XSF Discussion - 2017-12-11


  1. uc

    🤦‍♀️

  2. jonasw

    pep., which domain?

  3. jonasw

    pep., even though, all I can do is re-try really, because xmppoke doesn’t give useful logs in any way

  4. Guus

    jonasw: many failed tests on the webpage now.

  5. jonasw

    Guus, you could check if everything is in order inside the poker by invoking xmppoke manually: cd /opt/xmppoke; luajit /opt/xmppoke/xmppoke.lua --db-host=... --db-password=... -d=10 $domain

  6. jonasw

    (the "=" between option and value are important)

  7. jonasw

    I also wonder whether we get an interesting type of spam there

  8. Guus

    jonasw, sorry, can't check now. Travellig.

  9. jonasw

    no worries

  10. jonasw

    now we’re getting quite a few sensible ones again

  11. jonasw

    it’s also possible most of what we saw was simply in progress

  12. Guus

    perhaps

  13. Ge0rG

    marc: https://mail.jabber.org/pipermail/standards/2016-June/031152.html (more on-topic in here)

  14. Ge0rG

    marc: also another thing I wanted to tell you yesterday: the current PARS token generation doesn't need server interaction, so it's immediate on the client, even if you are on the worst imaginable mobile connection

  15. marc

    Ge0rG, just the two posts?

  16. Ge0rG

    marc: there's a loooong thread going into 2017.

  17. Ge0rG

    marc: https://mail.jabber.org/pipermail/standards/2017-April/032599.html and https://mail.jabber.org/pipermail/standards/2017-May/032616.html

  18. Ge0rG

    with their respective "next in thread"

  19. marc

    Ge0rG, okay, maybe I find some time to read it

  20. Ge0rG

    marc: you owe me half an hour of time anyway, for yesterday's discussion :P

  21. marc

    Ge0rG, :P

  22. marc

    Ge0rG, are you on 34c3?

  23. Ge0rG

    marc: I don't think so

  24. marc

    Too bad

  25. jonasw

    marc, the traditional XSF meetup is at FOSDEM

  26. jonasw

    the SUMMIT

  27. marc

    jonasw, okay, maybe I'll come to FOSDEM as well :D

  28. jonasw

    I need to schedule that for me

  29. marc

    Ge0rG, are you on FOSDEM 2018?

  30. Ge0rG

    marc: I might be able to make it to the SUMMIT. Maybe.

  31. Ge0rG

    marc: at least I've prepared a talk about what's wrong with XMPP ;)

  32. marc

    :D

  33. marc

    Ge0rG, but not submitted, right?

  34. Ge0rG

    marc: you can't submit to SUMMIT

  35. Ge0rG

    marc: the XSF summit is a separate conference taking place in the days before FOSDEM

  36. marc

    Ge0rG, ah

  37. marc

    I was talking about FOSDEM submission :)

  38. Ge0rG

    marc: https://wiki.xmpp.org/web/Summit_22

  39. Ge0rG

    marc: giving my talk at fosdem would be a huge disservice to the XMPP community

  40. marc

    :D

  41. Ge0rG

    or I would end up with a reputation similar to Poettering :P

  42. jonasw

    he's fun when he crashes other peoples talks

  43. Ge0rG

    I've crashed a talk about SCCS once. It was not particularly challenging

  44. Flow

    Ge0rG who gave the talk?

  45. Ge0rG

    Flow: I'm not naming names here, but it was at a conference venue known to you.

  46. Flow

    schilling at CLT

  47. marc

    Ge0rG, almost everybody except you is voting for server-side implementation, is that correct? :D

  48. Ge0rG

    marc: I'm not opposed to server side implementations, but please have a look at bookmarks in PEP.

  49. marc

    the pep idea has some nice features

  50. marc

    Ge0rG, bookmarks in PEP? what do you mean?

  51. Ge0rG

    marc: the bookmarks xep recommends pep as the storage backend for a decade now, and there is no proper server support yet

  52. marc

    well, the PEP can not be used for user-invitation because it can not be limited

  53. marc

    this is not good for account creation :D

  54. Kev

    Ge0rG: No, that's just not true. You mean that Prosody doesn't support it, which isn't the same as there being *no* support.

  55. edhelas

    Kev +1

  56. marc

    but I like the idea of generating offline tokens

  57. Ge0rG

    Kev: last time I've heard that prosody completely lacks support, whereas other widely deployed implementations only leak your bookmarks to the general public.

  58. Ge0rG

    Kev: from a client interoperability perspective, that discussion is moot anyway.

  59. edhelas

    that's false

  60. Holger

    Ge0rG: Er, this is specific to bookmarks, and the reason is that the XEP is broken.

  61. edhelas

    whitelist support is quite great

  62. Holger

    Ge0rG: Daniel is currently trying to fix it. Once that happened, it will be fixed in the next ejabberd release, for example.

  63. edhelas

    Holger Daniel is trying to fix what ?

  64. Holger

    Well, I should say "probably" I guess :-) But I'm quite confident.

  65. Holger

    edhelas: https://mail.jabber.org/pipermail/standards/2017-December/034023.html

  66. Holger

    (I was assuming that this is Ge0rG's point.)

  67. edhelas

    "specified perist_items"

  68. edhelas

    small typo in the PR :p

  69. daniel

    Ge0rG, ejabberd leaks your private pep nodes to the public?

  70. Ge0rG

    Kev: I don't have stats, but I would say that ejabberd and prosody are the most widely deployed servers. They lack support for a feature that's specified for a decade now.

  71. Ge0rG

    Kev: now please try to convince me this won't happen to server-side-PARS.

  72. daniel

    i think one could implement bookmarks in pep on conversations.im

  73. Ge0rG

    daniel: isn't that why you are trying to fix 60 now?

  74. daniel

    Ge0rG, no?

  75. Ge0rG

    daniel: I'm sure this will be approved by the Conversations Council of Elders.

  76. Holger

    Ge0rG: Unless you configure the node with access_model=opoen, then of course it's not leaked.

  77. Ge0rG

    Holger: I'm sorry for being ignorant about 0060, but what's the default access_model?

  78. Holger

    Ge0rG: 0163 says "The default access model is 'presence'."

  79. Zash

    For PEP

  80. Ge0rG

    Holger: so bookmarks are only leaked to your contacts?

  81. edhelas

    can we not change that to whitelist ?

  82. Zash

    edhelas: For PEP? That'd make it useless

  83. edhelas

    servers can also enforce access_model for some PEP namespaces

  84. edhelas

    the issue is that the user will have to know if the access_model is good somehow

  85. Zash

    I was intending to have some defaults for well known PEP nodes coded in.

  86. Holger

    Ge0rG: I know that 0048 uses publish options to set the access model. Right now this doesn't work because it conflicts with 0060. The thing I don't understand is why you take this as an example for servers being slow with implementation. You can't implement a broken spec.

  87. Zash

    edhelas: That's what you use publish-options preconditions for

  88. edhelas

    okay

  89. edhelas

    never heard of it

  90. Kev

    And therein lies the problem.

  91. Zash

    But, it's like the most starred issue in the Prosody issue tracker ^^

  92. Holger

    Ge0rG: But clients can configure the node's access_model even without that spec fix, of course.

  93. Zash

    Mostly because it has its own marketing team, but still

  94. Kev

    publish-options isn't exactly well-specified, which is what Daniel's just brought up on list.

  95. daniel

    > was intending to have some defaults for well known PEP nodes coded in. Zash i'm planning on writing a module that just disables access control for omemo pep nodes. that's why i asked about how to write modules the other day

  96. edhelas

    ah, here's another piece of 0060 that I'm discovering today

  97. Ge0rG

    Holger: bookmarks is referencing 223 for over a decade now. Please don't tell me nobody noticed it's broken until now.

  98. Zash

    Ge0rG: I'm sorry, but nobody noticed that it is broken until now.

  99. Holger

    Ge0rG: I think I mentioned it on standards@ quite a while ago.

  100. Ge0rG

    So apparently nobody implementing servers cared enough about this spec, for over a decade.

  101. daniel

    i noticed about a year ago. i just didn't get around to write a PR

  102. Holger

    Yeah sure.

  103. Zash

    Ge0rG: Correct

  104. Kev

    Ge0rG: They didn't, because 49 for 48 worked fine and there was no reason to change.

  105. Holger

    If a spec is broken, blame server devs.

  106. Kev

    And 223 was meant to be a profile of 60, so no-one read 223.

  107. Ge0rG

    And 0060 is so mind-boggingly complex that nobody read that either.

  108. Zash

    Soooo, we should get around to finishing that 60 splitup

  109. Ge0rG

    So everybody just bails out on "*pubsub*"

  110. jonasw

    Ge0rG, that’s not true, I read it!

  111. Ge0rG

    And now people come and try to convince me to make my shiny new account registration flow depend on all that mess. Thanks, but no thanks.

  112. Holger

    jonasw: Me too, but that doesn't help, because the text changes whenever you re-read it.

  113. daniel

    we should really revisit that hiring famous actors and actresses to make audiobook versions of XEPs

  114. Ge0rG

    daniel: you can't imagine how much time you need to spend to explain to them the corrent pronounciation of all the tech terms

  115. jonasw

    Holger, that was my impression too

  116. edhelas

    daniel :D Book 36 - Pubsub - Chapter 342 - Configuring your node, 64min

  117. Holger

    :-)

  118. Ge0rG

    edhelas: that title almost reads like a Bible verse.

  119. Ge0rG

    "And so saith Saint Peter: it shall be XML"

  120. edhelas

    0060 is a bit like the Bible, each people reading it have their own understanding

  121. mathieui

    and let’s not talk about the religious wars

  122. mathieui

    and their thousands of casualties

  123. Zash

    Don't mention the war

  124. Ge0rG

    Okay, let's longjump out of this mess again. My initial provocative statement was "nobody is implementing server-side PEP bookmark storage". Let me change that to "PEP bookmark storage is mandated for a decade now, and nobody noticed that it's essentially broken for so long"

  125. moparisthebest

    HAHAHA I almost spit out coffee ‎[10:17:02 AM] ‎edhelas‎: 0060 is a bit like the Bible, each people reading it have their own understanding

  126. moparisthebest

    that needs to go in the implementation notes of 60 or something

  127. jonasw

    Ge0rG, where did we setjmp though?

  128. Ge0rG

    jonasw: just unwind enough stack to get back to PARS

  129. mathieui

    Ge0rG, I did notice

  130. daniel

    Ge0rG, in any case, as a council member you could read my two! PRs on xep60 and form an opinion on which one you prefer

  131. Ge0rG

    daniel: I suppose this is unavoidable.

  132. Ge0rG

    daniel: and still, I lack sufficient understanding of 0060 so far to be able to contribute an informed opinion. I'll work on it.

  133. Ge0rG

    Could we please mandate that a server with IBR also MUST provide valid XEP-0157 contact info?

  134. Zash

    Write a XEP

  135. Zash

    Info XEP on "Things your public server should support"

  136. Ge0rG

    you can't enforce info-xep's

  137. jonasw

    Ge0rG, you can if you check it on s2sin :>

  138. jonasw

    and send a <policy-violation/> stream error back.

  139. Zash

    -xep 222

  140. Ge0rG

    jonasw: technically, I can. But if it's not official policy, I am not allowed to

  141. Zash

    -xep 223

  142. Bunneh

    Zash: Persistent Storage of Public Data via PubSub (Informational, Active, 2008-09-08) See: https://xmpp.org/extensions/xep-0222.html

  143. Bunneh

    Zash: Persistent Storage of Private Data via PubSub (Informational, Active, 2008-09-08) See: https://xmpp.org/extensions/xep-0223.html

  144. jonasw

    Ge0rG, that’s why the info XEP :)

  145. Zash

    Informational, both. Why nobody looked at them?

  146. Holger

    If a server stores groupchat messages into the user archive, the server would have to de-duplicate if multiple resources joined the room, right?

  147. Zash

    Yes

  148. Holger

    Fun.

  149. Ge0rG

    It will also be fun for the client to receive those messages without realizing it was a MUC

  150. Ge0rG

    not so bad for proper MUC messages, but MUC-PMs will be a PITA

  151. Ge0rG

    Are MUC-PMs to be stored in the user's MAM?

  152. daniel

    Holger, Zash: also outgoing and reflected

  153. Zash

    Makes purely append-only storage reeeeally hard

  154. Ge0rG

    Finally, the server devs are going to experience the joy of synchronizing a MUC history.

  155. daniel

    Fun fun fun. All for having an incomplete archive of the room

  156. Ge0rG

    Especially the ones calling for MUC messages in MAM.

  157. Zash

    I don't wanna!

  158. Ge0rG

    Zash: I don't see you complaining on standards@

  159. Holger

    Maybe the user archive should query the MUC archive to sync missing messages.

  160. Ge0rG

    Holger: awesome idea.

  161. Ge0rG

    And the MUC archive should just crowdsource the request to other participants' MAMs.

  162. Ge0rG

    Distributed storage!

  163. Ge0rG

    It's all in the cloud now!

  164. Ge0rG wanders off, laughing weirdly.

  165. moparisthebest

    since the cloud is just other people's computers everything has always been there

  166. Zash

    Maybe the clients could send MAM queries to each other!

  167. Ge0rG

    Zash: then we don't need MUC any more. Just have clients poll each other in a round-robin way to distribute history and messages

  168. Zash

    Ge0rG: Next, have them connect to each other instead of servers!

  169. jonasw

    Zash, somebody seriously suggested that a while ago

  170. Zash

    jonasw: Was it me?

  171. jonasw

    I don’t think so

  172. jonasw

    (and I’m referring to "Maybe the clients could send MAM queries to each other")

  173. Zash

    You could in theory do that among your own clients and have serverless MAM

  174. Ge0rG

    Zash: ChatSecure used to bundle a HTTP server, minidns and some other tech debt to allow for serverless messaging

  175. Zash

    WTF HTTP server?

  176. Ge0rG

    I don't remember any more the rationale for that.. picture sharing maybe? Or forwarding of the app APK?

  177. Ge0rG

    But I remember their stack was so high it resembled the tower of babel.

  178. daniel

    Http over otr

  179. daniel

    For file transfer

  180. Ge0rG

    right!

  181. Zash

    Why not p2p http. Like p2p proxy65 that already exists

  182. Ge0rG

    So should I implement XEP-0049 in yaxim now?

  183. jonasw

    Ge0rG, yes

  184. Kev

    I think client-only MAM is not at all stupid - and is probably the only sane thing to do in the world of E2E.

  185. Zash

    It wouldn't be too hard to sync bookmarks between PEP and private xml

  186. jonasw

    Zash, would be great to have that in prosody

  187. Ge0rG

    Kev: client-side MAM queries that get around E2EE are also stupid.

  188. Ge0rG

    Or at least notoriously hard to get right.

  189. Zash

    jonasw: Depends on PEP with configurable access models, which isn't quite there yet.

  190. Zash

    In theory possible to hard-code some nodes to be private

  191. Kev

    Ge0rG: Sure. Just needs a vector clock and the server to inject MAM IDs into every stanza, right? :)

  192. jonasw

    Zash, might not be the worst idea

  193. Ge0rG

    Kev: I'm not quite sure what you are referencing, and I'm even less sure I can keep my sanity if you explain it.

  194. Kev

    Not worth thinking about. I'm just distracting myself from far too many hours worth of Council work.

  195. Kev

    I'd forgotten how much of the week Council takes.

  196. Zash

    Kev: Vector clocks? I thought blockchain was the hip thing for everyhing now?

  197. Kev

    Choose your poison :)

  198. jonasw

    my favourite gem out of XEP-0153 (vcard avatars): > The XML character data of the <TYPE/> element is a hint. If the XML character data of the <TYPE/> specifies a content type that does not match the data provided in the <BINVAL/> element, the processing application MUST adhere to the content type of the actual image data and MUST ignore the <TYPE/>. If the <TYPE/> is something other than image/gif, image/jpeg, or image/png, it SHOULD be ignored.

  199. jonasw

    TL;DR: ignore <TYPE/>

  200. daniel

    Kev: I'm not sure if "all messages I ever received excluding messages I didn't receive in group chats because I was offline" is actually a use case you have or if you just believe it to be the right thing. We have mam for a couple of years now and none of the servers seem to store them and I haven't seen anyone complaining that their mam archive *lacks* group chat messages

  201. Kev

    M-Link does, FWIW, although not in all circumstances.

  202. jonasw

    I’m pretty confident that having MUC groupchat in MAM is horrible

  203. Ge0rG

    I think that adding any MUC messages into local MAM opens up a can of worms.

  204. Kev

    I could be wrong on this one, but over the weekend I convinced myself I was wrong before when I thought I was wrong, and that I was originally right.

  205. Kev

    So I'm not refusing to make the proposed change, but I'm not sold on it at the moment.

  206. Ge0rG

    Kev: could you please annotate your right-wrong statement with the content of the respective opinions, so others can follow?

  207. daniel

    It will always be incomplete be definition. It will be a nightmare to dedup with muc history coming in multiple time and receiving the reflections for outgoing messages

  208. Kev

    I originally though MUC should be in MAM. Daniel said it shouldn't, and I temporarily believed him, but when I went to make the change I persuaded myself MUC belongs in MAM again.

  209. daniel

    Sure the dedup issues can be resolved

  210. daniel

    But to what end? Almost all clients will throw the messages away or not request them

  211. Kev

    Dedup sounds like a somewhat strong argument.

  212. Holger

    "Incomplete archive" sounds stronger to me :-)

  213. Kev

    I don't think it's an incomplete archive, is it?

  214. Kev

    It's a complete archive of what the user has received in her live sessions.

  215. Kev

    It's incomplete w.r.t. to the MUC, but that's ok because the user wasn't in the MUC at the time.

  216. Holger

    Sure. We invented MUC MAM because users didn't perceive this as "ok".

  217. Holger

    I thought.

  218. Ge0rG

    users want a full MUC archive.

  219. Kev

    That's probably true, and one reason for MIXxing it up.

  220. Ge0rG

    I've heard that messages getting lost is the #1 problem with XMPP.

  221. Kev

    Could someone collate all these reasons and shove them in response to my mail to standards@ so we have a record in the right venue, please?

  222. Holger

    (I did respond with mine already.)

  223. Ge0rG

    Today I got a dozen of error bounces for half an hour worth of conversation I had with a friend, because his mobile client's session was hibernated and killed, and apparently the mobile client was receiving full messages and not just carbons.

  224. Kev

    Carbons are a *nightmare* for bounce handling.

  225. Kev

    If you want to talk about server dedup handling being nearly impossible - Carbons can be taken out and shot immediately :)

  226. Holger

    "When a server attempts to deliver a (locally generated) carbon copy, and that carbon copy bounces with an error for any reason, the server MUST NOT forward that error back to the original sender."

  227. Ge0rG

    Kev: I received error bounces from my contact, and error bounces for Carbons should go to the account and not to the chat partner, so obviously there were no carbons involved.

  228. Kev

    Holger: But what when the carbons were delivered and the originals bounced? It's horrid.

  229. Kev

    Ge0rG: ^

  230. Ge0rG

    Kev: yes. That's exactly what happened.

  231. Holger

    Kev: Yes. Or when the user will receive the messages from MAM.

  232. Holger

    You can easily make the right decision simply by looking into the future.

  233. Ge0rG

    I had a nice conversation full of green checkmarks, and then *BAM!* the zombie exploded and it was all full of "✖ cancel: recipient-unavailable"

  234. Kev

    Holger: I'm not convinced it'd be easy, even then :)

  235. daniel

    The real jid annotation for non anonymous mucs also won't work if the archive is on the user's server

  236. daniel

    I've made all these arguments in my original mail by the way

  237. Kev

    All of them? I'd forgotten about dedup, in that case.

  238. Ge0rG

    It wasn't explicitly called dedup, but: > And even worse the messages will be included in a normal catchup (when I don't necessarily want them)

  239. Ge0rG

    So, what about storing MUC-PMs in MAM?

  240. Kev

    Those you certainly want in there, because they won't be stored anywhere else. That much I'm confident I'm not wrong about.

  241. jonasw

    Ge0rG, blame the client for taking type='error' responses into account after a MDR has been received.

  242. Kev

    (The real-jid thing is a problem with stripping elements, that I'm fairly convinced MAM shouldn't do too liberally)

  243. jonasw

    Kev, MUC-PMs are really bad in MAM. how would a client not knowing about the MUC distinguish one or more MUC-PM conversations in the same MUC from a single conversation with a random entity?

  244. Ge0rG

    jonasw: in a multi-client scenario, there is no right way to handle MDR / error responses, in any order.

  245. jonasw

    Kev, MUC-PMs are really bad in MAM. how would a client not knowing about the MUC distinguish one or more MUC-PM conversations in the same MUC from a single conversation with an entity having the MUCs JID?

  246. Ge0rG

    jonasw: <x/> tags!

  247. jonasw

    Ge0rG, what’s wrong with MDR wins?

  248. Holger

    jonasw: MUC PMs are really bad regardless of MAM.

  249. jonasw

    Holger, no reason to make them worse by offering them to clients which don’t even know about the MUC

  250. Kev

    jonasw: The issue there is really clients not knowing that it's a MUC - and they do have that information available to them.

  251. jonasw

    Kev, so essentially clients need to support XEP-0045 to use MAM? :)

  252. Ge0rG

    jonasw: "MDR wins" will lead to situations where only a buried secondary client received the message and MDRed it, and it still didn't arrive where it was urgently needed

  253. Holger

    jonasw: So don't offering them to clients who do know about the MUC is the obvious solution?

  254. Holger

    s/don't/not/

  255. jonasw

    Holger, I think so

  256. Ge0rG

    Kev: clients don't generally know which JID is a MUC

  257. Holger

    jonasw: "Jonas, you installed me this app and now I LOST MESSAGES!"

  258. Kev

    Ge0rG: They can do, they only have to ask.

  259. jonasw

    Ge0rG, tricky, but then again, that other client which wanted to have them is offline, and should sync with MAM on reboot

  260. daniel

    I mean the dedup issue can be solved fairly easily by a simple store everything and blame the clients rule

  261. jonasw

    Holger, we should disable MUC PMs in all clients.

  262. jonasw

    being polemic here :)

  263. daniel

    Plus nobody will notice because we will just discard messages anyway

  264. Holger

    jonasw: I would agree if you weren't polemic :-)

  265. daniel

    > jonasw: I would agree if you weren't polemic :-) 👍

  266. jonasw

    Holger, I may be even serious, I’m not entirely sure.

  267. Ge0rG

    Kev: that involves at least one connection over an unreliable network medium.

  268. Ge0rG

    jonasw: except not all clients support MAM.

  269. Ge0rG

    Kev: in your client architecture, it might be okay to delay the processing of an incoming message until a separate query to a server has been fired off and completed.

  270. Ge0rG

    I just hope that you have a query manager that doesn't fire off the lookup for each individual message in the MAM flood.

  271. Ge0rG

    > Each field MUST specify whether it defines METADATA to be attached to the item, a per-item OVERRIDE of the node configuration, or a PRECONDITION to be checked against the node configuration. What does that sentence from 0060 mean in English?

  272. Zash

    You have to say what the field does when you register it.

  273. Ge0rG

    when I register the field?

  274. Zash

    Yes. In the registry for that. Publish-options?

  275. Ge0rG

    But I'm publishing an item, not registering a field.

  276. Zash

    Ge0rG: Do you want to know what each of those three terms mean or somethnig?

  277. jonasw

    Ge0rG, I hate things

  278. Ge0rG

    Zash: that, too.

  279. Ge0rG

    Zash: it just doesn't make any sense to me.

  280. jonasw

    Ge0rG, <publish-options/> uses a form with defined fields

  281. Ge0rG

    jonasw: right.

  282. jonasw

    the field registry tells you whether it’s METADATA, per-item OVERRIDE or PRECONDITION

  283. jonasw

    the sentence you quoted enforces that

  284. Zash

    preconditions makes the publish fail if the value does not match the node config

  285. Zash

    overrides changes the node config, but only for that item

  286. Ge0rG

    jonasw: when grepping the XEP for METADATA, I only find other metadata and the quoted sentence, not an explanation.

  287. Zash

    Ge0rG: "metadata"

  288. Zash

    Ge0rG: I think that might be what the stuff in Push is

  289. Ge0rG

    §5.4 Discover Node Metadata?

  290. daniel

    Ge0rG, it exists because you have to register all form fields and you might want form fields that are NOP

  291. Ge0rG

    or maybe Stanza Headers and Internet Metadata (XEP-0131)?

  292. daniel

    https://gist.github.com/iNPUTmice/7c52785ed69787516abb60e31703dbd2 describes how to use publish-options from a client perspective in case this helps

  293. Ge0rG

    daniel: thanks, maybe that will enlighten me.

  294. jonasw

    Ge0rG, https://xmpp.org/extensions/xep-0357.html#publishing Example 13. Server publishes a push notification with provided publish options

  295. jonasw

    I think that’s an example of metadata

  296. jonasw

    it is neither a precondition nor a per-item override

  297. jonasw

    it is neither a precondition nor a per-item override of configuration

  298. jonasw

    but something which is used by the pubsub service to do things

  299. Zash

    Do Things™

  300. Ge0rG

    okay, so publish-options is overloaded with three comepletely different semantics, one of them to add meta-data content to the published event, another to check node configuration and a third one to change node configuration for this item?

  301. Zash

    Yes

  302. jonasw

    Ge0rG, yes.

  303. Ge0rG

    Can't they just write that into the XEP?

  304. Zash

    It would be nice to split that into three different forms.

  305. Zash

    Buuuuut uh

  306. daniel

    fwiw one of my PRs gets rid of override

  307. Ge0rG

    Zash: I presume "But backward compat"

  308. Zash

    Ge0rG: p much

  309. Ge0rG

    now I need to understand what "node configuration" is.

  310. daniel

    because it was never used we can savely removeit

  311. Holger

    Or just ditch METADATA and OVERRIDE.

  312. Zash

    Altho since nobody used any of that until daniel started doing it with OMEMO ...

  313. Zash

    Holger: And ditch PubSub in Push entirely?

  314. Holger

    Zash: Yes, currently it's non-standard anyway.

  315. daniel

    > Altho since nobody used any of that until daniel started doing it with that's probably true for a couple of things

  316. Zash

    Altho it is mentioned by 222 or 223, which nobody supports.

  317. Zash

    So, nm

  318. Holger

    Zash: push says I can add arbitrary custom data. 0060 forbids that.

  319. Zash

    Hnng

  320. daniel

    Zash, the push xep is not really an issue because that particular pubsub service doesn't have to annouce publish-options and all is good

  321. daniel

    put we can register that one push publish-options keyword as metadata if you prefer that

  322. Holger

    Yes, it is just not a PubSub service.

  323. daniel

    it's just the app server sort of accepting one pubsub like command for what ever reason

  324. Holger

    As you can't use a standard PubSub service for this anyway, it doesn't matter indeed.

  325. Holger

    daniel: ChatSecure uses different fields FWIW.

  326. daniel

    Either way it doesn't conflict wit the wording in xep60

  327. Holger

    Well but only because this is not 0060-PubSub but a 0357-specific protocol with PubSub-like syntax.

  328. Holger

    This still annoys me but admittedly it's a separate issue.

  329. Ge0rG

    0357 is overly complex, isn't it?

  330. daniel

    You just couldn't run a pubsub service and an app server on the the jid

  331. daniel

    Not sure why one would want that

  332. Holger

    Ge0rG: No it's simple IMO. Just (a) underspecified and (b) used PubSub-like syntax for no good reason except to mislead client developers into believing they could use a PubSub service when implementing an app server.

  333. Holger

    daniel: Yes there's just problem if the developer understands all that.

  334. Holger

    *no problem

  335. jonasw

    okay

  336. jonasw

    now for real: what is the most deployed avatar protocol currently?

  337. Zash

    Define deployed

  338. jonasw

    actually used in the wild

  339. jonasw

    "will make my client show an avatar with the highest likelihood"

  340. Zash

    "All of the above"

  341. Zash

    Make a thing that collects stats?

  342. jonasw

    I’m slightly frustrated after seeing that XEP-0153 support doesn’t bring much in my roster and now I’m afraid that it might in fact all be xep8

  343. Zash

    Conversations popularity might have shifted it quite a bit for 84

  344. Zash

    But, don't like Pidgin even support both?

  345. jonasw

    pidgin doesn’t support PEP for sure

  346. jonasw

    or medium-sure

  347. Zash

    Are you sure?

  348. jonasw

    no

  349. jonasw

    I’m confused

  350. Holger

    It does.

  351. jonasw

    and frustrated

  352. jonasw

    and hungry

  353. Zash

    I thought I saw Mood and stuff in there

  354. Holger

    Pidgin supports both vCard and PEP avatars.

  355. Holger

    And it publishes both.

  356. jonasw

    okay, but not XEP8?

  357. Zash

    That's the second time you write XEP8

  358. Zash

    -xep 8

  359. Bunneh

    Zash: IQ-Based Avatars (Historical, Deferred, 2005-06-16) See: https://xmpp.org/extensions/xep-0008.html

  360. Zash

    Wat?!

  361. Holger

    Hah.

  362. Holger

    jonasw: I don't think so :-)

  363. Zash

    Now I'm possibly just as confused as you are

  364. Zash

    -xep 84

  365. Bunneh

    Zash: User Avatar (Standards Track, Draft, 2016-07-09) See: https://xmpp.org/extensions/xep-0084.html

  366. jonasw

    Zash, that’s good

  367. jonasw

    I don’t feel so alone anymore

  368. Zash

    Let's all just switch to xep 8 and {xep user profile}

  369. Bunneh

    Zash: Multiple matches: User Profile https://xmpp.org/extensions/xep-0154.html Extensible SASL Profile https://xmpp.org/extensions/inbox/sasl2.html Tree Transfer Stream Initiation Profile https://xmpp.org/extensions/xep-0105.html Profiles https://xmpp.org/extensions/xep-0006.html XMPP Date and Time Profiles https://xmpp.org/extensions/xep-0082.html Message Stanza Profiles https://xmpp.org/extensions/xep-0226.html Extensible SASL Profile https://xmpp.org/extensions/xep-0388.html User Mood https://xmpp.org/extensions/xep-0107.html User Tune https://xmpp.org/extensions/xep-0118.html User Time Zone https://xmpp.org/extensions/inbox/peptzo.html User Avatar https://xmpp.org/extensions/xep-0084.html User Activity https://xmpp.org/extensions/xep-0108.html

  370. Zash

    oh dear

  371. jonasw

    I‘d like to know for example how the heck to get georgs avatar

  372. Zash

    -xep 6

  373. Bunneh

    Zash: Profiles (SIG Formation, Obsolete, 2002-05-08) See: https://xmpp.org/extensions/xep-0006.html

  374. jonasw

    because it doesn’t seem to be in either PEP or vCard

  375. jonasw

    cc @ Ge0rG ^

  376. Zash

    -xep 154

  377. Bunneh

    Zash: User Profile (Standards Track, Deferred, 2008-04-18) See: https://xmpp.org/extensions/xep-0154.html

  378. Zash

    A data form?

  379. jonasw

    pidgin shows much more avatars than jabbercat with 153 and 84.

  380. jonasw

    could still be a bug in the 153 impl, but ...

  381. Zash

    I have this feeling that it uses the wrong namespace for something

  382. Zash

    Or am I confused?

  383. Zash

    -xep 154

  384. Bunneh

    Zash: User Profile (Standards Track, Deferred, 2008-04-18) See: https://xmpp.org/extensions/xep-0154.html

  385. Zash

    -xep 153

  386. Bunneh

    Zash: vCard-Based Avatars (Historical, Active, 2006-08-16) See: https://xmpp.org/extensions/xep-0153.html

  387. Zash

    After performing an unscientific test, 27% of presence I see seems to have vcard-temp

  388. jonasw

    any jabber:x:avatar?

  389. Zash

    In a moment

  390. jonasw

    thank you very much for measuring

  391. Zash

    This CLI client tends to become unhappy about presence floods

  392. Zash

    rlwrap + long, colored lines => unhappyness

  393. Zash

    Also, FWIW, I did not count the cached presence I got, which has only <show> and <delay>

  394. jonasw

    I’m happy with a > 0 result in fact

  395. Zash

    Hm, but are these even comparable?

  396. jonasw

    why wouldn’t they?

  397. Zash

    Not all servers send presence for offline contacts

  398. Zash

    Also some may have multiple online devices

  399. Zash

    I get '84 notifications from 37% of contacts

  400. Zash

    And like 2.4 presences per contact...

  401. Zash

    jonasw: 153 needs at least one *currently online client* to work (or you could poll vcards)

  402. jonasw

    Zash, does it?

  403. Zash

    While 84 needs at least one client to have published an avatar at some point in the past (modulo server persistence support or uptime)

  404. jonasw

    but 153 stores the avatar at the server, too?

  405. jonasw

    and there’s that presence notification thing

  406. Zash

    jonasw: Right. Notifications as defined by 153 requires an online client. Altho I suppose a server could inject the thing into offline presence.

  407. Zash

    Not aware of any doing the later

  408. Zash

    Could inject into online presence too

  409. Zash

    Server could even sync the avatar data between them. Mine does that for example.

  410. jonasw

    can we have that in prosody? ;-)

  411. Zash

    Write a plugin ;)

  412. jonasw

    how does your server do that?

  413. zinid

    jonasw, done in ejabberd like 10 years ago 🙂

  414. Zash

    zinid: which part?

  415. zinid

    Zash, both

  416. zinid

    pep<->vcard sync, and xupdate injection

  417. jonasw

    zinid, neat, that probably explains why I’m seeing a lot of PEP avatars

  418. zinid

    as well as possibility to convert between image formats

  419. Zash

    Someone did a thing for that for prosody too

  420. zinid

    yeah, prosody also has such modules, but not sure about xupdate injection

  421. Zash

    I'm not aware of any doing that, no

  422. Zash

    Wouldn't be hard

  423. zinid

    yeah, it's trivial

  424. zinid

    it was a contribution back then

  425. zinid

    the only problem is to make sure direct presences are also modified, it's a bit harder in ejabberd

  426. zinid

    probably in prosody this doesn't matter

  427. Zash

    Not too hard, no

  428. zinid

    well, resending all direct presences is a problem, I need to solve it finally 🙂

  429. Zash

    57% image/png 29% image/webp 14% image/jpeg

  430. zinid

    we recommend webp -> jpeg convertion

  431. zinid

    I mean in ejabberd

  432. Kev

    Right, GOK how many hours later, I think I'm finally up to date with LC reviews and feedback.

  433. marc

    Ge0rG, one problem of combining user-invitation (account creation) and PARS is that both have different constraints regarding token lifetime

  434. marc

    a token for account creation should only valid for a single invitation whereas a PARS token could be used multiple times (see ML)

  435. marc

    combining both would mean that we have to set N=1 for PARS as well

  436. Ge0rG

    marc: if you read the PARS XEP, you might find out that the default use case is N=1 😜

  437. marc

    Ge0rG, yes, just read the ML and saw the idea of N > 1 and offline usage

  438. Ge0rG

    marc: obviously the token limitations need to be shared by pars and account invitation

  439. marc

    Ge0rG, yes, that's what I said ;)

  440. Ge0rG

    Yes, and how is that a problem?

  441. marc

    Ge0rG, just liked the idea of offline usage and N > 1 for PARS

  442. marc

    Just that ;)

  443. Ge0rG

    I didn't like N>1 very much, but I can live with it

  444. daniel

    Ge0rG: wait didn't you introduce this?

  445. daniel

    I vaguely remember me trying to convince you that we only need n=1

  446. Ge0rG

    daniel: wait. I didn't like N=infinity.

  447. daniel

    there is only 0,1 and infinity

  448. Ge0rG

    daniel: but then you convinced me that 1 and infinity are the only two useful cases, or some such.

  449. daniel

    so everything >1 is infitiny

  450. Ge0rG

    daniel: but if we start out with an ad hoc command anyway, we can make it N=1

  451. daniel

    oh right i wanted to make it time constrained to cover the use case of sending the same email to multiple recipients

  452. Ge0rG

    Yeah, and I hoped that people expect invitation links to work only once

  453. marc

    Ge0rG, as long as you can live with server-side PARS everything is fine :D

  454. moparisthebest

    I missed the recent stuff, but wasn't PARS originally supposed to work if implemented by server OR client ?

  455. Ge0rG

    moparisthebest: yes. I still can see a sensible fallback for servers without support

  456. moparisthebest

    I think that's the ideal situation

  457. marc

    Ge0rG, but that's a client decision and I would vote against it :]

  458. moparisthebest

    requiring server support immediatly puts widespread use off for years

  459. Ge0rG

    marc: you would vote against what exactly?

  460. marc

    providing user invitation on client-side as fallback

  461. marc

    because it leads to different behaviour and might confuse users

  462. moparisthebest

    so it's better to have no fallback and things just not work?

  463. moparisthebest

    that wouldn't confuse users

  464. Ge0rG

    "why don't I have that invite button you are talking about?"

  465. Ge0rG

    marc: I'm not sure if you try to out-troll me or if you are serious...

  466. marc

    IMO it is better to tell user why something is not available / possible instead of silenty change the behaviour

  467. marc

    Ge0rG, no, I don't waste my time with trolling

  468. marc

    Ge0rG, that's just my experience with XMPP/Jabber novices

  469. Ge0rG

    marc: so you want to teach users how what they want is impossible, instead of making it work in the 90% case?

  470. marc

    Ge0rG, client-side PARS is available in a single client

  471. marc

    90 %?

  472. marc

    What is for users with other clients, older versions etc.

  473. moparisthebest

    so a "Sorry please tell your server administrator to enable PARS" is preferable to it just working?

  474. Ge0rG

    marc: even with manual approval, the invitation link is a great improvement of the user story

  475. moparisthebest

    that's how you get "I tried XMPP once, it sucks"

  476. Ge0rG

    marc: pars will work with your client, I just need to push one more button

  477. moparisthebest

    marc, if I had to guess, a single client is 90%+ of new users (conversations)

  478. marc

    moparisthebest, I have lots of users with old Conversations versions

  479. marc

    Same is true for Gajim

  480. marc

    Because your distro doesn't always provide the newest version

  481. Ge0rG

    marc: the nice thing about PARS is it's 100% backwards compatible

  482. marc

    It's just my experience with my users

  483. Ge0rG

    marc: so I really don't understand what's your problem

  484. Zash

    FWIW Conversations having a server features list thing seems to work.

  485. Zash

    I don't think normal users actually understand it, other than a list of checkboxes that they want to be all green

  486. marc

    Ge0rG, I wouldn't call it problem, just my opinion regarding UX and experience with non-pro-users

  487. Zash

    And like, don't underestimate how much humans wants to collect imaginary internet points

  488. Ge0rG

    marc: I've implemented pars in yaxim, so it might have some 5000 users now. And it doesn't need users to migrate to another server or seeing "you are not allowed to do this, Dave"

  489. Ge0rG

    marc: computers are supposed to do the work for their user, not to teach them how they are doing it wrong

  490. Zash

    Ge0rG: +inf

  491. moparisthebest

    marc what % of users use old clients vs what % use old servers I wonder

  492. moparisthebest

    seems clients update much more often to me

  493. Zash

    Survey time?

  494. marc

    moparisthebest, that's correct but implemting a feature on client-side because all the public servers suck is not a solution. Nobody will join the XMPP network without "standard" features which are not available on exactly those server you're talking about

  495. marc

    So the basic problem are the available servers and their operators

  496. moparisthebest

    so if something can be implemented on the server with a sane on the client fallback, you should do it that way, imho

  497. Ge0rG

    marc: let's just shut down all public servers except conversations.im

  498. Ge0rG

    It's the only one supporting all conversations features anyway

  499. marc

    Ge0rG, you don't agree?

  500. marc

    It's hard to convince somebody to join XMPP because of privacy,decentralization, etc.

  501. marc

    But if you tell the users "Image sharing is not possible in group chat" they just laugh at you

  502. moparisthebest

    no you want to convince them that it works better than anything else

  503. moparisthebest

    and uh, wasn't that image sharing in muc solved by http upload years ago?

  504. marc

    moparisthebest, yes, but lots of server don't support it

  505. marc

    That's my point ;)

  506. Zash

    Nothing matters, except network effects.

  507. marc

    Zash, not really, if you lack basic features you have no chance

  508. Zash

    I'm pretty sure people will use garbage if it lets them talk to their friends.

  509. moparisthebest

    so I had a question about that actually, http upload doesn't need server support right? at least from *your* server, like apps could hardcode httpupload.someremote.component

  510. moparisthebest

    is that frowned upon or disallowed in XEPs or

  511. Zash

    Garbage with a larger marketing department than what you have

  512. Ge0rG

    marc: so now you try to force users to move by telling them that their server sucks. They won't like that

  513. Zash

    moparisthebest: That'd be like Pidgin & co hardcoding proxy.eu.jabber.org as file transfer proxy

  514. moparisthebest

    so what I imagined, not sure how legit this is or not

  515. moparisthebest

    is what if xsf set aside some subdomains

  516. moparisthebest

    *.component.xmpp.org

  517. moparisthebest

    and http upload registered httpupload.component.xmpp.org

  518. moparisthebest

    and all clients could hardcode a fallback to that

  519. moparisthebest

    and all servers could hardcode a local service serving that domain if they wished

  520. marc

    Ge0rG, sorry to say that but most server sucks... last time I ask somebody to send me a picture and I received a jingle file transfer (not working of course) and I forget that this user is on a shitty server...

  521. moparisthebest

    are there downsides to that?

  522. Zash

    Data at rest is afaik legally different from data in transit (eg passing through a proxy)

  523. Zash

    so, that would be horrifying

  524. Zash

    And not something I'd wanna do if I were on the iteam

  525. moparisthebest

    so possibly httpupload is a bad example because of that

  526. moparisthebest

    but what if it was a passthrough type component

  527. moparisthebest

    I'm particularly interesting because I have something exactly like this in mind :)

  528. SamWhited

    All of this is why you shouldn't try to get people to "use XMPP" or "use Jabber" you should get them to "use jabber.at" or "use <my-favorite-service>" and don't even tell them that it's "XMPP" or "jabber"

  529. Ge0rG

    I don't even want to know what my users upload to http.

  530. Zash

    HTTP passtrough? Still, look at how well proxy.eu.jabber.org is doing

  531. marc

    SamWhited, +1

  532. marc

    Ge0rG, of course I offered this guy to join my server...

  533. Ge0rG

    marc: of course you did.

  534. moparisthebest

    Zash, think of it as a bot type thing, you send it things, it sends them back

  535. marc

    Ge0rG, yeah because now this guy is in 2017 and can send images without configuring a STUN server or use other shitty solutions...

  536. Ge0rG

    Yesterday I migrated a user from jabber.org to yax.im because of Emoji in nicknames

  537. marc

    Ge0rG, :>

  538. Zash

    Robot face strikes again, sorta

  539. marc

    Ge0rG, and that's just HTTP upload, let's not talk about E2E/OMEMO...

  540. Ge0rG

    marc: you need to give the users positive incentives to switch, not force them

  541. Ge0rG

    I don't even know why we are arguing here

  542. Zash

    I don't even know what you are arguing about.

  543. marc

    Ge0rG, switch to XMPP or other servers?

  544. Ge0rG

    Zash: About whether PARS should have a client side fallback to compensate for outdated servers

  545. marc

    And about the general idea to solve the "shitty server" problem with client-side workarounds

  546. Zash

    Aren't we all doing that, solving problems by fixing them locally? :)

  547. Zash

    It probably doesn't matter as much if you manage peoples expectations.

  548. Ge0rG

    Zash: expectations like "XMPP sucks anyway"?

  549. Zash

    If people expect it to suck, then they can only have positive suprises! :)