-
Syndace
daniel (and others), I would love to hear your opinion on something. OMEMO has the issue of the key exchange not accounting for lost messages, that's why clients keep building sessions and reusing the same pre key until they get a response which tells them that the session was built successfully. I don't really like that solution. First of all I'm a little scared, because if a cryptographer tells you not to reuse a key, you should probably not reuse that key. Second it puts a lot of dirty hacky work on client devs, backing up the signal state before building a message and restoring it afterwards and stuff like that. So I was thinking about a different solution for a while and then I had the idea of just ignoring the issue altogether. Let's say you are really unlucky enough to lose the message containing the key exchange. You then send a second message, which gets delivered as usual. Your contact would notice that it can't decrypt the message and in reaction send a new key exchange back to you. So instead of one lost message, all the messages between the lost key exchange and the "healing" key exchange are lost. I would still consider that an acceptable trade for all the hassle and possibly insecurity that comes with the way clients currently handle that scenario.
-
jonas’
adding more ways to non-obviously lose messages with OMEMO doesn’t sound like a good thing to me
-
Ge0rG
It can't get much worse, can it?
-
waqas
Ge0rG: Don't jinx it
-
Ge0rG
Can't we just encrypt all our messages with deflate and be done?
-
jonas’
encrypt :D
-
Ge0rG
I've got two semi-related questions for tomorrow's Board
-
Ge0rG
1. are pseudonymous membership applications allowed? (I can't see anything in https://xmpp.org/about/xsf/bylaws but that Board decides about the form of applications) 2. https://xmpp.org/extensions/xep-0345.html which adresses this point with "no" is Deferred. Could Board please LC and advance it?
-
jonas’
(I had put it on my todo to add '345 to the board agenda)
-
Ge0rG
jonas’: do you have agenda write access?
-
jonas’
yes
-
jonas’
(I think)
-
jonas’
in my role as editor
-
Ge0rG
jonas’: if it's scoped to your role, you probably can't bring in my #1
-
jonas’
that’s true
-
Guus
I think it's important that there's little barriers for people to bring something up for discussion with the board. Trello is just a tool - don't be to shy about using it to put something on the board's agenda. Maybe put it in AOB if you're unsure.
-
Guus
(tl;dr: go for it, jonas’ )
-
Ge0rG
Guus: thanks!
-
Guus
as personal feedback on the pseudonymous membership applications (I've not read up on it yet): why would this be desirable?
-
Guus
(my gut does not like the concept, as it appears to conflict with transparency)
-
Ge0rG
Guus: it does conflict with transparency indeed, and there are many debates of requiring a full name on different online platforms, with both sides suggesting many reasons.
-
Zash
They should join the secret shadow XSF instead
-
waqas
XXSF
-
Maranda
That sounds like st else 😅😅😅
-
Guus
Zash the secret shadow XSF where they require you to sign up using the secret handshake and writing in blood? That's not 'bonding', that's DNA profiling.
-
Ge0rG
I was just asked by a contact whether they could apply under a pseudonym, and I don't know their specific reasons. I'm not sure if this is relevant to a generic Board decision on whether to allow / deny them
-
Ge0rG
XXXSF!
-
ta
Rule 34!
-
waqas
I know at least one individual who was rejected for applying under a pseudonym before
-
Ge0rG
waqas: I've heard that story.
-
Guus
Bear?
- Maranda suggests dropping the multiple uppercase "X" alltogether 🤭🤭✨
-
Ge0rG
I think they are multiple possible outcomes: - legal name only - pseudonyms allowed - per-case decision of board (rather improbable outcome, I suppose)
-
Guus
well, on the one hand - we don't actually check up on the names provided anyway
-
Guus
we do have a requirement that not to many people are affiliated with the same organization, which might be a conflicting issue here.
-
Ge0rG
Guus: yeah
-
Guus
Also, Members get to vote on things
-
pep.
Maybe Ge0rG is not really named Georg. J'accuse!
-
Kev
No, Bear wasn't for applying under a pseudonym, quite the opposite.
-
Guus
having anonymous members would open the door for one person signing up multiple times, influencing votes
-
Guus
Bear signed up using his legal name, which no-one recognized, right?
-
Kev
He applied not under a pseudonym, and no-one knew who he was except as Bear.
-
Kev
Right.
-
Ge0rG
pep.: you had a chance to check my ID *and* to cross-sign pgp keys recently. I'm even a certified CACert assessor, orhowtheycallit
-
waqas
Note that the real name policy isn't really enforced, as far as I've seen. Someone could make up a real sounding pseudonym and they'll likely get in.
-
waqas
So, the door to one person singing up multiple times isn't really closed at the moment.
-
Guus
jonas’ / Ge0rG I added quick Trello items for both issues on Board's Trello Board.
-
Ge0rG
Guus: thanks very much!
-
jonas’
Guus, thx! :)
-
Guus
waqas I agree, and said as much. But still, ...
-
Ge0rG
waqas: I think that we are in a situation where it's hard enough to get a person to sign up *one* time. We need more volunteers!
-
Ge0rG
Also this is probably not the official Board response to that question ;)
-
Guus
right 🙂
-
Ge0rG
while speaking of Board responses... anybody seen peter lately?
-
Guus
I'd really like to know what the reasoning is behind wanting to sign up under a pseudonym
-
jonas’
he replied on github on an issue a day or two ago
-
Ge0rG
maybe I need to PR for JabberSPAM after all?
-
Guus
Ge0rG Yeah, on github and in a mail sent earlier today/tonight
-
waqas
Wow, it was a decade back: https://wiki.xmpp.org/web/Solarius_Application_2008#About_my_anonimity
-
Guus
PSA: if you are going to be at the Summit, it would be a Good Thing for your name to be on the attendance list in wiki, as that's what I'll use to get everyone access to the Cisco building.
-
Guus
ah, thanks waqas - I didn't know about that one.
-
Guus
I'm not sure if either argument is a valid reason for us to accept anonymous signups. Not being a XSF member does not limit your freedom of speech. The other one is personal preference.
-
Guus
waqas do you remember if this persons membership rejection was specifically caused by the anonymity aspect of it?
-
waqas
Yes, I believe so
-
Kev
But rejected by the members, IIRC.
-
Kev
(Which I might not)
-
Guus
I'm not a free speech expert - did my comment above make sense?
-
Kev
I don't think not giving your name to an organisation of which you want to be a member is about free speech.
-
Ge0rG
It doesn't look like we have the minutes on the wiki.
-
Ge0rG
Kev: could you reword that with fewer negations, please?
-
Kev
And as we allow participation regardless of pseudonymity in our process, I don't see a reason we need to allow psedonymous members.
-
Kev
Ge0rG: This isn't about free speech.
-
Guus
Thanks Kev
-
waqas
I'm curious if there's any legal aspect here, in terms of the XSF's status as a non-profit
-
Guus
I guestimate that at best, that's apply for registered officials of the org✎ -
Guus
I guestimate that at best, that'd apply for registered officials of the org ✏
-
waqas
Does the board count?
-
Guus
unsure.
-
Kev
I'd have thought the XSF would need legal advice before accepting someone that they knew wasn't giving their real name. (Which isn't the same as being duped). So the path of least resistance seems to me to disallow pseudonyms.
-
Guus
I tend to agree with Kev - however, if there's a compelling reason, I'd be willing to consider allowing it on an individual base.
-
Guus
Me not being able to think of one doesn't rule out that such reason does exist.
-
waqas
Another case was Daurnimator later on. He withdrew his application based on this. I don't recall any other cases.
-
waqas
I have no strong opinions either way
-
Guus
In unrelated news: https://xmpp.net/ now is updated. Please file your bug reports and PRs at https://github.com/xmpp-observatory
-
jonas’
updated with the DNSSEC fix? :)
-
Guus
yes
-
jonas’
appears to be, awesome!
-
jonas’
thanks for the work to all involved!
-
Guus
and the lets-not-accept-submits-as-http-gets
-
Guus
thingy
-
jonas’
awesome
-
Zash
\o/
-
jonas’
that should reduce the load on the system a lot, too
-
Guus
right
-
Guus
we'll need to have that new index at some point
-
jonas’
index?
-
jonas’
ah, db index
-
Guus
from iteam, I learned that there's a third docker image being used, still based on your personal account jonas’
-
Guus
maybe we should move that one over too?
-
jonas’
the third one being?
-
jonas’
and, yeah, sure
-
jonas’
I can do that later, ping me after 15:00Z
-
waqas
https://xmpp.net — every host listed there has had the progress indicator for a few minutes. Is that real, or is that just stuck?
-
Guus
jonas’ : xsfjonas/xmppoke-db-docker
-
Guus
waqas that's real
-
Guus
tests take quite a long time to complete
-
jonas’
my scan works at least: https://xmpp.net/result.php?domain=dreckshal.de&type=server
-
Guus
although I cannot rule out that a test that was running while the service was restarted will remain in this state forever.
-
Ge0rG
Guus: maybe we can include the server into the "Recent results" only after completion of the test?
-
Guus
the progress indicator (and an 'error' indicator) now replace the question-mark that was previously used for both.
-
Guus
Ge0rG I welcome your PR 🙂
- Ge0rG appends to TODO
-
Guus
Also, I'd love to have volunteers to help maintain the code
-
Ge0rG
ask Board to create a team?
-
Guus
this is not an XSF effort
-
Guus
I just need volunteers 🙂
-
Guus
waqas, if you refresh https://xmpp.net/index.php you'll notice that some tests now have finished.
-
Guus
takes about 8 minutes, it seems.
-
Guus
also, the number of submitted tests appear to be down an order of magnitude. Seems like the GET/POST thing was helpful. Thanks, whoever figured that one out.
-
jonas’
that also looks much better now
-
jonas’
because otherwise you always had those in-progress indicators and never knew if the service was kaputt or just lots of tests pouring in
-
Guus
Google's XMPP endpoint is still active? https://xmpp.net/result.php?domain=gmail.com&type=client
-
Half-Shot
no way, I thought that got closed a long time ago?
-
Zash
Subject: organizationalUnitName: No SNI provided; please fix your client. commonName: invalid2.invalid
-
Zash
Lol
-
Zash
They closed the s2s
-
Zash
Took their sweet time tho, it was still up long after the annouced shutdow date, so long that people forgot that it was supposed to be dead.
-
Ge0rG
Zash: did you test whether it works without TLS?
-
Zash
"it"?
-
Ge0rG
Gmail xmpp
-
Zash
nc: connect to xmpp-server.l.google.com port 5269 (tcp) failed: Connection refused
-
Link Mauve
Ge0rG, it never did work with.
-
Zash
c2s had TLS tho, still does
-
Zash
but it seems to require SNI
-
Ge0rG
Link Mauve: exactly. It's kind of pointless to test it with an SSL checker then
-
Zash
Does xmpp.net do SNI?
-
Zash
https://prosody.im/pastebin/ac9e1833-ab38-4b75-a50d-5bdd5966656a anyways
-
Guus
Zash I do not know
-
Guus
jonas’ it's after 15:00 here - obligatory ping re. database
-
Guus
can we move it / use a new image, without loosing data?
-
jonas’
Guus, I explicitly added the Z
-
jonas’
(15:00Z)
-
jonas’
(= UTC)
-
jonas’
gotta run :), remind me after 15:00Z ;-)
-
Zash
=16:00+01:00
-
Guus
that last character didn't fit in my memory buffer
-
Zash
Guus: I prescribe more RAM
-
Guus
I tried image-searching for "ram module in nose" and did not find one applicable image. I am disappointed in the interwebs.
-
dwd
Guus, Off by on?
-
Guus
I hope that was a pun.
-
dwd
Guus, I think the question mark spoilt the joke.
-
Guus
jonas’ what I said earlier.
-
Guus
ah crap
-
Guus
dst
-
Guus
wait, you said 15
-
Guus
I'm fine
-
dwd
Guus, 1506Z right now.
-
dwd
Guus, Also, had someone else approach me about "what types of sessions might be going on", in order to travel to the Summit.
-
dwd
Guus, FWIW, this guy works heavily in IETF and standards dev in general - so the arguments about "we only want hardcore XMPP experts" are falling a bit flat given he's doing the XMPP work in SACM/IETF.
-
Kev
I'm not sure even /I/ have suggested we only want hardcore XMPP experts.
-
Kev
I have suggested we only want people who can meaningfully contribute, at least as the majority, for summits, but that's not the same.
-
Guus
> dwd 16:33 > Guus, 1506Z right now.
-
Zash
dwd: I prescribe some NTP
-
dwd
Guus, Oh. Yes. I should avoid taking the time from the previous message received.
-
Guus
dwd, I'd be overjoyed to list some kind of session details. I'm hoping that they'll be in that text that you were going to write 🙂
-
dwd
That would be difficult given I don't know either.
-
Guus
maybe we can draw from past experience, but also explicitly mention that we're doing that, and that actual content is often decided on on the first day.
-
dwd
Guus, "We will spend approximately half the first day discussing something that then lies dormant for the rest of the year"
-
MattJ
Tradition
-
jonas’
Guus, okay, I’m moving the repository, and I’ll patch the docker hub stuff under my name
-
Guus
Yes, but that needs less of your truthfullness and more of your marketing sauce.
-
jonas’
it might maek sense to make a docker hub org, too
-
Guus
jonas’ +!
-
Guus
eh, +1
-
jonas’
Guus, ok, s o I linked https://cloud.docker.com/u/xsfjonas/repository/docker/xsfjonas/xmppoke-db-docker to the repository under xmpp-observatory
-
jonas’
it is built from xmppoke-frontend-docker
-
jonas’
so I only had to patch the source repository for the docker build
-
jonas’
https://hub.docker.com/r/xsfjonas/xmppoke-db-docker/ that one
-
Guus
xmppoke-frontend-docker is no longer used
-
Guus
that's merged into xmppoke-frontend
-
jonas’
why does it exist then? :(
-
Guus
eh?
-
dwd
jonas’, To annoy you.
-
jonas’
and how are you building the images?
-
jonas’
because my builds are still pointing at xmppoke-frontend-docker
-
Guus
jonas’ images are built here: https://hub.docker.com/u/xmppobservatory (which holds two plans)
-
Guus
iteam now pulls two out of three images from there too
-
jonas’
okay, so it’s not my department anymore anyways?
-
jonas’
you’ll have to re-create the build from that✎ -
jonas’
you’ll have to re-create the build there ✏
-
Guus
well, the object of the move was to have you no longer be responsible for maintenance on your own, right? 🙂
-
jonas’
the xmppoke-db-docker build built this Dockerfile: https://github.com/xmpp-observatory/xmppoke-frontend/blob/master/database/Dockerfile#L2
-
jonas’
Guus, yes, but the point is, I don’t have +w on that docker hub org
-
jonas’
I can’t do what you’re asking me to do
-
Guus
aah
-
jonas’
(I originally was thinking that (a) you’re still using the images I build under xsfjonas and (b) you were talking about a github repository which had to be moved)
-
Guus
@jonas: actually, xsfjonas is owner of that docker hub org
-
jonas’
then I’m too stupid for that interface
-
jonas’
let me se
-
Guus
it is a confusing interface, I get lost all the time.
-
Guus
also, _I_ was under the impression that it involved another github repo
-
jonas’
https://cloud.docker.com/u/xmppobservatory/repository/docker/xmppobservatory/xmppoke-db-docker/builds so that’s maybe the thing?✎ -
jonas’
https://cloud.docker.com/u/xmppobservatory/repository/docker/xmppobservatory/xmppoke-db-docker/builds so that’s maybe what you are asking for? (I just created that) ✏
-
Guus
looks good-ish 🙂
-
Guus
so, if iteam now switches to that - will it loose all existing data?
-
jonas’
so I’m going to delete all the stuff under xsfjonas to reduce confusion
-
jonas’
no
-
jonas’
if iteam configured it properly
-
jonas’
the pgdata should be in a docker volume
-
Guus
Kev ^ ?
-
jonas’
which is not lost when the container is re-created
-
Guus
I'm unsure if the data / volume is linked to a container type / image or somesuch
-
Guus
I'm not very familiar with docker
-
jonas’
no, volumes can be freely moved around between containers
-
jonas’
they exist independent of them
-
jonas’
(most likely, iteam configured it just as a mount anyways)
-
Guus
jonas’ follow up question: can we incrementally add to the database definition (add an index)?
-
jonas’
manually, yes
-
jonas’
log into the container, get a postgres shell, create the index
-
Guus
right, but from a definition?
-
jonas’
define definition
-
Guus
(somethign that need not involve iteam?)
-
jonas’
iteam needs to be involved anyways
-
Guus
there now is a one-time reconfiguration, yes, but after that, it'd be nice if they could take their hands of off it for things like this.
-
jonas’
it’s not possible, because you’d have to modify code to do that
-
jonas’
and none of the images are pulled automatically
-
jonas’
and that’s intentional, AFAIK
-
Guus
Oh, I was under the impression that the images _are_ pulled automatically
-
Guus
as with the website
-
Guus
but am unsure.
-
jonas’
I don’t think that’s the case for those which execute lots of code (i.e. all of xmppoke)
-
MattJ
It's not automatic, no
-
MattJ
and yes, postgres data is in a volume (or a data container, or something)
-
Guus
ugh. I had hoped for more automation.
-
jonas’
you don’t want automation for that kind of stuff, I think
-
Guus
why not?
-
Guus
old code has been bashing the server for months, no-one cared. Things are unlikely to get worse than that.
-
MattJ
I'm on the fence, but I get jonas’'s point
-
Guus
if anything, you'd have more people be able to fix an issue, by autodeployment.
-
jonas’
intosi and Kev had a very strong opinion on this IIRC
-
Guus
it's in containers, isolated
-
MattJ
Combined with your proposed policy of adding anyone who complains to the org, it's granting many people the ability to run arbitrary code on XSF servers :)
-
Guus
MattJ, yes.
-
jonas’
containers only provide that much isolation
-
MattJ
Doesn't stop pep. adding a bitcoin miner, or sending out XMPP spam
-
Guus
also: grain of salt 🙂
-
pep.
MattJ, sshhh, don't spoil it
-
MattJ
he's writing the code as we speak
-
Link Mauve
I doubt he needs that to send XMPP spam, I’ve seen way cheaper offers coming my way. :p
-
Guus
but, yeah, this is the same difference of perspective that made me conclude that I'm not a good fit for iteam 🙂
-
Guus
anyway, there is food waiting for me to prepare it
-
jonas’
gl!
-
jonas’
what is the preferred trello inbox for Board? Last year’s board preferred to have agenda in the leftmost column ("Agenda items")
-
Guus
jonas’: no preference, nor is there damage done by doing it wrong
-
jonas’
just making sure that it’s being looked at
-
Guus
I'd go with items for discussion
-
jonas’
ok, appended
-
dwd
OK, so this text describing the Summit: "The XMPP Summit is a yearly event, open to all participants in the standards process, and anyone working on or with XMPP. Run as an "Unconference", the agenda is only finalised on the first morning, and is therefore highly fluid. With heavy attendance from many key XEP authors and developers, places are limited, but registration is free. Lunch is often covered by sponsors, and it takes place in Brussels just before the legendary FOSDEM conference."
-
jonas’
s/Lunch is/Lunch for XSF members is/
-
Zash
Not confusing with dinner ?
-
dwd
I suppose we need a bit in the middle, erm, "Previous items on the agenda have ranged from low-level discussions on Groupchat to high level discussion on how XMPP is used, and how it can support modern UX needs."
-
jonas’
ohh
-
dwd
jonas’, Lunch is usually paid for for all attendees by a sponsor.
-
jonas’
I am confusing it probably
-
jonas’
sorry :)
-
dwd
jonas’, It's dirt cheap to sponsor, too, so it really doesn't matter.
-
jonas’
> ranged from low-level discussions on wire protocol, via considerations of interoperability of different standards, to high-level ..."
-
jonas’
maybe that^
-
dwd
That also works.
-
jonas’
oh, maybe I misunderstood for what "bit in the middle" you were asking
-
dwd
jonas’, I meant to we have a bit about the content. So in full, it'd be: he XMPP Summit is a yearly event, open to all participants in the standards process, and anyone working on or with XMPP. Run as an "Unconference", the agenda is only finalised on the first morning, and is therefore highly fluid. Previous items on the agenda have ranged from low-level discussions on Groupchat to high level discussion on how XMPP is used, and how it can support modern UX needs. With heavy attendance from many key XEP authors and developers, places are limited, but registration is free. Lunch is often covered by sponsors, and it takes place in Brussels just before the legendary FOSDEM conference.
-
jonas’
yeah, that’s good enough
-
jonas’
my middle bit was really me grasping straws
-
dwd
Except with a T at the beginning because I can't cut and paste.
-
jonas’
He, The Holy And Unspoken Of XMPP Summit
-
dwd
I'll never make a good developer if I can't cut and paste properly.
-
goffi
https://xmpp.org/about/xmpp-standards-foundation is not up-to-date
-
dwd
goffi, Council isn't no.
-
dwd
goffi, https://github.com/xsf/xmpp.org/pull/502 should help, right?
-
moparisthebest
Bad Gateway
-
Guus
Dave, I like that Summit description
-
Guus
(also couldn't help but notice that you removed Openfire from your bio, gulp)
-
Guus
dwd Shall we have a new page on the website with that text?
-
Guus
(and redirect Jonas' banner to that - then link to the wiki on the page with your text)
-
Guus
https://github.com/xsf/xmpp.org/pull/503
-
dwd
Guus, I thought I've done embarrassingly little on Openfire - I need to correct that before I try to claim it.
-
Guus
Yeah, you fixed that the wrong way around though.
-
pep.
Btw re discussions today about people having access to the infra, I won't be offended if I am removed rights to that github org :)
-
pep.
(Now I need to finish my bitcoin miner before they notice)