XSF Discussion - 2017-11-30

  1. daniel

    Kev: do you have a response to my last email in the mam group chat thread?

  2. Kev

    I'll try to get to that this afternoon or tomorrow afternoon. My current policy is to spend the mornings coding and afternoons dealing with everything else.

  3. daniel


  4. SouL

    That's a good approach to life :)

  5. Kev

    I've got a bunch of other changes that need making for 313, so I'm tempted to write up a sentence that I think will make everyone happy, and include that in the patch and see what you think.

  6. edhelas

    jonasw here ?

  7. jonasw

    edhelas, yes

  8. edhelas

    great :)

  9. edhelas

    now that 0060 has been updated I'll see if I can update the XEPs that require multi-items

  10. edhelas

    I was thinking about 0277 and 0330 first

  11. edhelas

    also I'd like to move Bookmarks to that

  12. jonasw

    edhelas, bookmarks is a hot topic, at least wait for next weeks council discussion

  13. edhelas

    yup, I'll update the others because it's just about clarification

  14. jonasw

    for the others, go ahead, those are experimental and deferred

  15. edhelas

    if you have other XEPs in mind please tell me

  16. jonasw

    I don’t, I’m not really in the pubsub space

  17. edhelas

    you should come, it's fun over there

  18. jonasw

    nah, I’m busy in MAM space currently :)

  19. edhelas

    I start to have users that are putting a lot of private information in their XMPP account

  20. edhelas

    I find the standard authentication (password) quite weak and I'd like to know if we could discuss about that

  21. edhelas

    basically maybe work on 2FA and password recovery

  22. jonasw

    edhelas, regarding 2FA, SASL2 might be for you

  23. jonasw

    [xep 388]

  24. jonasw

    -xep 388

  25. Bunneh

    jonasw: Extensible SASL Profile (Standards Track, Experimental, 2017-08-24) See: https://xmpp.org/extensions/xep-0388.html

  26. edhelas

    ah nice

  27. dwd

    edhelas, I have a load of stuff done (coded up, everything) on this.

  28. dwd

    edhelas, I need to find the time to finish off the spec work.

  29. dwd

    edhelas, But if you want to help out that'd be awesome.

  30. daniel

    zinid, to answer your question regarding bookmarks and avatars. this was postponed to next week. we haven't talked about this yesterday

  31. edhelas

    zinid what was your question ?

  32. zinid

    edhelas, I just asked what was the conclusion on bookmarks and avatars XEPs

  33. zinid

    edhelas, it seems like some guys don't want PEP based avatars, for the record 🙂 Probably you won't like it a lot 🙂

  34. edhelas

    I want PEP for everything :p

  35. zinid

    I know 😛

  36. pep.

    I know

  37. pep.

    rrr self_ping

  38. Guus

    nyco - are you here for the upcoming board meeting?

  39. ralphm

    I tried pinging nyco myself this morning and half an hour ago. No response yet.

  40. Guus

    as did I - same result

  41. ralphm

    I learned from a colleague he's unavailable until at least 5pm, so I don't expect him

  42. Guus

    ah, to bad.

  43. Guus

    well, let's give it a few minutes, see if we're lucky.

  44. Guus

    if only we had a mechanism that'd allow us to see the availability of someone online... ;)

  45. SouL


  46. ralphm bangs gavel

  47. ralphm

    0. Welcome and Agenda

  48. ralphm

    Hi, new board! Who do we have?

  49. MattJ waves

  50. Martin

    I'm here

  51. ralphm set the topic to

    XSF Board Meeting | Logs: http://logs.xmpp.org/xsf/ | Agenda https://trello.com/b/Dn6IQOu0/board-meetings

  52. Guus


  53. ralphm

    As said before the meeting, through the grapevine, I've learned that's unlikely that nyco will attend today.

  54. ralphm

    My suggested agenda is relatively simple: pick a Chair.

  55. ralphm

    The Board should also later appoint other Officers.

  56. Guus

    I'd like to quickly run over the outstanding Trello cards, see what's still relevant.

  57. dwd

    Can you pick a chair in the absence of a full Board?

  58. ralphm

    dwd: this is indeed a good question. I've tried getting into contact with nyco in various ways. So has Guus.

  59. Guus

    dwd: I'd be uncomfortable doing so.

  60. ralphm

    I'm not happy about that either

  61. Guus

    I would not object to postpone picking a chair until we all are present, and move on with other business, having Ralph continue to be chair for the time being.

  62. ralphm

    I think that's acceptable with regard to the bylaws, but opinions welcome.

  63. MattJ

    I'm fine to continue

  64. ralphm

    ok, so then I only offer the point of Appointment of Officers for the agenda

  65. MattJ

    I don't see how the bylaws would forbid it (though neither how they require the full board to elect the chair)

  66. ralphm

    along with walking over the Trello board

  67. ralphm

    1. Confirm minute taker

  68. ralphm

    Who will do the honors?

  69. ralphm


  70. Guus

    I'll do them

  71. Kev

    (Belatedly, I think delaying voting on a new Chair until all are present is ideal too)

  72. ralphm

    Guus: appreciated, but it would also be nice if it was not a Board member, so that's why I ask

  73. ralphm

    last term dwd offered

  74. Kev

    I'm AFK in a few minutes, so I can't, sorry.

  75. ralphm

    Kev: thanks!

  76. Guus

    Ralphm: I'd be happy for someone else to do them. :)

  77. ralphm


  78. ralphm

    Let's see if someone else pops up, but for now it is you

  79. dwd

    I'm only somewhat here. Rather busy today.

  80. ralphm


  81. ralphm

    2. Appointment of Officers

  82. Guus

    What Officers?

  83. ralphm

    Besides the Chair, we also need to re-appoint Secretary, Treasurer and Executive Director.

  84. ralphm

    In the previous term, Peter has noted he wanted to step down as ED

  85. MattJ

    Didn't Peter indicate intent to resign the position(s)?

  86. Guus

    I've not read up in the bylaws. Can you outline the procedure?

  87. ralphm

    but would still be Treasurer. Alex is our current secretary.

  88. ralphm

    Let's ask them if they want to continue for another term

  89. ralphm

    Guus: what!

  90. ralphm

    ARTICLE VI: Officers Section 6.1 Number and Qualifications. The officers of the Corporation shall consist of the following: (a) a Chair, (b) an Executive Director, (c) a Secretary, and (d) a Treasurer. Officers must be natural persons that the Board of Directors elects or appoints. Officers need not be Directors of the Corporation and shall hold office at the discretion of the Board of Directors. Subject to these Bylaws, the Board of Directors may also elect or appoint one or more additional officers or assistant officers as it may deem convenient or necessary. Except as provided in these Bylaws, the Board of Directors shall fix the powers and duties of all officers.

  91. ralphm

    (oh, Gajim, you are so funny with emoticons)

  92. Guus

    that doesn't state a term for those officers. Is there a requirement to re-appoint them?

  93. Guus

    (apart from ED, who has expressed intention to step down)

  94. ralphm

    Guus: please read the bylaws

  95. Guus


  96. ralphm

    The term is 1 year for all officers

  97. Guus

    In any case, I'm happy with the suggestion to ask the existing officers to continue for another term.

  98. ralphm


  99. MattJ

    "Each officer shall hold office for a period of one year or until his or her successor is elected and qualified or until his or her earlier resignation or removal."

  100. ralphm

    Yeah, I think that is a bit ambiguous.

  101. Guus

    Doesn't hurt to ask them explicitly.

  102. ralphm

    Does it mean you'll hold the office beyond a year if no-one else comes up?

  103. ralphm


  104. Guus

    Shall I draft a quick email to both?

  105. ralphm

    3. Sure

  106. ralphm


  107. ralphm


  108. ralphm

    3. Topics for decisions

  109. ralphm

    I see the item of renaming Draft to Stable.

  110. ralphm

    I think we said last time that there's no consensus. Can we remove this item?

  111. ralphm


  112. MattJ

    I think we can remove it for now, until a new proposal is made

  113. MattJ

    The current one did not reach consensus

  114. Guus


  115. ralphm

    4. Commitments

  116. ralphm

    Apart from that e-mail by Guus, I'd like to add one for searching for a replacement ED

  117. ralphm

    While I'm Chair, I'll take that one

  118. ralphm

    There's also an item about a D&O quote. I think I need to figure that out with stpeter, too.

  119. Guus

    What is that?

  120. ralphm

    My point

  121. ralphm

    I think nobody remembers exactly

  122. Guus

    also: as Peter is no board member - why are we tracking this?

  123. ralphm

    Peter is Executive Director

  124. ralphm

    and Treasurer

  125. MattJ

    It was a task assigned to Peter by the boar

  126. MattJ


  127. MattJ


  128. Guus


  129. ralphm

    in both roles, he's invited for Board meetings, as well as the Secretart and the Chair of Council

  130. ralphm

    in both roles, he's invited for Board meetings, as well as the Secretary and the Chair of Council

  131. Guus

    No-one remembers what 'D&O' is?

  132. dwd

    Guus, Director and Officer insurance.

  133. MattJ


  134. Guus


  135. Guus


  136. ralphm

    Last comment I saw by Peter was 30-8:

  137. ralphm

    This fell off my radar screen. If it is still a priority I can look into it again. It tends to be expensive, but I can report back on details.

  138. Guus

    Actually, I've looked into this for another Foundation - it doesn't need to be that expensive.

  139. ralphm

    Guus: if you want, please check with Peter

  140. Guus

    but that might be in a Dutch setting only - unsure

  141. Guus

    Ok, I will

  142. ralphm

    5. Items for discussion

  143. ralphm

    Let's use this to quickly go over the backlog

  144. ralphm

    Last Board failed to agree on a list of priorities. So let's try for real this time

  145. ralphm

    I'm not sure about the IoT strategy doc, alternative meeting org

  146. ralphm

    the meetups sync seems to be for SCAM?

  147. Guus

    as there's no progress on both for a long time, lets archive the IoT strategy doc and alternative meeting org.

  148. ralphm


  149. Guus

    I agree on the meetup sync bit - that aught to be scam

  150. ralphm

    for the SPIM thing, that doesn't require anything from us right now. Anyone can write a XEP to propose this

  151. Guus

    I think the idea of a SPIM-focussed work team is something to be discussed.

  152. ralphm


  153. Guus

    Ah. I read that as: create a group of people focussed on that, solely.

  154. ralphm

    Not sure if that needs Board, but sure, let's put it there

  155. Guus

    I'm not sure why people be more inclined to work on that after being grouped though.

  156. MattJ

    Yeah, I think some concrete goals should be defined before forming the group

  157. ralphm

    That leaves us with the membership survey

  158. MattJ

    Rather than just a vague "we need to fix the spam problem, let's form a group"

  159. ralphm

    Shall I keep that for discussion?

  160. Guus

    doesn't the survey tie in with the priorities?

  161. ralphm


  162. Guus

    as in: one's output should be the others input?

  163. ralphm

    I'd also like everyone to think about the priorities next to that

  164. Guus

    nyco appears to have done quite some legwork on that

  165. ralphm

    I mean, we are part of the community, too, so there might be some things you already know you want to work on this term

  166. ralphm

    Shall I move it to discussion then?

  167. MattJ


  168. Guus


  169. ralphm

    Ok. I think we're out of time

  170. ralphm

    6. Date of Next

  171. Ge0rG

    I've asked for the creation of a SPAM taskforce, which would operate behind closed doors at first, but it was not deemed acceptable.

  172. ralphm

    I suggest +1W

  173. ralphm

    until we hear from nyco otherwise

  174. Martin

    +1W is fine with me

  175. MattJ


  176. ralphm

    Ge0rG: that's not entirely true. There was simply no consensus

  177. Guus

    Shall I provisionally move the scheduled item in the calendar?

  178. ralphm


  179. Guus

    (works for me)

  180. ralphm

    Guus: yes please

  181. ralphm

    7. Close

  182. ralphm

    Thanks all!

  183. Guus

    one AOB: there's an old wiki page for board with stale data. Can we remove that?

  184. Ge0rG

    ralphm: I think the consensus was that anybody can form any kind of closed group and that the XSF shouldn't approve of this specific one

  185. ralphm

    Guus: A link would be good.

  186. Guus


  187. Ge0rG

    ralphm: that was not meant as a criticism, I'm okay with the decision - just a reminder of why this was on the agenda

  188. ralphm

    Guus: sure archive

  189. Guus

    Instead, I propose to redirect that link to the public website (which is what we do for Council, too)

  190. ralphm

    Ge0rG: so we can remove it from our Trello then?

  191. Ge0rG

    ralphm: unless you want to form an official SPIM fighting group open to the public, I think you can remove it

  192. ralphm

    I'll leave it on for next week, and then we make that decision

  193. ralphm bangs gavel

  194. MattJ

    Thanks ralphm

  195. Ge0rG

    thanks, Board :)

  196. Guus

    thank you guys

  197. ralphm set the topic to

    XSF Discussion | Logs: http://logs.xmpp.org/xsf/ | Agenda https://trello.com/b/Dn6IQOu0/board-meetings

  198. Ge0rG

    MattJ: I'm still missing you in that MUC, and I think you are still blocking messages from strangers.

  199. Guus

    Can someone give me access to Trello, please?

  200. Guus

    the Board board, specifically.

  201. ralphm

    I will

  202. Guus


  203. MattJ

    Ge0rG, invite me? I'm not blocking messages from strangers (since a while back, as my receipt of many spam messages proves)

  204. ralphm

    Guus: what's your handle?

  205. Ge0rG

    MattJ: invited you, once again :)

  206. MattJ

    Ok, weird, I didn't receive it :/

  207. Ge0rG

    MattJ: last time we tried it, it was blocked by some module/config on your server/account.

  208. Guus

    ralphm: guusderkinderen

  209. ralphm


  210. Guus

    I've just rescheduled the XSF Board agenda item in the calendar - can someone kindly verify that I didn't mess up?

  211. Guus

    ralphm: thanks

  212. ralphm

    Looks good to me, Guus. Thanks

  213. Guus


  214. jonasw

    SamWhited, re colors, I’m thinking of putting the base algorithm in a single block, and only noting the differences for the individual modifications (like CVD correction, background correction etc.) in separate sections

  215. jonasw

    in addition to cleaning up my reference implementation and putting it somewhere public

  216. SamWhited

    hmm, my CVD corretion doesn't appear to be working, but without that it's passing the tests

  217. SamWhited

    I don't think that was due to anything confusing in the document though, just a bug of mine

  218. SamWhited

    ah yah, MSB not LSB

  219. SamWhited

    jonasw: I think the second test for blue-blindness correction may be wrong, can you confirm the values there when you get a moment?

  220. jonasw


  221. jonasw

    working on those things at the moment anyways

  222. SamWhited

    hmm, my naive impression is that for blue-blindness that color wouldn't change actually (no blue component when I convert it to RGB), so maybe my implementation is broken. Not sure how it would affect that single value though

  223. jonasw

    maybe the others aren’t affected by blue correction

  224. SamWhited

    The first one shouldn't be either, but it appears to be changing (and my implementation seems to work there)

  225. SamWhited

    Well, I say "shouldn't be", I'm not sure, I'm just guessing based on the blue component

  226. SamWhited

    I should do the floating point version of the math and check

  227. SamWhited

    That's weird, if I check the angle before applying the correction it is different from yours for everything *except* this one, but the final result is correct for everything except this one.

  228. jonasw


  229. jonasw

    that’s weird

  230. jonasw

    I haven’t checked the non-floating-point way though

  231. jonasw

    I just trusted what Marcel said on list

  232. jonasw

    I’ll try to implement that in the C++ app I’m currently building right now

  233. jonasw

    afk for dinner now though

  234. SamWhited

    jonasw: also, the first test in blue-blindness doesn't have enough columns (I think it's missing the g/b values)

  235. SamWhited

    or something; it doesn't match the headers anyways, but it looks like others don't too so maybe the headers are wrong

  236. SamWhited

    oh nevermind, I refreshed and that's already been fixed…

  237. jonasw

    SamWhited, if the columns changed, did you accidentally use the wrong tables?

  238. SamWhited

    No, I had two versions of the document open and didn't notice. I was using the right one when I put these values in though

  239. SamWhited

    I found at least one bug in my blue correction, but fixing that just changed what's failing (all the others are failing and the second one is passing). It's very confusing.

  240. jonasw

    care to paste the cvd and test code?

  241. jonasw

    would be happy to take a look

  242. SamWhited

    sure, just a second

  243. SamWhited

    I'm still setting the wrong bit on the blue correction, will fix then push

  244. jonasw

    anglei = (anglei & 0x7fff) | ((anglei & 0x4000) << 1);

  245. jonasw

    this is what I’m doing and I think it does the right thing

  246. SamWhited

    jonasw: isn't it the inverse of the second bit you want?

  247. jonasw

    the second-most-significant

  248. jonasw

    so if 15th is the most significant, you want the inverse of the 14th

  249. jonasw


  250. SamWhited

    right, there you're just taking the second most significant not doing the inverse

  251. jonasw

    that’s not the inverse.

  252. jonasw

    now I need to hceck which is correct with the FP version :)

  253. jonasw

    (I *think* that both would work)

  254. jonasw


  255. jonasw

    yeah, with ~ before the last anglei

  256. jonasw

    interesting, apparently CSS will apply **0.45 to the colors, while Qt wont

  257. jonasw

    that’s great >.>

  258. jonasw

    or something else is fishy

  259. SamWhited

    Fixed it, I had an order of operations issue the whole time *facepalm*

  260. SamWhited


  261. SamWhited

    i = (i & 0x7fff) | (((i & 0x4000) << 1) ^ 0x8000) should do the right thing

  262. jonasw

    yup, seems sane

  263. SamWhited

    That's easy enough to make simple mistakes on that it might be worth including it in that section

  264. jonasw


  265. SamWhited

    Same for the "i &= 0x7fff" for red-green blindness

  266. jonasw

    noted for the next update

  267. Ge0rG

    It looks only slightly less awkward than the Java version. I've really started to love python's struct.pack() for those use cases

  268. jonasw

    int.from_bytes(hash[:2], "little") is what I did

  269. SamWhited

    In retrospect I'm not sure why I implemented Go's Hash interface. I can't imagine anyone wanting to use this for large amounts of data or wanting to pass it in as a replacement for some actual hash…

  270. SamWhited

    So really I could remove all the API nonsense and have it just be a single function

  271. jonasw

    is anyone working on restoring xmpp.net, by the way? I recall Arc wanted to do something about that

  272. jonasw

    hm, nice, the luasec version needed by xmpppoke doesn’t work with libssl1.1

  273. Zash

    "nice", "luasec" and "openssl" in the same sentence? sarcasm detected

  274. jonasw


  275. jonasw

    debian oldstable it is!

  276. Holger

    Yeah I built some of these things myself on check.messaging.one.

  277. Holger

    Debain oldstable too.

  278. jonasw

    Holger, do you happen to have a recipe of some kind for that?

  279. jonasw

    I’m trying to devise a dockerfile I can then throw at iteam

  280. Holger

    You need an older OpenSSL anyway for the SSLv2 checking.

  281. jonasw

    hm, maybe I should just use the libssl from testssl.sh?

  282. Holger

    I don't have proper docs sorry, but if you're stumbling over specific issues I can try to recall how I solved them.

  283. jonasw

    nothing out of the ordinary yet

  284. jonasw

    except that developing these things with docker is annoying

  285. Holger

    I also have various xmppoke backend/frontend fixes. But just a big diff, not individual commits, yay.

  286. jonasw


  287. jonasw

    could you share these eventually?

  288. Holger

    I'm sorry. I was annoyed and wanted to get this set up quickly.

  289. Holger

    Yes sure.

  290. jonasw

    I understand :)

  291. Holger

    I used OpenSSL 1.0.2k as that's the most-recent version with v2 support.

  292. Holger

    Needs "./config enable-ssl2 ...".

  293. Zash

    I wonder if you can get away with just sending a raw SSL v2/v3 handshake and look for success/fail in the response, instead of having full support for it in OpenSSL

  294. Holger


  295. jonasw

    I’m now giving it a shot with the OpenSSL build used by testssl.sh

  296. jonasw

    which is 1.0.2k with some patches

  297. Holger


  298. jonasw

    doing the one thing one should probably never do with that piece of software: make insatll.

  299. Holger

    Ah the backend diff is not that bad actually: https://check.messaging.one/patches/xmppoke.diff.txt

  300. jonasw


  301. Holger

    The frontend diff is :-/

  302. Holger


  303. Holger

    ... because there's bug fixes hidden between all those cosmetic changes.

  304. zinid


  305. Holger


  306. zinid

    me when I see web thing

  307. marc

    Ge0rG, that's my vision of user invitation on mobile devices: https://projects.zapb.de/tmp/xmpp-invite-conversations.webm

  308. marc

    Providing a username is optional, of course

  309. Ge0rG

    MattJ: there, easy onboarding

  310. SamWhited

    jonasw: I figured out what I was looking at earlier when I thought the columns were wrong… in the other version of the document I had open it wasn't an old one, I was just scrolled down to the color pallete tests and they have the wrong number of fields

  311. Ge0rG

    marc: why do you need to enter two names?

  312. marc

    Ge0rG, username is optional (required in this setup) and predefines the username of the JID

  313. marc

    Ge0rG, your name = name of the inviter

  314. Ge0rG

    marc: you don't need any names to create an invitation

  315. marc

    Ge0rG, sure, both are optional

  316. marc

    or not even possible to be set, depends on your configuration

  317. Flow

    And ideally the your name field is pre-filled with possibly existing vcard information

  318. marc

    Flow, exactly!

  319. marc

    Ge0rG, in my current ejabberd setup, inviter name and username are configured as "requried"

  320. marc

    that's why they need to be filled out

  321. marc

    the inviter name is also used for the roster item

  322. Ge0rG

    marc: too many things to do....

  323. Ge0rG

    Get the inviter name from the vCard and let the invitee specify their own name

  324. marc

    Ge0rG, once again, that's configurable

  325. marc

    you don't even see the input fields if you configure your server in that way

  326. Flow

    but pre fill the roster entry name on the invitee's UI with the possibly provided inviter name

  327. Flow

    marc: good job so far

  328. marc

    Ge0rG, if you click "invite contact" you immediatley get the QR code

  329. marc

    Ge0rG, that's just because I configured the server in that way...

  330. marc

    Flow, thanks!

  331. Flow

    what is the rationale for the "benutername"?

  332. Flow

    what is the incentive for me to enter it?

  333. marc

    Flow, you have the choice to predefine the JID

  334. Flow

    predefine the JID?

  335. marc

    you can set the username part of the new JID

  336. Flow

    ahh ok, I'd eventually switch the order of fields

  337. marc

    If Benutername = "marc", the JID of the new created account is marc@<server>

  338. marc

    Flow, yes

  339. Ge0rG

    I would leave that to the invitee

  340. marc

    Ge0rG, you can configure it ;)

  341. marc

    Flow, just a proof of concept

  342. Flow


  343. marc

    But a working one :)

  344. Zash

    Beware those

  345. marc

    But UI is not perfect and there are some corner-case bugs

  346. Zash

    I made a proof of concept once. Now everyone uses it as if it was production ready!

  347. marc

    Sure, that's why I didn't publish the code yet :D

  348. marc

    Ge0rG, you're not really convinced, hm? :D

  349. Ge0rG

    marc: you are doing a good job, and it's important to do. I'm just a hardcore perfectionist.

  350. Zash

    Getting the right level of feedback is Hard

  351. Ge0rG

    marc: do you need help wiring the XEP?

  352. Ge0rG

    I'm sometimes a bit blunt with my feedback, sorry

  353. Zash

    The trick, according to some blag I saw once, is to make your thing look about as finished as it is

  354. marc

    Ge0rG, good, I'm a perfectionist too :D

  355. marc

    Ge0rG, I have a XEP version with the protocol flow and some references but far away from "ready-to-submit"

  356. marc

    I'll probably push it on my Git repo in a couple of days

  357. Zash

    marc: That sounds like "ready-to-submit" to me

  358. marc

    Zash, not for a perfectionist :>