good time to start then, right?
Alex
we had discussion a while ago to either make a term longer or shorter once, and agree on a fix schedule
Alex
I think Peter proposed a calendar year, Jan 1st to Dec 31,
Alex
ralphm: yes, this is why I have it on my TODO list for this week
Alex
I can setup the Wiki page this evening, and send out an Email
ralphm
Yay
Alexis on EST time this week
moparisthebest
calendar year makes sense for serving times, you'd still want the vote (much?) earlier though to avoid voting over holidays/new year
SamWhited
It seems like if you did calendar year that the first meeting would never happen because people would be on vacation.
jubalhhas joined
jerehas joined
Alexhas left
Alexhas joined
jubalhhas left
jubalhhas joined
jubalhhas left
Martinhas left
moparisthebest
that TLS SNI encryption RFC is making my brain hurt
Zash
RFC? Wasn't it an I-D?
stefandxmhas joined
zinid
moparisthebest: it's http fronting, not sure how it's better than tor for example
zinid
I read it too
SamWhited
I should figure out how the printer in this building works so that I can read it…
jubalhhas joined
zinid
easy in fact
zinid
The current draft proposes two designs for SNI Encryption in TLS.
Both designs hide a "Hidden Service" behind a "Fronting Service". To
an external observer, the TLS connections will appear to be directed
towards the Fronting Service. The cleartext SNI parameter will
document the Fronting Service. A second SNI parameter will be
transmitted in an encrypted form to the Fronting Service, and will
allow that service to redirect the connection towards the Hidden
Service.
zinid
that's all
Zash
SamWhited: PC LOAD LETTER
Zash
I should figure out how to turn arbitrary RFCs and I-Ds into epubs or something I can read on the eink thing
Yagizahas left
Zash
It's a pain, but at least I don't have to deal with printers.
zinid
what is a problem to ban this "fronting" sni?
zinid
I really don't get it
Zash
Wait so it's TLS over TLS???
Archas left
jonasw
Zash, https://tools.ietf.org/ebook/
zinid
Zash: yes :)
zinid
kinda
Tobiashas joined
Tobiashas joined
danielhas left
jubalhhas left
jonasw
rfc-std.epub appears to contain all the RFCs. It doesn’t take at all long to load on my machine....
Zash
I believe I have one of those already
Zash
Not the most optimal to navigate unfortunately
xnyhpshas joined
tuxhas joined
zinid
ah, I got it, you can use any junk in the Fronting SNI
pep., Council meeting minutes 2017-08-30:
Vote on obsoleting XEP-0146 (Remote controlling clients)
Period has expired with missing votes from Tobias and Dave.
Dave and Tobias say they are happy with their implicit +1s.
moparisthebest
so, officially, it's deprecated, I think? editors? :)
pep.
k
moparisthebest
or obsoleted
danielhas left
dwdhas left
Ge0rGhas joined
danielhas left
jonasw
moparisthebest, oha
jonasw
I remotely recalled there was something like that, thanks for pointing this out
jonasw
moparisthebest, I can’t find it in the council minutes you mentioned, are you sure it’s the correct date?
jonasw
ah, nevermind
jonasw
found it
jonasw
yeah, that indeed needs Deprecation
moparisthebest
jonasw, btw if you want to add alpn support to your client I can give you a test account on my server
Zash
jonasw: btw a big reason why I wanted xep->markdown was to produce epubs using pandoc, and it works pretty well for that
ralphmhas left
fp-testerhas left
pep.
https://xmpp.org/extensions/xep-0267.html what about "Server Buddies"? Anybody using it?
jerehas left
jerehas joined
Zash
I wanna use it for all sorts of things, but haven't gotten around to it :(
archas joined
moparisthebest
pep., this references it https://blog.process-one.net/wp-content/uploads/2016/07/Fighting-XMPP-messaging-spam-thanks-to-ejabberd-API.pdf
moparisthebest
more in a 'for the future' way
pep.
cool, thanks
vanitasvitaehas left
Guushas left
Guushas joined
zinidhas left
fp-testerhas left
danielhas left
Wiktorhas joined
Wiktorhas joined
waqashas joined
mimi89999has left
mimi89999has left
Guushas left
Guushas joined
goffihas left
goffihas joined
Valerianhas left
Valerianhas joined
danielhas left
dwdhas joined
Guushas left
Guushas joined
Valerianhas left
goffihas left
ralphmhas left
Flowhas joined
uchas joined
ralphmhas left
Valerianhas joined
ralphmhas left
jerehas left
jerehas joined
ralphmhas left
lskdjfhas left
lskdjfhas joined
Guus
I've applied the logo change in most of the obvious places
Guus
if someone finds an old logo somewhere, please let me know