XSF Discussion - 2018-02-15


  1. jonasw

    jjrh, yeah, threading comes up once in a while

  2. jonasw

    there’s protocol support, but nobody has thought of a good UX which doesn’t break when not all clients participate

  3. Zash

    And how would you do the UI without getting in the way of the user?

  4. jonasw

    yeah

  5. jonasw

    all of that

  6. Seve

    What do you mean?

  7. jonasw

    Seve, with what specifically?

  8. Seve

    'getting in the way of the user'

  9. jonasw

    being more of a burden than it is useful

  10. Seve

    Ah, ok :)

  11. Seve

    Slack has threads, but I don't know how people use them.

  12. jonasw

    for example by being confusing or by requiring a lot of UI interaction which isn’t necessary otherwise for little gain etc. etc.

  13. Seve

    Thank you, I understand now :)

  14. daniel

    i thought about the HTTP upload. I think i'm just gonna white list Authorize, Cookies and X-* Headers. if that's not enough to make your upload api work than so be it. and just white listing headers instead of introducing new syntax helps me to avoid a namespace bump.

  15. Zash

    But X-* is deprecated

  16. daniel

    ok. minus X- then. so holger has to live with putting his stuff in a cookie then

  17. jonasw

    daniel, Expires?

  18. daniel

    if it doesn't go through council with these rules then so be it

  19. daniel

    jonasw, Expires? really?

  20. jonasw

    yes; it could be signed in Authorization, but it would be telling the client how long the file will stay alive

  21. Zash

    Does it really need a (black|white)list?

  22. Holger

    I can live with abusing some header for my special use case. I still fail to see how this helps with security but meh.

  23. jonasw

    https://www.dropbox.com/developers/documentation/http/documentation

  24. jonasw

    are you kidding me

  25. jonasw

    this is a single html page, without index, which contains *all* the API endpoints of dropbox?

  26. jonasw

    so dropbox allows to use a query argument instead of an header, we’re good

  27. jonasw

    (otherwise, it’d need Dropbox-API-Arg)

  28. daniel

    jonasw, do they even have preauthed urls?

  29. jonasw

    daniel, dunno

  30. daniel

    that feels a bit un-dropboxy

  31. jonasw

    somebody mentioned it yesterday

  32. daniel

    ok. expires, authorize and cookie it is then. but only because having three items in a white list sounds better then having just two

  33. jonasw

    nextcloud seems to be a plain PUT normally. I think they assume some Cookie or something.

  34. daniel

    jonasw, yes i brievely looked at these apis before and none of them seem to support preauth/one time upload things anyway

  35. daniel

    so you probably wouldn't use them in practice anyway

  36. jonasw

    true

  37. daniel

    unless your server knows your own dropbox password or something weird

  38. jonasw

    yeah, S3 is probably the most relevant API thing then

  39. MattJ

    jonasw, NextCloud is Authorization or Cookie (I checked yesterday)

  40. MattJ

    S3 supports query string, including at least one of the clones I checked (minio)

  41. Zash

    In the case of Dropbox, it seems weird to me that the XMPP server would be the one that provides that service

  42. MattJ

    Zash, in my mind you link your XMPP account with Dropbox (via a page served by the XMPP service)

  43. Zash

    A transport!

  44. MattJ

    It gets OAuth-approved, and the credentials go into Authorization

  45. MattJ

    Ah, a fun thing

  46. Zash

    Couldn't all this be done locally without XMPP?

  47. Zash

    Assuming you have some kind of dropbox client installed

  48. MattJ

    I wonder if there are services where you don't know the GET location until you upload

  49. MattJ

    e.g. with Dropbox you would upload, and then you have to share the file to create a link for someone else to download it

  50. Zash

    Get some NextCloud and Dropbox devs into a room and don't let them out until they present a standard-ish interface (android intent) for this

  51. MattJ

    glhf

  52. daniel

    maybe we just leave the xep in experimental until someone actually writes a s3 or dropbox or whatever service

  53. daniel

    and then we'll know

  54. Zash

    Speaking of not knowing the location until after upload, I've got a bunch of things where the GET URL is dependent on the content of the files

  55. MattJ

    Ok, well I at least want to do an S3 one soon. I don't have NextCloud to test with, and Dropbox requires some OAuth stuff

  56. Zash

    Something something Location header returns the GET URL?

  57. jonasw

    Zash, that sounds very reasonable

  58. daniel

    ok. let's leave the xep experimental. you write the service with the location header (if the get url is omitted in the orignial slot response) and then we know if that works and change the xep

  59. jonasw

    daniel, how about "omit <get/> to indicate that the <put/> request will return the GET URL via Location header"?

  60. daniel

    let me know if you have something ready Zash and i get you a Conversations build to test this with

  61. Zash

    daniel: There's my pastebin, q.zash.se

  62. Zash

    Tho it receives as POST

  63. daniel

    that's probably i quick fix. and it would of course need to annouce itself over http upload

  64. daniel

    *a

  65. Zash

    Hm

  66. Zash

    Doesn't seem to use Location tho

  67. Zash

    And now it does

  68. jonasw

    does it also use PUT?

  69. Zash

    no

  70. daniel

    https://gultsch.de/files/xep-0363.html

  71. daniel

    Ge0rG, does that sufficiently address your concerns as council?

  72. jonasw

    daniel, did you exclude newlines from the header values?

  73. jonasw

    from a quick glance I can’t see that

  74. daniel

    jonasw, yes. in december already

  75. jonasw

    maybe put that in the text above the example, too

  76. daniel

    done

  77. Ge0rG

    daniel: reading now, also "especially the file ending intact" --> "extension" is a better word here

  78. Ge0rG

    daniel: "MUST not" --> "MUST NOT"

  79. Ge0rG

    daniel: I'd say that this scheme is still susceptible to idiot developers. Please just define optional <authorization>, <cookie> and <expires> elements.

  80. jonasw

    > 07:22:50 daniel> i thought about the HTTP upload. I think i'm just gonna white list Authorize, Cookies and X-* Headers. if that's not enough to make your upload api work than so be it. > and just white listing headers instead of introducing new syntax helps me to avoid a namespace bump.

  81. Ge0rG

    oh.

  82. Zash

    Idiot proof protocol design?

  83. Ge0rG

    you don't technically need a namespace bump, you could work around it with caps.

  84. Ge0rG

    daniel: please also add a point to the Security about the client potentially being exploitable to SSRF / https://cwe.mitre.org/data/definitions/918.html

  85. Zash

    A namespace for every SHOULD and MAY

  86. Zash

    Feature *

  87. Ge0rG

    Zash: much better than just incrementing the version each time.

  88. Ge0rG

    the current proposal is much better, but then you end up with the XHTML-IM Implementor's Fallacy

  89. Zash

    Except for the complexity explosion

  90. Ge0rG

    better than before, that is.

  91. Holger

    I disagree 🙂

  92. Ge0rG

    Holger: with what exactly?

  93. Holger

    With it being better than before. But more discussion won't help I guess.

  94. daniel

    Ge0rG, can you word that as a full normative sentence

  95. Ge0rG

    daniel: yes, as soon as I find some time.

  96. daniel

    because i frankly don't understand the issue well enough to word that myself

  97. daniel

    i'm not really sure what the client should do about this though

  98. daniel

    if your wifi router is broken your wifi router is broken

  99. daniel

    unless we really want to enforce some same origin stuff

  100. Ge0rG

    I think the most sane way is to prevent automatic re-requesting of slots.

  101. Flow

    > Zash> And how would you do the UI without getting in the way of the user?

  102. Flow

    Remeber Google Wave?

  103. Flow

    It was/is even XMPP based

  104. Zash

    Flow: Remember how I'm probably the most anti-Google person here? Guess how much time I spent trying Wave

  105. Flow

    Not much since you are anti google?

  106. Flow

    Or is it the other way around: Young neutral Zash once tried Wave years ago and never looked at google again?

  107. Zash

    I assume it required a Google account, which I refuse to get.

  108. Flow

    The code is still around if you want to give it a second chance: http://incubator.apache.org/projects/wave.html

  109. Flow

    Although the apache project retried 4 weeks ago :(

  110. Zash

    I read the specs. I meh'd.

  111. Zash

    Binary XML deltas in ProtocolBuffers over XMPP or somethincg

  112. Flow

    fancy

  113. jonasw

    would anyone with a good overview of current client and server features be able to be available between 17:30Z and 18:30Z?

  114. jonasw

    I’m talking to the university person who wants to establish some IM thing and they already have XMPP in mind. I’d like to be able to answer questions about specific things

  115. Seve

    Would be awesome if there is someone!

  116. Zash

    Am I awake then?

  117. daniel

    jonasw: sure. If you mention me I'm available. Not that I'm necessarily the expert in client and server feature availability. But I know _some_ things

  118. jonasw

    cool

  119. Dave Cridland

    jonasw, I know some stuff, but I'll be in and out around that time. But a mention *might* work.

  120. jonasw

    ok

  121. Zash

    jonasw: The magical time when most people are between work and home?

  122. Dave Cridland

    Zash, Home-office and settled-for-the-evening in my case.

  123. jonasw

    I didn’t choose that time :(

  124. MattJ

    jonasw, I'll be around

  125. jonasw

    wee, a bunch of people :)

  126. Kev

    I'll be on a train at that time, without connectivity, sorry.

  127. Kev

    SamWhited: I think Security Considerations in 393 could benefit from a note about stack exhaustion, given you're suggesting recursion for parsing.

  128. jonasw

    does it have a grammar by now?

  129. daniel

    Kev, MattJ would you be ok with annocing the mam preferences (at least the current default) in the disco accounts features (as a form)? if so i can prepare a PR for the XEP

  130. MattJ

    What's the reason?

  131. daniel

    i want to do my offline purge only if it is set to !never

  132. daniel

    and maybe during initial account setup prompt the user to enable it

  133. daniel

    w/o having to do the extra round trip for the preference discovery

  134. daniel

    primarily the first thing though. the other is just a nice bonus feature one could do

  135. jonasw

    can’t you interleave the preference discovery with other round-trips you have to do anyways?

  136. jonasw

    for account setup e.g. when setting the avatar

  137. jonasw

    or while the user picks the avatar or something like that

  138. daniel

    yes. that's why i said primarily the first thing

  139. jonasw

    maybe I’m confused what the first thing is; is it the offline purge?

  140. daniel

    yes

  141. jonasw

    if so, same argument holds, isn’t there something this can be paralleized with?

  142. Zash

    what is the offline purge?

  143. jonasw

    if so, same argument holds, isn’t there something this can be parallelized with?

  144. daniel

    Zash, xep13

  145. jonasw

    Zash, -xep 13 i presume

  146. jonasw

    Zash, {xep 13} i presume

  147. Bunneh

    Zash: Flexible Offline Message Retrieval (Standards Track, Draft, 2005-07-14) See: https://xmpp.org/extensions/xep-0013.html

  148. jonasw

    I’m starting to get this right!

  149. jonasw

    anyways, gotta run

  150. daniel

    jonasw, still traffic… and more blocking things before i can go online. it's more complicated in the clients code if I have to wait for two things (disco and preferences)

  151. MattJ

    daniel, I don't feel too great about this for a number of reasons

  152. MattJ

    and since it boils down to the XEP-0013 purge, even less so

  153. MattJ

    I think that should be solved a different way - Prosody doesn't even support XEP-0013

  154. MattJ

    Yet not sending offline messages to MAM clients is totally trivial and something I was planning to do anyway

  155. MattJ

    and doesn't require bloating disco queries

  156. Ge0rG

    MattJ: please add it to 313.

  157. Ge0rG

    MattJ: also what we discussed regarding overlap of offline and MAM, and one of them being a pointer to the other one.

  158. Holger

    How do you know it's a MAM client?

  159. MattJ

    Holger, MAM request before initial presence

  160. Kev

    I actually want preferences removed from 313 and split elsewhere, ideally.

  161. MattJ

    Yeah, I think that came up a couple of times in LC feedback, I'm in favour of that

  162. MattJ

    Also the pubsub stuff

  163. Ge0rG

    As long as there is a mechanism for the client to distinguish whether MAM was actively enabled on this account or not.

  164. daniel

    Ge0rG: why do clients need to tell?

  165. Ge0rG

    daniel: in the context of GDRP and generic data privacy considerations, a client should be able to tell the user that they give up their message contents now

  166. daniel

    Ge0rG: I understand that a client might want to discover their settings. I don't understand why they need to discover the servers default

  167. Ge0rG

    daniel: let me rephrase that: the setting should be a tristate of "enabled / disabled / schroedinger"

  168. Ge0rG

    daniel: so a MAM-enabled client can move from schroedinger to enabled, but not override disabled to enabled if the user disabled MAM once.

  169. daniel

    i'm against clients enabling that automatically anyway. if anything it should ask during setup

  170. daniel

    but yes i understand your argument now

  171. Ge0rG

    during account setup? What if MAM is enabled later on? ;)

  172. SamWhited

    Kev: maybe I should just say 'iterate over' then. Also, serious question, is that still a security issue? Do any compilers not put stack guards in place?

  173. Kev

    Stack overflow is a thing, yeah. I think it's worth a security consideration suggesting limiting the depth of parsing.

  174. Kev

    Well, overflow/exhaustion, anyway.

  175. Guus

    XSF Board meeting time. Nyco, Ralphm and Martin sent apologies, that leaves you and me, MattJ

  176. MattJ

    I'm here

  177. Guus

    Is there anything you'd like to discuss with the two of us present, MattJ?

  178. MattJ

    I don't think I have anything

  179. Guus

    As this is the second meeting in a row that we're about to skip, I'd like to invite others to have input now. I'd hate for people to not be able to bring something up, because of our inability to convene.

  180. Guus

    anyone?

  181. Guus

    going once...

  182. Guus

    If there's anything, please feel free to reach out in private, anytime

  183. Guus

    let's try this again in one week, MattJ :)

  184. MattJ

    +1

  185. Guus

    ok, thanks. I'll send out the non-minutes

  186. MattJ

    unless we organise that high-bandwidth meeting in the meantime

  187. Guus

    agreed

  188. Ge0rG

    Damn, I wanted to bring up something for Board.

  189. Ge0rG

    Totally missed the meeting due to a conf call.

  190. Ge0rG

    I wanted to re-ask for the creation of a SPAM WG, with work around the Manifesto to be performed

  191. Guus

    Ge0rG: I've seen various references to that renewed request in context of the manifesto mail thread. Would you mind pulling the re-request to form a team in a separate mail thread - perhaps include a proposal for a specific charter - for easy reference when we're going to discuss this?

  192. Guus

    I'm kind of missing the benefit of having a work team (a group of people dedicated to this specific effort) for this, as I'd think that you'd want to include _everone_, not a select group - but I'm not _against_ forming a team for just that.

  193. Guus

    (if that made sense)

  194. SamWhited

    I don't think we've formed a working group that actually met more than once or twice or did anything at all since I've been here. I like the idea, but it might be helpful if you could find people that are willing to be members, will commit to doing work, and someone who can herd the cats when they don't show up first.

  195. Guus

    (as in, for things like iteam, or scam, it makes sense to me to be able to address a specific group of people. I'm not immediately seeing that for spam)

  196. SamWhited

    SCAM might be the exception, because it has a cat herder named Guus.

  197. Guus

    well, if infra is broken, you know to talk to iteam

  198. Guus

    but that said, if just rubber-stamping a team helps the effort, I'm not against it.

  199. MattJ

    I think SCAM is different because it is more involved with the running of the XSF

  200. SamWhited

    That's true, it is rather different.

  201. MattJ

    It has allocated budget, etc.

  202. SamWhited

    Anyways, I'm not against it (not that I have any say, this is a board matter), it might be helpful if you found people first or wrote a charter though.

  203. MattJ

    The mandatory TLS manifesto did not have a working group - in fact it had almost nothing to do with the XSF, except possibly a blog post mention

  204. Kev

    iteam is pretty involved with running the XSF too ;)

  205. Kev

    But I think a SIG is probably more appropriate than a WG.

  206. Kev

    You don't want (I think) a formally-approved membership.

  207. Kev

    Or to only allow XSF members.

  208. Ge0rG

    I'm fine with a SIG as well.

  209. SamWhited

    oh, I didn't even realize we had a different concept for WG; I assumed Ge0rG meant SIG.

  210. Ge0rG

    I didn't know either.

  211. Kev

    We have SIGs and Work Teams.

  212. Kev

    Iteam and SCRAM are Work Teams. standards@ is a SIG.

  213. Guus

    Is standards a SIG? (seems silly to have an organisation who's purpose it is to manage standards, to have a SIG for that)

  214. Guus

    it thought that SIGs were the often time-limited groups for things like IOT spec advancement?

  215. Guus

    we're listing teams in the side-menu here: https://xmpp.org/about/xsf/editor-team

  216. Guus

    (we should restructure that a bit)

  217. Guus

    but I'm not seeing references to our SIGs on the website. Are they defined by XEPs?

  218. Guus

    (https://xmpp.org/about/xsf/bylaws section 8.2)

  219. Guus

    Reading that, a SIG makes more sense than a WT for SPAM.

  220. Guus

    but, do we keep a list of what SIGs we currently have active?

  221. jjrh

    jonasw, the best way I can think of to do threading is to basically have a '+' next to a top level message and then reply in that context. When someone comments to that thread you bring that top level message to the bottom. (similar to how email threading is displayed in many mail clients)

  222. peter

    Guus: do you know a JID for Paweł Ścibiorski from the Summit? I need more information from him in order to complete his reimbursement...

  223. Guus

    peter, yes. alameyo@igniterealtime.org

  224. peter

    thanks!

  225. Guus

    you'll also find him in open_chat@conference.igniterealtime.org pretty much every day.

  226. peter

    k

  227. jjrh

    I'm not sure how things would work for clients who don't support threading - it would be confusing for people with clients that support threading.

  228. jjrh

    Since their 'reply' would not be tied to any thread.

  229. jonasw

    jjrh, how does that work with clients which do not support htat?

  230. jonasw

    wouldn’t their replies look weird then?

  231. jjrh

    Yeah that's the problem - if we are having a threaded discussion and bill replies with a client that doesn't have threading it's going to look weird to us.

  232. jonasw

    yeah

  233. jonasw

    and that’s why threading doesn’t work, in a nutshell

  234. jonasw

    also, clicking to make a threaded reply is annoying

  235. Zash

    jonasw: what if you do heuristics based on this kind of reply?

  236. jonasw

    heuristics fail :(

  237. jjrh

    I'm not sure how to deal with that in a group chat without doing something weird like setting my username to jjrh391034 jjrh391035 in each message - so when you reply it would be to my username with the id and our clients would know to include it in the correct thread.

  238. jonasw

    not all replies have a leading nickname mention :-)

  239. Zash

    assume they belong to the same thread as the last message

  240. Zash

    how far could you get with some graph based heuristics?

  241. Seve

    Well, things work when a popular client implements X and other clients are forced to implement X because that client has that.

  242. Zash

    if two (sub)groups of people seem to be talking mostly among themselves, uh, surely there are fancy algoritms that could tell you about that

  243. jjrh

    well perhaps some sort of id appended to messages would work - If people with clients that don't support threading don't use the legacy way of inserting at least that id in their reply to a conversation well their message will be ignored / lost in the noise. Same way on a mailing list if someone just creates a new message to reply to a existing thread people will simply ignore it / not see it.

  244. jjrh

    Zash, well what would be really neat is if one could find a way to essentially create a new MUC so the conversation moves there

  245. Zash

    did you just say that clients that don't implement this will implement it?

  246. jjrh

    if all our messages end up with "Zash: #MESSAGEINGTHREADING_19230 , did you just say that clients that don't implement this will implement it?" for clients that don't support threading it's up to the user to include #MESSAGEINGTHREADING_19230 in their reply

  247. jjrh

    That's not a great way solution though.

  248. Zash

    the user isn't going to do that

  249. Zash

    see, I didn't even

  250. Zash

    If you want an entirely separate room, then create one and invite people there

  251. Zash

    Surely it should be possible to send an invite to a room

  252. jjrh

    I guess that's another way - if your client doesn't have threading support you get a message saying to join a room. That's a crummy solution too.

  253. Zash

    That's a more of a hard break tho, not what I imagine threading in a groupchat could be

  254. Zash

    I imagined that be more fluid

  255. jjrh

    What would be neat - providing everyone had a client that supported threading - is to figure out when a thread should basically become a new chat room. Effectively 'off topic' discussions wouldn't matter, if we start talking about the new starwars movie in xsf it wouldn't be disturbance because that conversation would quickly be migrated to a new room.

  256. Zash

    What would threading even look like in a real time groupchat?

  257. Zash

    I imagine you would get pretty far by just placing more focus on messages in your current thread

  258. Zash

    like, fate down the others a bit

  259. jjrh

    Yeah - I think I would do something like have the top level show up in the main room #threading_in_xmpp every time so we know chatter in that topic is going on. Same way when I check my email for a mailing list the thread with the most recent reply gets bumped to the top. If i'm active in the discussion (have a chat tab open) in the main chat I wouldn't see that thread.

  260. jjrh

    I feel like even if every XMPP client supported threading and all of them did it reasonably well people would just not use it and things would mostly remain the way they are now.

  261. jjrh

    People (including myself) get stuck in the ways they are used to.

  262. moparisthebest

    from a UX perspective how would I even indicate who (what thread) I am replying to?

  263. Seve remembers people to check how Slack does that.

  264. Seve

    https://slackhq.com/threaded-messaging-comes-to-slack-417ffba054bd

  265. Seve

    https://get.slack.help/hc/en-us/articles/115000769927-Message-threads

  266. Seve

    Although I would search for a video or something, to see more clearly how it's done.

  267. jonasw

    what’s a usable client on Mac OS?

  268. Ge0rG

    jonasw: adium and iMessage or so I heard. Not perfect though

  269. Ge0rG

    jonasw: maybe Swift 4

  270. Ge0rG

    Seve: I've used slack threading once after it was released, but nobody else in my team did, and the UX felt somehow wrong

  271. Ge0rG

    Seve: so any news from KDE?

  272. jonasw

    wat, matrix needs to poll if it can’t have google push foo?

  273. jonasw

    that’s fun

  274. Zash

    What else would it do

  275. marc

    hm? matrix protocol uses polling?

  276. jonasw

    marc, unless they can use google/apple push

  277. marc

    wtf?

  278. jonasw

    yeah

  279. marc

    jonasw, ref?

  280. jonasw

    the settings in the app apparently

  281. Zash

    But http and json!

  282. jonasw

    marc, something about "sync interval"

  283. marc

    maybe this part: https://matrix.org/docs/spec/client_server/r0.3.0.html#syncing

  284. moparisthebest

    jonasw, gajim and dino run on macos too right?

  285. jonasw

    moparisthebest, I don’t know?

  286. jonasw

    do they?

  287. jonasw

    (gajim especially)

  288. moparisthebest

    pretty sure yes

  289. moparisthebest

    gajim almost certainly does

  290. jonasw

    okay

  291. moparisthebest

    Seve, so from https://slackhq.com/threaded-messaging-comes-to-slack-417ffba054bd they are just joining another muc that happens to be a split window from the main muc ?

  292. daniel

    I think it is planned to make dino work on macos. Due to the general beta state of it there might be bugs

  293. Ge0rG

    Gajim isn't a client I would recommend to newcomers.

  294. moparisthebest

    Ge0rG, well 'works' is better than 'doesn't work'

  295. moparisthebest

    and none of those other clients have mam/carbons I think

  296. daniel

    moparisthebest: well dino has both. But I hear it's still buggy

  297. Ge0rG

    We need a client usability score

  298. moparisthebest

    yes dino is fine too, I was mainly saying I'd recommend gajim over pidgin/adium all day

  299. daniel

    Sure. That I can agree with

  300. jonasw

    can swift do MAM?

  301. jonasw

    (and gajim)

  302. SamWhited

    Gajim can, Swift couldn't the last time I used it, but I know they've tried to modernize it a bit since then so it might be able to now.

  303. jonasw

    SamWhited, released gajim or 1.0 beta?

  304. SamWhited

    I'm not sure, released I think. Give me a second and I'll see what I have installed

  305. jonasw

    thanks

  306. SamWhited

    hmm, I thought the version I had on this machine did it, but I can't make it make a query (0.16.9) so maybe I did have the beta installed on my other machine or something

  307. SamWhited

    Ah, I see, it does have MAM, just not a version I support. 0.16.9 supports mam:0, 1.0.0 beta supports :1 and :2

  308. jonasw

    I see

  309. SamWhited

    https://dev.gajim.org/gajim/gajim/blob/gajim-1.0.0-alpha1/ChangeLog

  310. SamWhited

    They dropped OTR too, nifty.

  311. SamWhited

    But support EME now for some reason… I will never understand the Gajim decision making process.

  312. SamWhited

    oh, no, that's not what I thought it was. Nevermind, that makes sense.

  313. jonasw

    what’s wrong with EME?

  314. jonasw

    yeah

  315. SamWhited

    I was thinking it was the old encryption mechanism that never got much adoption, I can't remember what it was called.

  316. jjrh

    Ge0rG, +1 for client usability score. I'd factor in clients with support for XEP's which contribute to usability (message carbons for instance)

  317. Ge0rG

    jjrh: I consider Carbons a MUST for many years now, but they are less urgent for single-client users.

  318. Ge0rG

    OTOH, I don't have MAM in any of my actively used clients.

  319. SamWhited

    I get really annoyed with mcabber for not having MAM, it's a terrible experience.

  320. SamWhited

    If I want to catch up on something I have to use Conversations

  321. Ge0rG

    SamWhited: you need leave mcabber 24/7, or make conversations use a negative priority.

  322. Ge0rG

    (this is a statement about the quirks of XMPP, first and foremost)

  323. jjrh

    I think it's problematic that a android client is one of the best XMPP clients

  324. jjrh

    problematic is probably the wrong word.

  325. Ge0rG

    jjrh: sad?

  326. marc

    So let's be prepared for https://puri.sm/shop/librem-5/ :)

  327. Ge0rG

    What's really problematic is that it's not *my* android client! 😁

  328. marc

    "Partnering with Matrix Librem 5 is the first ever Matrix-powered smartphone, natively using end-to-end encrypted decentralised communication in its dialer and messaging app."

  329. Ge0rG

    We need more people in the SCAM team!

  330. SaltyBones

    has anybody ever looked at matrix and if their stuff is accidentally actually good? :)

  331. marc

    Ge0rG, what's SCAM?

  332. SaltyBones

    I mean their "reference" client is not but who knows about the protocol :p

  333. marc

    SaltyBones, they rely on polling or an additional push protocol

  334. Ge0rG

    marc: our marketing team, https://wiki.xmpp.org/web/Summits_Conferences_And_Meetups_team

  335. marc

    wtf

  336. marc

    Ge0rG, I want a hoodie!

  337. marc

    NOW!

  338. marc

    :D

  339. Ge0rG

    marc: you should've gone to FOSDEM

  340. Ge0rG

    I don't even want an XMPP hoodie. Sad. I'd rather have a Jabber one, but that will be 500$.

  341. marc

    Ge0rG, yeah, damn :D

  342. marc

    Ge0rG, how does the jabber hoodie look like?

  343. Ge0rG

    marc: no idea.

  344. jjrh

    The matrix web client is pretty

  345. Ge0rG

    Actually there is a hoodie I want to have. Front: "Schroedinger's Chat" Back: "XMPP Group Chat 1.0 Protocol"

  346. marc

    Ge0rG: I miss your name on the SCAM page ;)

  347. Ge0rG

    marc: I rather want to be on the SPAM page.

  348. SamWhited

    I've looked at Matrix a bit; the clients they wrote are nice, the protocol isn't (well, it would be good for other things, but not for chat or anything realtime)

  349. Ge0rG

    SamWhited: but http has won, together with Javascript and rest

  350. jjrh

    https://matrix.org/docs/projects/try-matrix-now.html they have quite a few clients.

  351. Ge0rG

    And XSS and https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=1107

  352. daniel

    Oh til that couch db is still a thing

  353. daniel

    I wonder if it does multi threading now

  354. SaltyBones

    i dont understand

  355. SaltyBones

    where are these nice clients

  356. SaltyBones

    everybody seems to use riot which is pretty awful

  357. jjrh

    Riot looks pretty and is something that is familiar to folks (looks like slack/discord/fb messenger)

  358. SamWhited

    Riot felt a bit cluttered at times, but it was pretty and worked more reliably than any XMPP desktop client I'd ever used up until that point.

  359. SamWhited

    And had more modern features.

  360. SaltyBones

    i only know of video calls

  361. SaltyBones

    but that s pretty awesome

  362. jjrh

    http://blogs.asterisk.org/2017/09/20/asterisk-15-multi-stream-media-sfu/ this stuff looks pretty nice

  363. moparisthebest

    the best part about that is the GIF http://blogs.asterisk.org/wp-content/uploads/2017/09/cmp2k_1.gif

  364. moparisthebest

    really takes you back

  365. marc

    Ge0rG: your landing page should accept raw XMPP URIs

  366. SaltyBones

    SamWhited, what's the problem with matrix's protocol?

  367. SamWhited

    It's a giant distributed graph protocol which will never scale very well

  368. SamWhited

    More or less everything syncs to everything else in a big mesh

  369. SaltyBones

    What does it sync?

  370. SamWhited

    Message history between whatever servers are a part of the conversation. Having history in multiple places isn't bad, but the big mesh they build and all the polling they do is rather chatty.

  371. SaltyBones

    So if two people chat it would only involve two servers, right?

  372. SaltyBones

    Sounds benign and like xmpp...? :)

  373. marc

    jonasw: does that mean that all native desktop client use polling? I assume Google Push is not available on Desktop