XSF Discussion - 2018-02-15


  1. efrit has left

  2. efrit has joined

  3. moparisthebest has joined

  4. Guus has left

  5. efrit has left

  6. efrit has joined

  7. marc has left

  8. Tobias has joined

  9. Alex has left

  10. jere has joined

  11. jere has joined

  12. Alex has left

  13. jere has joined

  14. waqas has joined

  15. waqas has left

  16. Tobias has joined

  17. jere has joined

  18. vanitasvitae has left

  19. moparisthebest has joined

  20. moparisthebest has joined

  21. la|r|ma has left

  22. la|r|ma has joined

  23. jere has joined

  24. Tobias has joined

  25. jere has left

  26. lskdjf has joined

  27. jere has joined

  28. SamWhited has left

  29. jere has joined

  30. jjrh has left

  31. matlag has left

  32. Tobias has joined

  33. jere has joined

  34. efrit has left

  35. Tobias has joined

  36. lskdjf has left

  37. la|r|ma has left

  38. andrey.g has left

  39. andrey.g has joined

  40. Guus has left

  41. jere has joined

  42. Tobias has joined

  43. la|r|ma has left

  44. la|r|ma has joined

  45. Guus has left

  46. jjrh has left

  47. jjrh has left

  48. jjrh has left

  49. jere has joined

  50. Anu has joined

  51. Anu has left

  52. lskdjf has left

  53. jjrh has left

  54. rion has joined

  55. rion has left

  56. rion has joined

  57. lskdjf has joined

  58. rion has left

  59. la|r|ma has left

  60. andy has joined

  61. Yagiza has joined

  62. vanitasvitae has left

  63. SamWhited has left

  64. Tobias has left

  65. la|r|ma has joined

  66. lskdjf has joined

  67. Tobias has joined

  68. rion has joined

  69. andy has left

  70. Zash has left

  71. Zash has left

  72. Zash has joined

  73. andy has joined

  74. Lance has joined

  75. Lance has left

  76. suzyo has joined

  77. andy has left

  78. andy has joined

  79. matlag has left

  80. moparisthebest has joined

  81. Yagiza has left

  82. Yagiza has joined

  83. Dave Cridland has left

  84. Dave Cridland has left

  85. Dave Cridland has left

  86. Dave Cridland has joined

  87. Holger has left

  88. Guus has left

  89. goffi has joined

  90. andy has left

  91. Guus has left

  92. marc has left

  93. ralphm has left

  94. Dave Cridland has left

  95. winfried has joined

  96. winfried has joined

  97. jonasw

    jjrh, yeah, threading comes up once in a while

  98. jonasw

    there’s protocol support, but nobody has thought of a good UX which doesn’t break when not all clients participate

  99. Zash

    And how would you do the UI without getting in the way of the user?

  100. jonasw

    yeah

  101. jonasw

    all of that

  102. ralphm has joined

  103. nyco has left

  104. Seve

    What do you mean?

  105. jonasw

    Seve, with what specifically?

  106. Seve

    'getting in the way of the user'

  107. jonasw

    being more of a burden than it is useful

  108. Seve

    Ah, ok :)

  109. Seve

    Slack has threads, but I don't know how people use them.

  110. jonasw

    for example by being confusing or by requiring a lot of UI interaction which isn’t necessary otherwise for little gain etc. etc.

  111. Seve

    Thank you, I understand now :)

  112. andy has joined

  113. daniel

    i thought about the HTTP upload. I think i'm just gonna white list Authorize, Cookies and X-* Headers. if that's not enough to make your upload api work than so be it. and just white listing headers instead of introducing new syntax helps me to avoid a namespace bump.

  114. Zash

    But X-* is deprecated

  115. daniel

    ok. minus X- then. so holger has to live with putting his stuff in a cookie then

  116. jonasw

    daniel, Expires?

  117. daniel

    if it doesn't go through council with these rules then so be it

  118. daniel

    jonasw, Expires? really?

  119. jonasw

    yes; it could be signed in Authorization, but it would be telling the client how long the file will stay alive

  120. Zash

    Does it really need a (black|white)list?

  121. Holger

    I can live with abusing some header for my special use case. I still fail to see how this helps with security but meh.

  122. jonasw

    https://www.dropbox.com/developers/documentation/http/documentation

  123. jonasw

    are you kidding me

  124. jonasw

    this is a single html page, without index, which contains *all* the API endpoints of dropbox?

  125. jonasw

    so dropbox allows to use a query argument instead of an header, we’re good

  126. jonasw

    (otherwise, it’d need Dropbox-API-Arg)

  127. daniel

    jonasw, do they even have preauthed urls?

  128. jonasw

    daniel, dunno

  129. daniel

    that feels a bit un-dropboxy

  130. jonasw

    somebody mentioned it yesterday

  131. remko has joined

  132. Dave Cridland has left

  133. daniel

    ok. expires, authorize and cookie it is then. but only because having three items in a white list sounds better then having just two

  134. jonasw

    nextcloud seems to be a plain PUT normally. I think they assume some Cookie or something.

  135. daniel

    jonasw, yes i brievely looked at these apis before and none of them seem to support preauth/one time upload things anyway

  136. intosi has left

  137. daniel

    so you probably wouldn't use them in practice anyway

  138. jonasw

    true

  139. daniel

    unless your server knows your own dropbox password or something weird

  140. jonasw

    yeah, S3 is probably the most relevant API thing then

  141. MattJ

    jonasw, NextCloud is Authorization or Cookie (I checked yesterday)

  142. MattJ

    S3 supports query string, including at least one of the clones I checked (minio)

  143. Zash

    In the case of Dropbox, it seems weird to me that the XMPP server would be the one that provides that service

  144. MattJ

    Zash, in my mind you link your XMPP account with Dropbox (via a page served by the XMPP service)

  145. Zash

    A transport!

  146. MattJ

    It gets OAuth-approved, and the credentials go into Authorization

  147. MattJ

    Ah, a fun thing

  148. Zash

    Couldn't all this be done locally without XMPP?

  149. Zash

    Assuming you have some kind of dropbox client installed

  150. MattJ

    I wonder if there are services where you don't know the GET location until you upload

  151. MattJ

    e.g. with Dropbox you would upload, and then you have to share the file to create a link for someone else to download it

  152. Zash

    Get some NextCloud and Dropbox devs into a room and don't let them out until they present a standard-ish interface (android intent) for this

  153. MattJ

    glhf

  154. daniel

    maybe we just leave the xep in experimental until someone actually writes a s3 or dropbox or whatever service

  155. daniel

    and then we'll know

  156. Zash

    Speaking of not knowing the location until after upload, I've got a bunch of things where the GET URL is dependent on the content of the files

  157. MattJ

    Ok, well I at least want to do an S3 one soon. I don't have NextCloud to test with, and Dropbox requires some OAuth stuff

  158. Zash

    Something something Location header returns the GET URL?

  159. Dave Cridland has left

  160. jonasw

    Zash, that sounds very reasonable

  161. Guus has left

  162. daniel

    ok. let's leave the xep experimental. you write the service with the location header (if the get url is omitted in the orignial slot response) and then we know if that works and change the xep

  163. jonasw

    daniel, how about "omit <get/> to indicate that the <put/> request will return the GET URL via Location header"?

  164. daniel

    let me know if you have something ready Zash and i get you a Conversations build to test this with

  165. Zash

    daniel: There's my pastebin, q.zash.se

  166. Zash

    Tho it receives as POST

  167. daniel

    that's probably i quick fix. and it would of course need to annouce itself over http upload

  168. daniel

    *a

  169. Zash

    Hm

  170. Zash

    Doesn't seem to use Location tho

  171. Dave Cridland has left

  172. Dave Cridland has left

  173. Zash

    And now it does

  174. Dave Cridland has left

  175. jonasw

    does it also use PUT?

  176. Zash

    no

  177. Guus has left

  178. Guus has left

  179. Dave Cridland has left

  180. Fabian has joined

  181. Dave Cridland has left

  182. bear has left

  183. Dave Cridland has left

  184. Dave Cridland has left

  185. Kev has joined

  186. Dave Cridland has left

  187. moparisthebest has joined

  188. ralphm has joined

  189. Dave Cridland has left

  190. rion has left

  191. rion has joined

  192. Dave Cridland has left

  193. Dave Cridland has left

  194. tim@boese-ban.de has joined

  195. Dave Cridland has left

  196. andy has left

  197. Dave Cridland has left

  198. Kev has left

  199. andy has joined

  200. andy has left

  201. andy has joined

  202. daniel

    https://gultsch.de/files/xep-0363.html

  203. daniel

    Ge0rG, does that sufficiently address your concerns as council?

  204. jonasw

    daniel, did you exclude newlines from the header values?

  205. jonasw

    from a quick glance I can’t see that

  206. daniel

    jonasw, yes. in december already

  207. jonasw

    maybe put that in the text above the example, too

  208. Dave Cridland has left

  209. daniel

    done

  210. andy has left

  211. Dave Cridland has left

  212. Ge0rG

    daniel: reading now, also "especially the file ending intact" --> "extension" is a better word here

  213. Ge0rG

    daniel: "MUST not" --> "MUST NOT"

  214. Ge0rG

    daniel: I'd say that this scheme is still susceptible to idiot developers. Please just define optional <authorization>, <cookie> and <expires> elements.

  215. jonasw

    > 07:22:50 daniel> i thought about the HTTP upload. I think i'm just gonna white list Authorize, Cookies and X-* Headers. if that's not enough to make your upload api work than so be it. > and just white listing headers instead of introducing new syntax helps me to avoid a namespace bump.

  216. Ge0rG

    oh.

  217. Zash

    Idiot proof protocol design?

  218. Ge0rG

    you don't technically need a namespace bump, you could work around it with caps.

  219. Ge0rG

    daniel: please also add a point to the Security about the client potentially being exploitable to SSRF / https://cwe.mitre.org/data/definitions/918.html

  220. Zash

    A namespace for every SHOULD and MAY

  221. daniel has left

  222. Zash

    Feature *

  223. Ge0rG

    Zash: much better than just incrementing the version each time.

  224. Steve Kille has left

  225. Ge0rG

    the current proposal is much better, but then you end up with the XHTML-IM Implementor's Fallacy

  226. Zash

    Except for the complexity explosion

  227. Ge0rG

    better than before, that is.

  228. Steve Kille has joined

  229. rion has left

  230. Holger

    I disagree 🙂

  231. intosi has joined

  232. Kev has joined

  233. Ge0rG

    Holger: with what exactly?

  234. Holger

    With it being better than before. But more discussion won't help I guess.

  235. jubalh has joined

  236. intosi has left

  237. intosi has joined

  238. ralphm has left

  239. Dave Cridland has left

  240. Steve Kille has left

  241. uc has joined

  242. uc has joined

  243. marc has joined

  244. mimi89999 has left

  245. mimi89999 has left

  246. uc has left

  247. daniel

    Ge0rG, can you word that as a full normative sentence

  248. mimi89999 has joined

  249. uc has joined

  250. Ge0rG

    daniel: yes, as soon as I find some time.

  251. daniel

    because i frankly don't understand the issue well enough to word that myself

  252. had-hoc has left

  253. stefandxm has left

  254. daniel

    i'm not really sure what the client should do about this though

  255. daniel

    if your wifi router is broken your wifi router is broken

  256. daniel

    unless we really want to enforce some same origin stuff

  257. Ge0rG

    I think the most sane way is to prevent automatic re-requesting of slots.

  258. blabla has joined

  259. blabla has joined

  260. had-hoc has joined

  261. SaltyBones has left

  262. Flow

    > Zash> And how would you do the UI without getting in the way of the user?

  263. Flow

    Remeber Google Wave?

  264. Flow

    It was/is even XMPP based

  265. Zash

    Flow: Remember how I'm probably the most anti-Google person here? Guess how much time I spent trying Wave

  266. Flow

    Not much since you are anti google?

  267. Flow

    Or is it the other way around: Young neutral Zash once tried Wave years ago and never looked at google again?

  268. Zash

    I assume it required a Google account, which I refuse to get.

  269. Flow

    The code is still around if you want to give it a second chance: http://incubator.apache.org/projects/wave.html

  270. rion has joined

  271. Flow

    Although the apache project retried 4 weeks ago :(

  272. Zash

    I read the specs. I meh'd.

  273. Zash

    Binary XML deltas in ProtocolBuffers over XMPP or somethincg

  274. Flow

    fancy

  275. SaltyBones has left

  276. andy has joined

  277. SaltyBones has joined

  278. Alex has joined

  279. Steve Kille has left

  280. andy has left

  281. Steve Kille has joined

  282. Tobias has left

  283. jubalh has joined

  284. jubalh has left

  285. Guus has left

  286. Dave Cridland has left

  287. stefandxm has joined

  288. ralphm has joined

  289. georg has joined

  290. nyco has left

  291. Guus has left

  292. uc has left

  293. uc has joined

  294. stefandxm has left

  295. lumi has joined

  296. georg has left

  297. uc has joined

  298. uc has joined

  299. Dave Cridland has left

  300. Dave Cridland has left

  301. Fabian has left

  302. Dave Cridland has left

  303. Dave Cridland has left

  304. ralphm has joined

  305. jubalh has joined

  306. jere has joined

  307. Dave Cridland has left

  308. ralphm has joined

  309. Dave Cridland has left

  310. Dave Cridland has left

  311. jonasw

    would anyone with a good overview of current client and server features be able to be available between 17:30Z and 18:30Z?

  312. jonasw

    I’m talking to the university person who wants to establish some IM thing and they already have XMPP in mind. I’d like to be able to answer questions about specific things

  313. Seve

    Would be awesome if there is someone!

  314. Dave Cridland has left

  315. Zash

    Am I awake then?

  316. andy has joined

  317. daniel

    jonasw: sure. If you mention me I'm available. Not that I'm necessarily the expert in client and server feature availability. But I know _some_ things

  318. jonasw

    cool

  319. andy has left

  320. Dave Cridland

    jonasw, I know some stuff, but I'll be in and out around that time. But a mention *might* work.

  321. jonasw

    ok

  322. Zash

    jonasw: The magical time when most people are between work and home?

  323. Dave Cridland

    Zash, Home-office and settled-for-the-evening in my case.

  324. jonasw

    I didn’t choose that time :(

  325. SaltyBones has left

  326. Ge0rG has left

  327. MattJ

    jonasw, I'll be around

  328. jonasw

    wee, a bunch of people :)

  329. Kev

    I'll be on a train at that time, without connectivity, sorry.

  330. jubalh has left

  331. Guus has left

  332. jubalh has joined

  333. jubalh has left

  334. SaltyBones has left

  335. Zash has left

  336. Yagiza has left

  337. Guus has left

  338. Yagiza has joined

  339. tux has joined

  340. jubalh has joined

  341. marc has left

  342. stefandxm has joined

  343. valo has left

  344. valo has joined

  345. jubalh has left

  346. Kev

    SamWhited: I think Security Considerations in 393 could benefit from a note about stack exhaustion, given you're suggesting recursion for parsing.

  347. jonasw

    does it have a grammar by now?

  348. stefandxm has left

  349. moparisthebest has joined

  350. jere has joined

  351. lumi has left

  352. daniel

    Kev, MattJ would you be ok with annocing the mam preferences (at least the current default) in the disco accounts features (as a form)? if so i can prepare a PR for the XEP

  353. SaltyBones has left

  354. MattJ

    What's the reason?

  355. daniel

    i want to do my offline purge only if it is set to !never

  356. daniel

    and maybe during initial account setup prompt the user to enable it

  357. daniel

    w/o having to do the extra round trip for the preference discovery

  358. daniel

    primarily the first thing though. the other is just a nice bonus feature one could do

  359. jonasw

    can’t you interleave the preference discovery with other round-trips you have to do anyways?

  360. jonasw

    for account setup e.g. when setting the avatar

  361. jonasw

    or while the user picks the avatar or something like that

  362. daniel

    yes. that's why i said primarily the first thing

  363. jonasw

    maybe I’m confused what the first thing is; is it the offline purge?

  364. daniel

    yes

  365. jonasw

    if so, same argument holds, isn’t there something this can be paralleized with?

  366. Zash

    what is the offline purge?

  367. jonasw

    if so, same argument holds, isn’t there something this can be parallelized with?

  368. Fabian has joined

  369. daniel

    Zash, xep13

  370. jonasw

    Zash, -xep 13 i presume

  371. jonasw

    Zash, {xep 13} i presume

  372. Bunneh

    Zash: Flexible Offline Message Retrieval (Standards Track, Draft, 2005-07-14) See: https://xmpp.org/extensions/xep-0013.html

  373. jonasw

    I’m starting to get this right!

  374. jonasw

    anyways, gotta run

  375. andy has joined

  376. daniel

    jonasw, still traffic… and more blocking things before i can go online. it's more complicated in the clients code if I have to wait for two things (disco and preferences)

  377. Fabian has left

  378. suzyo has joined

  379. SaltyBones has joined

  380. Fabian has joined

  381. Fabian has left

  382. MattJ

    daniel, I don't feel too great about this for a number of reasons

  383. MattJ

    and since it boils down to the XEP-0013 purge, even less so

  384. MattJ

    I think that should be solved a different way - Prosody doesn't even support XEP-0013

  385. MattJ

    Yet not sending offline messages to MAM clients is totally trivial and something I was planning to do anyway

  386. MattJ

    and doesn't require bloating disco queries

  387. vanitasvitae has left

  388. jere has joined

  389. Ge0rG

    MattJ: please add it to 313.

  390. Ge0rG

    MattJ: also what we discussed regarding overlap of offline and MAM, and one of them being a pointer to the other one.

  391. remko has left

  392. Holger

    How do you know it's a MAM client?

  393. remko has joined

  394. MattJ

    Holger, MAM request before initial presence

  395. Yagiza has left

  396. Yagiza has joined

  397. la|r|ma has joined

  398. Yagiza has left

  399. Yagiza has joined

  400. Yagiza has left

  401. Yagiza has joined

  402. andy has left

  403. Kev

    I actually want preferences removed from 313 and split elsewhere, ideally.

  404. MattJ

    Yeah, I think that came up a couple of times in LC feedback, I'm in favour of that

  405. MattJ

    Also the pubsub stuff

  406. Ge0rG

    As long as there is a mechanism for the client to distinguish whether MAM was actively enabled on this account or not.

  407. daniel

    Ge0rG: why do clients need to tell?

  408. Ge0rG

    daniel: in the context of GDRP and generic data privacy considerations, a client should be able to tell the user that they give up their message contents now

  409. lumi has joined

  410. jere has joined

  411. daniel

    Ge0rG: I understand that a client might want to discover their settings. I don't understand why they need to discover the servers default

  412. Ge0rG

    daniel: let me rephrase that: the setting should be a tristate of "enabled / disabled / schroedinger"

  413. Ge0rG

    daniel: so a MAM-enabled client can move from schroedinger to enabled, but not override disabled to enabled if the user disabled MAM once.

  414. daniel

    i'm against clients enabling that automatically anyway. if anything it should ask during setup

  415. daniel

    but yes i understand your argument now

  416. Ge0rG

    during account setup? What if MAM is enabled later on? ;)

  417. Yagiza has left

  418. Yagiza has joined

  419. suzyo has joined

  420. Yagiza has left

  421. Yagiza has joined

  422. Tobias has joined

  423. Tobias has joined

  424. SamWhited

    Kev: maybe I should just say 'iterate over' then. Also, serious question, is that still a security issue? Do any compilers not put stack guards in place?

  425. la|r|ma has joined

  426. jubalh has joined

  427. Tobias has joined

  428. Tobias has joined

  429. Yagiza has left

  430. Yagiza has joined

  431. Ge0rG has left

  432. jere has joined

  433. moparisthebest has joined

  434. moparisthebest has joined

  435. jubalh has left

  436. la|r|ma has left

  437. la|r|ma has joined

  438. suzyo has joined

  439. suzyo has joined

  440. intosi has left

  441. stefandxm has joined

  442. andy has joined

  443. jubalh has joined

  444. Kev

    Stack overflow is a thing, yeah. I think it's worth a security consideration suggesting limiting the depth of parsing.

  445. Alex has left

  446. suzyo has joined

  447. suzyo has joined

  448. andy has left

  449. Kev

    Well, overflow/exhaustion, anyway.

  450. stefandxm has left

  451. Guus

    XSF Board meeting time. Nyco, Ralphm and Martin sent apologies, that leaves you and me, MattJ

  452. MattJ

    I'm here

  453. andy has joined

  454. Guus

    Is there anything you'd like to discuss with the two of us present, MattJ?

  455. MattJ

    I don't think I have anything

  456. Guus

    As this is the second meeting in a row that we're about to skip, I'd like to invite others to have input now. I'd hate for people to not be able to bring something up, because of our inability to convene.

  457. Guus

    anyone?

  458. Guus

    going once...

  459. Guus

    If there's anything, please feel free to reach out in private, anytime

  460. Guus

    let's try this again in one week, MattJ :)

  461. suzyo has joined

  462. MattJ

    +1

  463. Guus

    ok, thanks. I'll send out the non-minutes

  464. MattJ

    unless we organise that high-bandwidth meeting in the meantime

  465. Guus

    agreed

  466. Guus has left

  467. Guus has left

  468. Guus has left

  469. lskdjf has joined

  470. Ge0rG

    Damn, I wanted to bring up something for Board.

  471. Ge0rG

    Totally missed the meeting due to a conf call.

  472. SaltyBones has left

  473. suzyo has joined

  474. Ge0rG

    I wanted to re-ask for the creation of a SPAM WG, with work around the Manifesto to be performed

  475. andy has left

  476. Guus

    Ge0rG: I've seen various references to that renewed request in context of the manifesto mail thread. Would you mind pulling the re-request to form a team in a separate mail thread - perhaps include a proposal for a specific charter - for easy reference when we're going to discuss this?

  477. Yagiza has left

  478. Yagiza has joined

  479. Guus

    I'm kind of missing the benefit of having a work team (a group of people dedicated to this specific effort) for this, as I'd think that you'd want to include _everone_, not a select group - but I'm not _against_ forming a team for just that.

  480. Guus

    (if that made sense)

  481. SamWhited

    I don't think we've formed a working group that actually met more than once or twice or did anything at all since I've been here. I like the idea, but it might be helpful if you could find people that are willing to be members, will commit to doing work, and someone who can herd the cats when they don't show up first.

  482. Guus

    (as in, for things like iteam, or scam, it makes sense to me to be able to address a specific group of people. I'm not immediately seeing that for spam)

  483. Guus has left

  484. SamWhited

    SCAM might be the exception, because it has a cat herder named Guus.

  485. Guus

    well, if infra is broken, you know to talk to iteam

  486. Guus

    but that said, if just rubber-stamping a team helps the effort, I'm not against it.

  487. MattJ

    I think SCAM is different because it is more involved with the running of the XSF

  488. SamWhited

    That's true, it is rather different.

  489. MattJ

    It has allocated budget, etc.

  490. SamWhited

    Anyways, I'm not against it (not that I have any say, this is a board matter), it might be helpful if you found people first or wrote a charter though.

  491. MattJ

    The mandatory TLS manifesto did not have a working group - in fact it had almost nothing to do with the XSF, except possibly a blog post mention

  492. Guus has left

  493. Kev

    iteam is pretty involved with running the XSF too ;)

  494. ralphm has joined

  495. Kev

    But I think a SIG is probably more appropriate than a WG.

  496. Kev

    You don't want (I think) a formally-approved membership.

  497. Kev

    Or to only allow XSF members.

  498. Ge0rG

    I'm fine with a SIG as well.

  499. SamWhited

    oh, I didn't even realize we had a different concept for WG; I assumed Ge0rG meant SIG.

  500. Ge0rG

    I didn't know either.

  501. Kev

    We have SIGs and Work Teams.

  502. Kev

    Iteam and SCRAM are Work Teams. standards@ is a SIG.

  503. tim@boese-ban.de has left

  504. Alex has joined

  505. stefandxm has joined

  506. andy has joined

  507. SaltyBones has left

  508. Guus has left

  509. Guus has left

  510. Guus

    Is standards a SIG? (seems silly to have an organisation who's purpose it is to manage standards, to have a SIG for that)

  511. andy has left

  512. Guus

    it thought that SIGs were the often time-limited groups for things like IOT spec advancement?

  513. Guus

    we're listing teams in the side-menu here: https://xmpp.org/about/xsf/editor-team

  514. Guus

    (we should restructure that a bit)

  515. Guus

    but I'm not seeing references to our SIGs on the website. Are they defined by XEPs?

  516. Tobias has joined

  517. Guus has left

  518. Guus

    (https://xmpp.org/about/xsf/bylaws section 8.2)

  519. suzyo has joined

  520. Guus

    Reading that, a SIG makes more sense than a WT for SPAM.

  521. Guus

    but, do we keep a list of what SIGs we currently have active?

  522. andy has joined

  523. jere has joined

  524. jubalh has left

  525. Alex has left

  526. jubalh has joined

  527. suzyo has joined

  528. Alex has joined

  529. ralphm has joined

  530. ralphm has left

  531. andy has left

  532. ralphm has joined

  533. Maranda has joined

  534. andy has joined

  535. Maranda has left

  536. jubalh has joined

  537. Tobias has joined

  538. jere has joined

  539. vanitasvitae has left

  540. SouL has left

  541. Seve/SouL has left

  542. ralphm has joined

  543. ralphm has joined

  544. andy has left

  545. bear has joined

  546. SouL has joined

  547. Seve/SouL has joined

  548. SouL has left

  549. Kev has left

  550. jjrh has left

  551. jubalh has joined

  552. jubalh has left

  553. blabla has left

  554. Syndace has left

  555. Syndace has joined

  556. nyco has left

  557. ralphm has joined

  558. suzyo has joined

  559. jere has joined

  560. jjrh has left

  561. tux has left

  562. jjrh has left

  563. jjrh has left

  564. daniel has left

  565. jere has left

  566. jere has joined

  567. jjrh

    jonasw, the best way I can think of to do threading is to basically have a '+' next to a top level message and then reply in that context. When someone comments to that thread you bring that top level message to the bottom. (similar to how email threading is displayed in many mail clients)

  568. andy has joined

  569. peter has joined

  570. peter

    Guus: do you know a JID for Paweł Ścibiorski from the Summit? I need more information from him in order to complete his reimbursement...

  571. Guus

    peter, yes. alameyo@igniterealtime.org

  572. lskdjf has joined

  573. peter

    thanks!

  574. Guus

    you'll also find him in open_chat@conference.igniterealtime.org pretty much every day.

  575. nyco has left

  576. peter

    k

  577. jjrh

    I'm not sure how things would work for clients who don't support threading - it would be confusing for people with clients that support threading.

  578. Ge0rG has left

  579. jjrh

    Since their 'reply' would not be tied to any thread.

  580. daniel has left

  581. daniel has left

  582. blabla has left

  583. stefandxm has left

  584. daniel has left

  585. andy has left

  586. andy has joined

  587. jonasw

    jjrh, how does that work with clients which do not support htat?

  588. jonasw

    wouldn’t their replies look weird then?

  589. jjrh

    Yeah that's the problem - if we are having a threaded discussion and bill replies with a client that doesn't have threading it's going to look weird to us.

  590. jonasw

    yeah

  591. jonasw

    and that’s why threading doesn’t work, in a nutshell

  592. jonasw

    also, clicking to make a threaded reply is annoying

  593. Zash

    jonasw: what if you do heuristics based on this kind of reply?

  594. jonasw

    heuristics fail :(

  595. jjrh

    I'm not sure how to deal with that in a group chat without doing something weird like setting my username to jjrh391034 jjrh391035 in each message - so when you reply it would be to my username with the id and our clients would know to include it in the correct thread.

  596. jonasw

    not all replies have a leading nickname mention :-)

  597. tux has joined

  598. Zash

    assume they belong to the same thread as the last message

  599. peter has left

  600. Zash

    how far could you get with some graph based heuristics?

  601. lovetox has joined

  602. Seve

    Well, things work when a popular client implements X and other clients are forced to implement X because that client has that.

  603. nyco has left

  604. xnyhps has joined

  605. Zash

    if two (sub)groups of people seem to be talking mostly among themselves, uh, surely there are fancy algoritms that could tell you about that

  606. jjrh

    well perhaps some sort of id appended to messages would work - If people with clients that don't support threading don't use the legacy way of inserting at least that id in their reply to a conversation well their message will be ignored / lost in the noise. Same way on a mailing list if someone just creates a new message to reply to a existing thread people will simply ignore it / not see it.

  607. Dave Cridland has left

  608. jjrh

    Zash, well what would be really neat is if one could find a way to essentially create a new MUC so the conversation moves there

  609. Zash

    did you just say that clients that don't implement this will implement it?

  610. tux has joined

  611. uc has joined

  612. jjrh

    if all our messages end up with "Zash: #MESSAGEINGTHREADING_19230 , did you just say that clients that don't implement this will implement it?" for clients that don't support threading it's up to the user to include #MESSAGEINGTHREADING_19230 in their reply

  613. jjrh

    That's not a great way solution though.

  614. Zash

    the user isn't going to do that

  615. Zash

    see, I didn't even

  616. jere has joined

  617. Zash

    If you want an entirely separate room, then create one and invite people there

  618. Zash

    Surely it should be possible to send an invite to a room

  619. tux has joined

  620. jjrh

    I guess that's another way - if your client doesn't have threading support you get a message saying to join a room. That's a crummy solution too.

  621. Zash

    That's a more of a hard break tho, not what I imagine threading in a groupchat could be

  622. Zash

    I imagined that be more fluid

  623. jjrh

    What would be neat - providing everyone had a client that supported threading - is to figure out when a thread should basically become a new chat room. Effectively 'off topic' discussions wouldn't matter, if we start talking about the new starwars movie in xsf it wouldn't be disturbance because that conversation would quickly be migrated to a new room.

  624. Zash

    What would threading even look like in a real time groupchat?

  625. Zash

    I imagine you would get pretty far by just placing more focus on messages in your current thread

  626. Zash

    like, fate down the others a bit

  627. rion has left

  628. jjrh

    Yeah - I think I would do something like have the top level show up in the main room #threading_in_xmpp every time so we know chatter in that topic is going on. Same way when I check my email for a mailing list the thread with the most recent reply gets bumped to the top. If i'm active in the discussion (have a chat tab open) in the main chat I wouldn't see that thread.

  629. jjrh

    I feel like even if every XMPP client supported threading and all of them did it reasonably well people would just not use it and things would mostly remain the way they are now.

  630. jjrh

    People (including myself) get stuck in the ways they are used to.

  631. jjrh has left

  632. jjrh has left

  633. jjrh has left

  634. blabla has left

  635. Yagiza has left

  636. ralphm has joined

  637. stefandxm has joined

  638. moparisthebest

    from a UX perspective how would I even indicate who (what thread) I am replying to?

  639. mimi89999 has left

  640. Seve remembers people to check how Slack does that.

  641. Seve

    https://slackhq.com/threaded-messaging-comes-to-slack-417ffba054bd

  642. Seve

    https://get.slack.help/hc/en-us/articles/115000769927-Message-threads

  643. Seve

    Although I would search for a video or something, to see more clearly how it's done.

  644. nyco has left

  645. ralphm has joined

  646. Dave Cridland has left

  647. jonasw

    what’s a usable client on Mac OS?

  648. Steve Kille has left

  649. Ge0rG

    jonasw: adium and iMessage or so I heard. Not perfect though

  650. Ge0rG

    jonasw: maybe Swift 4

  651. Seve/SouL has left

  652. tux has left

  653. Steve Kille has left

  654. Ge0rG

    Seve: I've used slack threading once after it was released, but nobody else in my team did, and the UX felt somehow wrong

  655. Ge0rG

    Seve: so any news from KDE?

  656. jjrh has left

  657. stefandxm has left

  658. ralphm has joined

  659. jubalh has joined

  660. jjrh has left

  661. jonasw

    wat, matrix needs to poll if it can’t have google push foo?

  662. jonasw

    that’s fun

  663. Dave Cridland has left

  664. Zash

    What else would it do

  665. marc

    hm? matrix protocol uses polling?

  666. Steve Kille has joined

  667. jonasw

    marc, unless they can use google/apple push

  668. suzyo has joined

  669. marc

    wtf?

  670. jonasw

    yeah

  671. marc

    jonasw, ref?

  672. jonasw

    the settings in the app apparently

  673. Zash

    But http and json!

  674. jonasw

    marc, something about "sync interval"

  675. marc

    maybe this part: https://matrix.org/docs/spec/client_server/r0.3.0.html#syncing

  676. andy has left

  677. moparisthebest

    jonasw, gajim and dino run on macos too right?

  678. andy has joined

  679. jonasw

    moparisthebest, I don’t know?

  680. jonasw

    do they?

  681. jonasw

    (gajim especially)

  682. moparisthebest

    pretty sure yes

  683. moparisthebest

    gajim almost certainly does

  684. jonasw

    okay

  685. moparisthebest

    Seve, so from https://slackhq.com/threaded-messaging-comes-to-slack-417ffba054bd they are just joining another muc that happens to be a split window from the main muc ?

  686. daniel

    I think it is planned to make dino work on macos. Due to the general beta state of it there might be bugs

  687. Dave Cridland has left

  688. stefandxm has joined

  689. Dave Cridland has left

  690. ralphm has joined

  691. Ge0rG

    Gajim isn't a client I would recommend to newcomers.

  692. Dave Cridland has left

  693. Dave Cridland has left

  694. Dave Cridland has left

  695. rion has joined

  696. Syndace has joined

  697. Guus has left

  698. rion has left

  699. rion has joined

  700. Dave Cridland has left

  701. Dave Cridland has left

  702. rion has left

  703. Dave Cridland has left

  704. Dave Cridland has left

  705. moparisthebest

    Ge0rG, well 'works' is better than 'doesn't work'

  706. moparisthebest

    and none of those other clients have mam/carbons I think

  707. daniel

    moparisthebest: well dino has both. But I hear it's still buggy

  708. Alex has left

  709. Ge0rG

    We need a client usability score

  710. Guus has left

  711. moparisthebest

    yes dino is fine too, I was mainly saying I'd recommend gajim over pidgin/adium all day

  712. daniel

    Sure. That I can agree with

  713. ralphm has joined

  714. sezuan has joined

  715. Alex has joined

  716. jonasw

    can swift do MAM?

  717. jonasw

    (and gajim)

  718. sezuan has left

  719. SamWhited

    Gajim can, Swift couldn't the last time I used it, but I know they've tried to modernize it a bit since then so it might be able to now.

  720. sezuan has joined

  721. jonasw

    SamWhited, released gajim or 1.0 beta?

  722. SamWhited

    I'm not sure, released I think. Give me a second and I'll see what I have installed

  723. jonasw

    thanks

  724. Seve/SouL has left

  725. SamWhited

    hmm, I thought the version I had on this machine did it, but I can't make it make a query (0.16.9) so maybe I did have the beta installed on my other machine or something

  726. SamWhited has left

  727. Seve/SouL has left

  728. SamWhited

    Ah, I see, it does have MAM, just not a version I support. 0.16.9 supports mam:0, 1.0.0 beta supports :1 and :2

  729. andy has left

  730. jonasw

    I see

  731. SamWhited

    https://dev.gajim.org/gajim/gajim/blob/gajim-1.0.0-alpha1/ChangeLog

  732. SamWhited

    They dropped OTR too, nifty.

  733. SamWhited

    But support EME now for some reason… I will never understand the Gajim decision making process.

  734. SamWhited

    oh, no, that's not what I thought it was. Nevermind, that makes sense.

  735. jonasw

    what’s wrong with EME?

  736. jonasw

    yeah

  737. Seve/SouL has left

  738. la|r|ma has joined

  739. Seve/SouL has left

  740. SamWhited

    I was thinking it was the old encryption mechanism that never got much adoption, I can't remember what it was called.

  741. Alex has left

  742. Alex has joined

  743. jjrh

    Ge0rG, +1 for client usability score. I'd factor in clients with support for XEP's which contribute to usability (message carbons for instance)

  744. SamWhited has left

  745. andy has joined

  746. Ge0rG

    jjrh: I consider Carbons a MUST for many years now, but they are less urgent for single-client users.

  747. blabla has joined

  748. Ge0rG

    OTOH, I don't have MAM in any of my actively used clients.

  749. nyco has left

  750. SamWhited

    I get really annoyed with mcabber for not having MAM, it's a terrible experience.

  751. SamWhited

    If I want to catch up on something I have to use Conversations

  752. Ge0rG

    SamWhited: you need leave mcabber 24/7, or make conversations use a negative priority.

  753. Ge0rG

    (this is a statement about the quirks of XMPP, first and foremost)

  754. jjrh

    I think it's problematic that a android client is one of the best XMPP clients

  755. Seve/SouL has joined

  756. jjrh

    problematic is probably the wrong word.

  757. peter has joined

  758. andy has left

  759. Seve/SouL has left

  760. Seve/SouL has joined

  761. jjrh has left

  762. Ge0rG

    jjrh: sad?

  763. marc

    So let's be prepared for https://puri.sm/shop/librem-5/ :)

  764. Ge0rG

    What's really problematic is that it's not *my* android client! 😁

  765. marc

    "Partnering with Matrix Librem 5 is the first ever Matrix-powered smartphone, natively using end-to-end encrypted decentralised communication in its dialer and messaging app."

  766. Ge0rG

    We need more people in the SCAM team!

  767. suzyo has joined

  768. jjrh has left

  769. Alex has left

  770. jjrh has left

  771. Alex has joined

  772. SaltyBones

    has anybody ever looked at matrix and if their stuff is accidentally actually good? :)

  773. marc

    Ge0rG, what's SCAM?

  774. SaltyBones

    I mean their "reference" client is not but who knows about the protocol :p

  775. marc

    SaltyBones, they rely on polling or an additional push protocol

  776. Ge0rG

    marc: our marketing team, https://wiki.xmpp.org/web/Summits_Conferences_And_Meetups_team

  777. marc

    wtf

  778. marc

    Ge0rG, I want a hoodie!

  779. marc

    NOW!

  780. marc

    :D

  781. Ge0rG

    marc: you should've gone to FOSDEM

  782. Ge0rG

    I don't even want an XMPP hoodie. Sad. I'd rather have a Jabber one, but that will be 500$.

  783. marc

    Ge0rG, yeah, damn :D

  784. marc

    Ge0rG, how does the jabber hoodie look like?

  785. Ge0rG

    marc: no idea.

  786. jjrh

    The matrix web client is pretty

  787. Ge0rG

    Actually there is a hoodie I want to have. Front: "Schroedinger's Chat" Back: "XMPP Group Chat 1.0 Protocol"

  788. andy has joined

  789. Ge0rG has left

  790. marc

    Ge0rG: I miss your name on the SCAM page ;)

  791. Ge0rG

    marc: I rather want to be on the SPAM page.

  792. SamWhited

    I've looked at Matrix a bit; the clients they wrote are nice, the protocol isn't (well, it would be good for other things, but not for chat or anything realtime)

  793. Ge0rG

    SamWhited: but http has won, together with Javascript and rest

  794. jjrh

    https://matrix.org/docs/projects/try-matrix-now.html they have quite a few clients.

  795. Ge0rG

    And XSS and https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=1107

  796. Kev has joined

  797. daniel

    Oh til that couch db is still a thing

  798. daniel

    I wonder if it does multi threading now

  799. blabla has joined

  800. Kev has left

  801. remko has left

  802. andy has left

  803. ralphm has joined

  804. SaltyBones

    i dont understand

  805. SaltyBones

    where are these nice clients

  806. SaltyBones

    everybody seems to use riot which is pretty awful

  807. waqas has joined

  808. jjrh

    Riot looks pretty and is something that is familiar to folks (looks like slack/discord/fb messenger)

  809. valo has joined

  810. valo has joined

  811. SamWhited

    Riot felt a bit cluttered at times, but it was pretty and worked more reliably than any XMPP desktop client I'd ever used up until that point.

  812. SamWhited

    And had more modern features.

  813. intosi has joined

  814. SaltyBones

    i only know of video calls

  815. SaltyBones

    but that s pretty awesome

  816. la|r|ma has joined

  817. intosi has left

  818. intosi has joined

  819. jjrh

    http://blogs.asterisk.org/2017/09/20/asterisk-15-multi-stream-media-sfu/ this stuff looks pretty nice

  820. goffi has left

  821. ralphm has joined

  822. Guus has left

  823. Syndace has joined

  824. jubalh has joined

  825. ralphm has joined

  826. Syndace has joined

  827. Guus has left

  828. daniel has left

  829. Dave Cridland has left

  830. blabla has joined

  831. Dave Cridland has left

  832. blabla has joined

  833. Guus has left

  834. Kev has joined

  835. jubalh has joined

  836. Syndace has joined

  837. jubalh has joined

  838. daniel has left

  839. moparisthebest

    the best part about that is the GIF http://blogs.asterisk.org/wp-content/uploads/2017/09/cmp2k_1.gif

  840. moparisthebest

    really takes you back

  841. ralphm has joined

  842. Syndace has joined

  843. Alex has left

  844. jubalh has left

  845. Alex has joined

  846. daniel has left

  847. Guus has joined

  848. andy has joined

  849. daniel has left

  850. daniel has joined

  851. winfried has joined

  852. Dave Cridland has left

  853. Dave Cridland has left

  854. Dave Cridland has left

  855. blabla has joined

  856. marc

    Ge0rG: your landing page should accept raw XMPP URIs

  857. Dave Cridland has left

  858. Dave Cridland has left

  859. Dave Cridland has left

  860. intosi has left

  861. SamWhited has left

  862. andy has left

  863. jjrh has left

  864. jjrh has left

  865. Guus has left

  866. andy has joined

  867. SaltyBones

    SamWhited, what's the problem with matrix's protocol?

  868. SamWhited

    It's a giant distributed graph protocol which will never scale very well

  869. SamWhited

    More or less everything syncs to everything else in a big mesh

  870. sezuan has left

  871. jjrh has left

  872. jjrh has left

  873. andy has left

  874. nyco has left

  875. Guus has left

  876. moparisthebest has joined

  877. SaltyBones

    What does it sync?

  878. SaltyBones has left

  879. nyco has left

  880. SamWhited

    Message history between whatever servers are a part of the conversation. Having history in multiple places isn't bad, but the big mesh they build and all the polling they do is rather chatty.

  881. Guus has left

  882. SaltyBones

    So if two people chat it would only involve two servers, right?

  883. SaltyBones

    Sounds benign and like xmpp...? :)

  884. Guus has left

  885. Dave Cridland has left

  886. Guus has left

  887. Dave Cridland has left

  888. Dave Cridland has left

  889. marc

    jonasw: does that mean that all native desktop client use polling? I assume Google Push is not available on Desktop

  890. marc has left

  891. mimi89999 has joined

  892. mimi89999 has left

  893. uc has joined

  894. mimi89999 has joined

  895. uc has joined

  896. waqas has left

  897. lumi has left

  898. la|r|ma has left

  899. marc has left

  900. marc has left

  901. peter has left

  902. SamWhited has left

  903. lovetox has left

  904. tux has joined

  905. Alex has left

  906. Dave Cridland has left

  907. pep. has left

  908. Dave Cridland has left

  909. ralphm has joined

  910. Dave Cridland has left