XSF Discussion - 2019-02-28

  1. Half-ShotX has joined
  2. jmpman has left
  3. Half-ShotX has left
  4. Half-ShotX has joined
  5. UsL has left
  6. moparisthebest has left
  7. moparisthebest has joined
  8. Half-ShotX has left
  9. architekt has joined
  10. Half-ShotX has joined
  11. architekt has left
  12. architekt has joined
  13. UsL has joined
  14. arc has left
  15. arc has joined
  16. UsL has left
  17. UsL has joined
  18. architekt has left
  19. bowlofeggs has left
  20. bowlofeggs has joined
  21. Half-ShotX has left
  22. Half-ShotX has joined
  23. moparisthebest has left
  24. moparisthebest has joined
  25. Half-ShotX has left
  26. Half-ShotX has joined
  27. moparisthebest has left
  28. moparisthebest has joined
  29. arc has left
  30. arc has joined
  31. arc has left
  32. arc has joined
  33. Half-ShotX has left
  34. Half-ShotX has joined
  35. Half-ShotX has left
  36. Half-ShotX has joined
  37. Half-ShotX has left
  38. Half-ShotX has joined
  39. Half-ShotX has left
  40. Half-ShotX has joined
  41. Half-ShotX has left
  42. Half-ShotX has joined
  43. larma has left
  44. larma has joined
  45. Half-ShotX has left
  46. Half-ShotX has joined
  47. lskdjf has left
  48. lumi has left
  49. Half-ShotX has left
  50. Half-ShotX has joined
  51. lumi has joined
  52. Half-ShotX has left
  53. larma has left
  54. Half-ShotX has joined
  55. arc has left
  56. arc has joined
  57. Half-ShotX has left
  58. Half-ShotX has joined
  59. j.r has left
  60. j.r has joined
  61. wurstsalat has joined
  62. lumi has left
  63. lumi has joined
  64. Neustradamus has joined
  65. arc has left
  66. arc has joined
  67. Half-ShotX has left
  68. Half-ShotX has joined
  69. contrapunctus has left
  70. contrapunctus has joined
  71. Half-ShotX has left
  72. Half-ShotX has joined
  73. Half-ShotX has left
  74. Half-ShotX has joined
  75. lskdjf has joined
  76. Half-ShotX has left
  77. Half-ShotX has joined
  78. jmpman has joined
  79. contrapunctus has left
  80. contrapunctus has joined
  81. Half-ShotX has left
  82. Half-ShotX has joined
  83. contrapunctus has left
  84. contrapunctus has joined
  85. contrapunctus has left
  86. contrapunctus has joined
  87. contrapunctus has left
  88. contrapunctus has joined
  89. lskdjf has left
  90. Half-ShotX has left
  91. Half-ShotX has joined
  92. Half-ShotX has left
  93. Half-ShotX has joined
  94. contrapunctus has left
  95. contrapunctus has joined
  96. wurstsalat has left
  97. tux has left
  98. tux has joined
  99. Half-ShotX has left
  100. Half-ShotX has joined
  101. lumi has left
  102. j.r has left
  103. j.r has joined
  104. Half-ShotX has left
  105. Half-ShotX has joined
  106. Half-ShotX has left
  107. Half-ShotX has joined
  108. Yagiza has joined
  109. Half-ShotX has left
  110. Half-ShotX has joined
  111. Neustradamus has left
  112. j.r has left
  113. j.r has joined
  114. Neustradamus has joined
  115. contrapunctus has left
  116. contrapunctus has joined
  117. Half-ShotX has left
  118. Half-ShotX has joined
  119. novnov has left
  120. novnov has joined
  121. Nekit has joined
  122. novnov has left
  123. Neustradamus has left
  124. novnov has joined
  125. Neustradamus has joined
  126. Half-ShotX has left
  127. Half-ShotX has joined
  128. igoose has left
  129. Half-ShotX has left
  130. Half-ShotX has joined
  131. igoose has joined
  132. Half-ShotX has left
  133. Half-ShotX has joined
  134. alexis has joined
  135. Half-ShotX has left
  136. Half-ShotX has joined
  137. alexis has left
  138. alexis has joined
  139. Half-ShotX has left
  140. Half-ShotX has joined
  141. alexis has left
  142. alexis has joined
  143. contrapunctus has left
  144. contrapunctus has joined
  145. Half-ShotX has left
  146. Half-ShotX has joined
  147. lorddavidiii has joined
  148. Half-ShotX has left
  149. Half-ShotX has joined
  150. alexis has left
  151. alexis has joined
  152. Half-ShotX has left
  153. Half-ShotX has joined
  154. arc has left
  155. arc has joined
  156. vaulor has joined
  157. arc has left
  158. arc has joined
  159. Half-ShotX has left
  160. Half-ShotX has joined
  161. mimi89999 has left
  162. mimi89999 has joined
  163. bowlofeggs has left
  164. Half-ShotX has left
  165. Half-ShotX has joined
  166. Half-ShotX has left
  167. Half-ShotX has joined
  168. mimi89999 has left
  169. mimi89999 has joined
  170. arc has left
  171. arc has joined
  172. arc has left
  173. arc has joined
  174. arc has left
  175. arc has joined
  176. blabla has joined
  177. Half-ShotX has left
  178. Half-ShotX has joined
  179. alacer has joined
  180. contrapunctus has left
  181. contrapunctus has joined
  182. valo has left
  183. valo has joined
  184. contrapunctus has left
  185. contrapunctus has joined
  186. contrapunctus has left
  187. contrapunctus has joined
  188. Half-ShotX has left
  189. Half-ShotX has joined
  190. contrapunctus has left
  191. Nekit has left
  192. Nekit has joined
  193. arc has left
  194. arc has joined
  195. Half-ShotX has left
  196. Half-ShotX has joined
  197. contrapunctus has joined
  198. alexis has left
  199. karoshi has joined
  200. Half-ShotX has left
  201. Half-ShotX has joined
  202. lorddavidiii has left
  203. alexis has joined
  204. lorddavidiii has joined
  205. alexis has left
  206. andy has joined
  207. andy has left
  208. andy has joined
  209. andy has left
  210. novnov has left
  211. contrapunctus has left
  212. contrapunctus has joined
  213. novnov has joined
  214. Half-ShotX has left
  215. Half-ShotX has joined
  216. alexis has joined
  217. alexis has left
  218. lnj has left
  219. lorddavidiii has left
  220. Half-ShotX has left
  221. Half-ShotX has joined
  222. lorddavidiii has joined
  223. alacer has left
  224. alacer has joined
  225. yvo has joined
  226. marc_ has joined
  227. Half-ShotX has left
  228. Half-ShotX has joined
  229. goffi has joined
  230. ralphm has left
  231. debacle has joined
  232. Half-ShotX has left
  233. Half-ShotX has joined
  234. Half-ShotX has left
  235. Half-ShotX has joined
  236. marc_ has left
  237. andy has joined
  238. vaulor has left
  239. vaulor has joined
  240. vaulor has left
  241. vaulor has joined
  242. Half-ShotX has left
  243. Half-ShotX has joined
  244. intosi has left
  245. intosi has joined
  246. Half-ShotX has left
  247. Half-ShotX has joined
  248. Half-ShotX has left
  249. Half-ShotX has joined
  250. kokonoe has left
  251. kokonoe has joined
  252. ThibG has left
  253. ThibG has joined
  254. Half-ShotX has left
  255. Half-ShotX has joined
  256. zinid has left
  257. zinid has joined
  258. contrapunctus has left
  259. contrapunctus has joined
  260. lorddavidiii has left
  261. ralphm has joined
  262. Half-ShotX has left
  263. Half-ShotX has joined
  264. lorddavidiii has joined
  265. lorddavidiii has left
  266. Half-ShotX has left
  267. Half-ShotX has joined
  268. contrapunctus has left
  269. contrapunctus has joined
  270. lorddavidiii has joined
  271. ralphm has left
  272. ralphm has joined
  273. !xsf_Martin has joined
  274. Half-ShotX has left
  275. Half-ShotX has joined
  276. alacer has left
  277. vanitasvitae Nice, the XSF got selected for GSoC :)
  278. Half-ShotX has left
  279. Half-ShotX has joined
  280. ThibG has left
  281. ThibG has joined
  282. ralphm has left
  283. ralphm has joined
  284. Half-ShotX has left
  285. Guus Yes!
  286. kokonoe has left
  287. Half-ShotX has joined
  288. frainz has left
  289. kokonoe has joined
  290. frainz has joined
  291. 404.city has joined
  292. !xsf_Martin has left
  293. !xsf_Martin has joined
  294. !xsf_Martin has left
  295. !xsf_Martin has joined
  296. Seve \o/!
  297. Half-ShotX has left
  298. Half-ShotX has joined
  299. !xsf_Martin has left
  300. !xsf_Martin has joined
  301. dele has joined
  302. contrapunctus has left
  303. contrapunctus has joined
  304. contrapunctus has left
  305. contrapunctus has joined
  306. Half-ShotX has left
  307. Half-ShotX has joined
  308. contrapunctus has left
  309. contrapunctus has joined
  310. jonas’ \o/
  311. Half-ShotX has left
  312. Half-ShotX has joined
  313. dele has left
  314. nyco has left
  315. 404.city has left
  316. contrapunctus has left
  317. contrapunctus has joined
  318. contrapunctus has left
  319. larma has joined
  320. contrapunctus has joined
  321. !xsf_Martin has left
  322. !xsf_Martin has joined
  323. !xsf_Martin has left
  324. !xsf_Martin has joined
  325. !xsf_Martin has left
  326. !xsf_Martin has joined
  327. rion has joined
  328. lorddavidiii has left
  329. rion seems like xep-0214 depends on deprecated xep-0137. Probably it has to be updated or deprecated too.
  330. alacer has joined
  331. Half-ShotX has left
  332. Half-ShotX has joined
  333. !xsf_Martin has left
  334. rtq3 has joined
  335. rion we were just thinking on support@j.ru how to make file storage management for http upload.
  336. lorddavidiii has joined
  337. Wiktor vanitasvitae: is there a list of topics?
  338. Half-ShotX has left
  339. Half-ShotX has joined
  340. nyco has joined
  341. lorddavidiii has left
  342. lorddavidiii has joined
  343. contrapunctus has left
  344. contrapunctus has joined
  345. andy has left
  346. andy has joined
  347. Link Mauve rion, there is also XEP-0329, which depends on XEP-0234 instead.
  348. marc_ has joined
  349. Link Mauve Those two are part of my list of deferred XEPs to look at and either revive or deprecate, but there was some opposition to deprecating a deferred XEP recently.
  350. Half-ShotX has left
  351. Half-ShotX has joined
  352. Andrew Nenakhov Xep 214 is a bad idea that will end in pubsubfs, not that we're looking into
  353. rion Link Mauve: 329 looks good to me, thanks. and it can be combined with http jingle transport.
  354. Link Mauve Yup.
  355. Link Mauve I think goffi has another implementation of it.
  356. Half-ShotX has left
  357. Link Mauve He demo’d it at the Summit.
  358. Link Mauve Andrew Nenakhov, being able to subscribe to a node mapping to a directory sounds useful though.
  359. Link Mauve The 0329 can’t be used for a dropbox-like, or even any notification.
  360. kokonoe has left
  361. contrapunctus has left
  362. contrapunctus has joined
  363. contrapunctus has left
  364. contrapunctus has joined
  365. Half-ShotX has joined
  366. kokonoe has joined
  367. andy has left
  368. andy has joined
  369. Half-ShotX has left
  370. ralphm has left
  371. rtq3 has left
  372. rtq3 has joined
  373. Half-ShotX has joined
  374. ralphm has joined
  375. vanitasvitae Wiktor: in the xmpp wiki
  376. Wiktor vanitasvitae: kthx
  377. Half-ShotX has left
  378. Half-ShotX has joined
  379. Half-ShotX has left
  380. j.r has left
  381. contrapunctus has left
  382. contrapunctus has joined
  383. kokonoe has left
  384. Half-ShotX has joined
  385. kokonoe has joined
  386. alacer has left
  387. alacer has joined
  388. contrapunctus has left
  389. contrapunctus has joined
  390. Half-ShotX has left
  391. Half-ShotX has joined
  392. Half-ShotX has left
  393. contrapunctus has left
  394. contrapunctus has joined
  395. debacle has left
  396. contrapunctus has left
  397. contrapunctus has joined
  398. contrapunctus has left
  399. contrapunctus has joined
  400. Half-ShotX has joined
  401. lnj has joined
  402. Yagiza has left
  403. contrapunctus has left
  404. contrapunctus has joined
  405. Half-ShotX has left
  406. lnj has left
  407. contrapunctus has left
  408. contrapunctus has joined
  409. Half-ShotX has joined
  410. contrapunctus has left
  411. contrapunctus has joined
  412. Half-ShotX has left
  413. contrapunctus has left
  414. contrapunctus has joined
  415. Half-ShotX has joined
  416. igoose has left
  417. Half-ShotX has left
  418. Half-ShotX has joined
  419. Half-ShotX has left
  420. Yagiza has joined
  421. rtq3 has left
  422. rtq3 has joined
  423. Half-ShotX has joined
  424. novnov has left
  425. blabla has left
  426. blabla has joined
  427. blabla has left
  428. blabla has joined
  429. novnov has joined
  430. Half-ShotX has left
  431. igoose has joined
  432. ThibG has left
  433. ThibG has joined
  434. Half-ShotX has joined
  435. Half-ShotX has left
  436. lskdjf has joined
  437. Half-ShotX has joined
  438. j.r has joined
  439. Half-ShotX has left
  440. goffi has left
  441. kokonoe has left
  442. kokonoe has joined
  443. lnj has joined
  444. lnj has left
  445. Half-ShotX has joined
  446. Half-ShotX has left
  447. Half-ShotX has joined
  448. bowlofeggs has joined
  449. Half-ShotX has left
  450. Half-ShotX has joined
  451. jmpman has left
  452. efrit has joined
  453. j.r has left
  454. Half-ShotX has left
  455. Half-ShotX has joined
  456. Half-ShotX has left
  457. Half-ShotX has joined
  458. andy has left
  459. Half-ShotX has left
  460. Half-ShotX has joined
  461. Half-ShotX has left
  462. contrapunctus has left
  463. contrapunctus has joined
  464. Half-ShotX has joined
  465. efrit has left
  466. contrapunctus has left
  467. contrapunctus has joined
  468. contrapunctus has left
  469. contrapunctus has joined
  470. Half-ShotX has left
  471. contrapunctus has left
  472. contrapunctus has joined
  473. andy has joined
  474. andy has left
  475. contrapunctus has left
  476. andy has joined
  477. contrapunctus has joined
  478. Half-ShotX has joined
  479. contrapunctus has left
  480. contrapunctus has joined
  481. contrapunctus has left
  482. contrapunctus has joined
  483. contrapunctus has left
  484. contrapunctus has joined
  485. contrapunctus has left
  486. contrapunctus has joined
  487. Half-ShotX has left
  488. Half-ShotX has joined
  489. contrapunctus has left
  490. contrapunctus has joined
  491. Half-ShotX has left
  492. contrapunctus has left
  493. contrapunctus has joined
  494. Half-ShotX has joined
  495. contrapunctus has left
  496. contrapunctus has joined
  497. contrapunctus has left
  498. contrapunctus has joined
  499. contrapunctus has left
  500. contrapunctus has joined
  501. contrapunctus has left
  502. contrapunctus has joined
  503. Half-ShotX has left
  504. Half-ShotX has joined
  505. contrapunctus has left
  506. contrapunctus has joined
  507. Half-ShotX has left
  508. Half-ShotX has joined
  509. goffi has joined
  510. blabla has left
  511. blabla has joined
  512. Half-ShotX has left
  513. rtq3 has left
  514. rtq3 has joined
  515. lorddavidiii has left
  516. goffi indeed I have an implementation of XEP-0329, I'm pretty happy with it.
  517. goffi I've made a quick evaluation of various options, I've chosen this one because it's working and simple.
  518. goffi Link Mauve: while it can't be used for dropbox like?
  519. Half-ShotX has joined
  520. goffi s/while/why/
  521. Alex has left
  522. j.r has joined
  523. Half-ShotX has left
  524. Andrew Nenakhov has left
  525. Half-ShotX has joined
  526. Andrew Nenakhov has joined
  527. Andrew Nenakhov has left
  528. Half-ShotX has left
  529. Link Mauve goffi, how do you subscribe to files being added or removed or changed?
  530. Andrew Nenakhov has joined
  531. Half-ShotX has joined
  532. goffi Link Mauve: is this needed for dropbrox like?
  533. goffi (note that I've never used dropbox)
  534. Link Mauve goffi, Dropbox is a software you install on your computer, which provides you a fuse(-like?) interface to mount a remote directory.
  535. Half-ShotX has left
  536. Link Mauve Then when anyone puts files there, they will be downloaded on your computer.
  537. Link Mauve Or something like that.
  538. Link Mauve I haven’t used it either, but I’ve heard people talk about it.
  539. Zash It lets the cloud put files on your computer. Probably.
  540. jonas’ I think the closest FLOSS thing is Sparkleshare
  541. jonas’ or Seafile
  542. jonas’ so if you want to check out the UX, go to those projects
  543. jonas’ although sparkleshare in particular was pretty bad when I tested it the last time
  544. nyco hi
  545. Guus Hello
  546. Link Mauve jonas’, yes, it is.
  547. Link Mauve Also unmaintained.
  548. goffi Link Mauve: to looks for files on a server (my current use case), XEP-0329 is enough and working well. To subscribe to a directory or a file it would need to be extended, but I think it can be done quite cleanly with references.
  549. Link Mauve now shuts up and lets board do boardy things.
  550. Guus Seve ralphm MattJ shall we meet?
  551. Link Mauve goffi, XEP-0214 did that already.
  552. goffi yes, but it's overcomplicated in my opinion
  553. nyco to all, my apologies for last week, as I did not join, and did not tell...
  554. Guus I think you did?
  555. Guus or was that the week before? I was not here last week myself.
  556. blabla has left
  557. Guus anyways. you are forgiven. 🙂
  558. blabla has joined
  559. Guus ... did these guys find another place to meet while we were gone?
  560. MattJ Hey
  561. Guus ola!
  562. Half-ShotX has joined
  563. Half-ShotX has left
  564. Seve Hi! My bad
  565. MattJ Sorry, had a delivery arrive just as the meeting began :)
  566. MattJ Just missing ralphm?
  567. Guus That's generally when delivery guys show up at my door too. Mostly for neighbors, too.
  568. Guus yes
  569. nyco a softer way of swatting?
  570. Guus perhaps 🙂
  571. nyco https://trello.com/b/Dn6IQOu0/board-meetings
  572. Half-ShotX has joined
  573. Guus hands a gavel to nyco
  574. nyco tries to catch it on the fly
  575. nyco BANG
  576. nyco Minute taker, who are you today?
  577. nyco so we have Seve, Matt, Guus, and me, only Ralph is missing
  578. nyco we have 2 topics for decision: * E2E CA req * membership application commitment: * typo in deferred XEP discussion: * money, money, money * reach out high profile users * badge designer
  579. Alex has joined
  580. nyco let's start ?
  581. nyco 1. E2E
  582. nyco file:///Users/nyco/code/converse.js/fullscreen.html
  583. nyco oops
  584. nyco https://trello.com/c/JIVSMPah/336-e2e-authentication-in-xmpp-ca-requirements
  585. nyco <you know my client now>
  586. Guus are you typing a lot in one message, or do I have delays?
  587. nyco maybe the weather
  588. Guus that's possible 🙂
  589. Guus wifi is acting up 🙂
  590. Guus I must admit I've not yet taken the time to study the E2E protoxep
  591. nyco so I have no clue of this item, too tech for me, I hand over to <who>?
  592. MattJ Yeah, I need more time to review it
  593. nyco so what's neede here?
  594. nyco so what's needed here?
  595. Guus It seems two-prone, at least.
  596. Ge0rG If this is the CA part of the recently rejected XOR proto-XEP, it's about the XSF running a CA
  597. nyco so what's needed from the Board here?
  598. nyco oh ok
  599. kokonoe has left
  600. Guus I'm assuming that this is brought before board, because it defines XSF-organisational requirements?
  601. jonas’ there is a separate ProtoXEP for that
  602. Link Mauve Ge0rG, it has been accepted, hasn’t it?
  603. jonas’ https://xmpp.org/extensions/inbox/eax-car.html
  604. Guus In our trello boad, this is linked: https://xmpp.org/extensions/inbox/eax-car.html
  605. jonas’ ha!
  606. nyco https://xmpp.org/extensions/inbox/eax.html https://xmpp.org/extensions/inbox/eax-car.html
  607. jonas’ now we have it linked thrice
  608. MattJ The stated requirements for the XSF seem trivial enough as specified, but I'm not sure what the wider context is here
  609. nyco feels there is lag indeed
  610. jonas’ the eax.html is Standards Track and has been handled by Board
  611. Half-ShotX has left
  612. jonas’ but it’s useful context
  613. jonas’ more context is in xor.html
  614. MattJ What root CAs are we supposed to redirect to? Is there some vetting to be done? etc. - I need to read it more
  615. kokonoe has joined
  616. Seve Same here as the rest
  617. MattJ and why isn't relying on normal trust anchors enough? E.g. Mozilla's
  618. nyco are we able to do this?
  619. Guus Also - this introduces the XSF as a single source of truth
  620. MattJ So let's punt on this for the moment, understand it more and discuss next week
  621. Guus which somehwat clashes with doing things distributed/federated - unsure if that can be helped here (I must read more, as a wise man just said), but it's bound to raise brows.
  622. Ge0rG MattJ: normal CAs are forbidden to issue non-web certificates, essentially, by CA/Browser Forum rules
  623. Half-ShotX has joined
  624. Ge0rG (which is something the XSF Board might well be able to address, in a proper formal inquiry to the CABF)
  625. nyco if there is a CA, there are many ICA ?
  626. nyco which is more decentralised, still as a pyramid
  627. lnj has joined
  628. jonas’ kind of like how DNSSEC works
  629. Guus Ge0rG is that an alternative approach than the one suggested in the XEP?
  630. andy has left
  631. nyco a blockain-based CA? wait no
  632. Ge0rG Guus: no, it's completely orthogonal. I haven't had the time to read _this_ incarnation of the XEP either
  633. Guus Ge0rG ok thanks
  634. Seve I think there are too many questions on this one :)
  635. Guus as MattJ suggested, lets kick this can down the road for a week.
  636. MattJ +1
  637. Guus (and do some reading)
  638. nyco 2. XEP-0345 (Form of Membership Applications)
  639. nyco card without description, what's needed from the board?
  640. nyco https://xmpp.org/extensions/xep-0345.html
  641. frainz has left
  642. MattJ Who added it?
  643. Guus approval.
  644. Ge0rG nyco: it's a procedural XEP that needs to be decided upon
  645. nyco ok
  646. Ge0rG So Board shoul decide whether it shall be accepted or not.
  647. nyco so I feel like emil, jid, affiliations and name are not enough can we add things like values, objectives, past contributions?
  648. Guus I only now see that there was feedback in the Last Call
  649. MattJ nyco, I think that's up to the candidate to add as much as they want to share to be accepted
  650. Seve I would have wanted that to be a discussion topic maybe? And then decide something about it.
  651. MattJ I don't think we need to make those things mandatory in a formal document
  652. nyco mandatory no, but as an option
  653. nyco rather a suggestion
  654. Guus MattJ didn't you raise an example of someone having 'valid' reasons for wanting to apply anonymously?
  655. Guus although we shot down applying anonymously before, your example might warrant to re-address that
  656. MattJ Possibly so
  657. Guus I think you were going to see if said person would be willing to provide details?
  658. Guus Do you recall who I'm talking of? You weren't specific.
  659. MattJ There is a slight difference between being an anonymous member and having your details being known only to the Secretary
  660. Guus If that's still ongoing, I'd like to have that information before voting on XEP-0345.
  661. MattJ Yes, I recall the conversation, I need to follow up
  662. Ge0rG I've recently brought up the anonymity question, and by now told the respective user that it's not an option.
  663. jonas’ did you also tell them that contributing to standards etc. is very much possible without being a member?
  664. MattJ Ge0rG, iirc that was before the summit, where we had some in-person discussions about how we may improve the process
  665. Guus Ge0rG which is what we decided on.
  666. MattJ The decision still holds
  667. MattJ We /may/ be able to change the way we do things, and we /may/ decide to do that
  668. MattJ and that may or may not be enough for these people who want to remain anonymous
  669. Guus (what he said - my choice of words was poor)
  670. Ge0rG But you SHOULD document the current status quo in some way. And XEP-0345 is a good place
  671. Guus Agreed - I'd still like to review the feedback from the Last Call before I vote. I neglected doing that.
  672. MattJ Same
  673. nyco ok next item?
  674. nyco 3. typo in deferred XEP
  675. nyco https://trello.com/c/U3OJ4sQx/328-clarify-what-happens-when-a-typo-or-equivalent-is-fixed-in-a-deferred-xep
  676. Half-ShotX has left
  677. Half-ShotX has joined
  678. lnj has left
  679. rtq3 has left
  680. Guus I think we have a fix for that, and this trello card was only left for tracking that that fix got applied?
  681. Guus jonas’ - do you recall the details?
  682. Ge0rG It was decided upon in January
  683. MattJ "In today's board meeting, Board agrees wiath Jonas' suggested change, and ask the Editor to draft a proposal for the change in XEP-0001."
  684. jonas’ Guus, yes... I should make a Pr
  685. jonas’ buuuuuut .... -EBUSY
  686. Guus sure, no problem
  687. nyco looks weird to un-defer to re-defer later, can't we just let edition of deferred XEP, at least for archival purposes and probable later revival ?
  688. Guus just trying to recall if there's something for us to do here 🙂
  689. Guus nyco we already voted on this - do you really want to re-open the issue?
  690. Seve I have a question for you about that jonas’, would be possible to specify the equivalent? For instance I would like to update my contact information on a XEP, so I guess that falls into equivalent as well, but would be nice to have this specified
  691. jonas’ Seve, sorry, -ENOCTX
  692. nyco nope, I'm fine, can't recall, sorry, was it a meeting I missed?
  693. Guus (yeah, you need to be slightly less nerdy for me to follow here 😛 )
  694. nyco 4. Money
  695. nyco https://trello.com/c/1yN2GL4q/296-fundraising-and-financing
  696. Half-ShotX has left
  697. frainz has joined
  698. MattJ Seve, I guess we can consider that when the PR is submitted
  699. Guus I think this boils down to a) there's general consensus that the XSF could use more money to 'do things' that stimulate XMPP, and b) we need to find sources of income.
  700. MattJ i.e. make sure the wording encompasses those kinds of changes
  701. MattJ Guus, right
  702. Guus we've previously established that from a finanicial point of view, the XSF is in good shape - but does not have much reserves to significantly spend on things
  703. Guus Maybe it's time to bury this card, and recreate one that says 'get sponsors' (which actually is hopefully a byproduct of the next card )
  704. nyco I'd say it's more of a continuous effort...
  705. Guus unless there's other topics related to 'fundraising and financing' that board wants to discuss
  706. MattJ Guus, that sounds like good progress
  707. nyco 5. Define strategy to reach out to (and reap benefits) high profile XMPP applications/users.
  708. nyco https://trello.com/c/dGy6D0yl/334-define-strategy-to-reach-out-to-and-reap-benefits-high-profile-xmpp-applications-users
  709. Guus for various reasons, I feel that we should get in touch with high-profile XMPP applicators
  710. Ge0rG slightly related to this, Winfried wrote in his application <https://wiki.xmpp.org/web/Winfried_Tilanus_Application_2019> that he wanted to reach out to interesting XMPP deployments
  711. Guus 1) they act as awesome showcases - which can be good for marketing
  712. Guus 2) we can likely learn a lot from each-other - they can benefit from our resources, we can benefit from their expertise
  713. Guus 3) some of these might be sponsor candidatesd
  714. Ge0rG Guus: it would be great to appriach the companies behind https://xmpp.org/uses/gaming and also to finish https://github.com/xsf/xmpp.org/issues/490
  715. Guus Ge0rG yes.
  716. Half-ShotX has joined
  717. Guus As we do not have an executive director anymore (who I'd think would be perfect for the reaching out), I think that it falls on board to figure out how to approach this.
  718. Guus which I suggests boils down to: "who do we contact?" and "what message do we want to convey?"
  719. Guus I have very little experience here, so I'm looking for input.
  720. Ge0rG Guus: also it's good to clarify who is "we"
  721. nyco our approach could be bottom-up, to start with, that is: we collect those data from member willing to share
  722. Guus Ge0rG to clarify, with 'we' I mean 'the XSF'
  723. Seve I don't see any other 'we' here
  724. Guus nyco what 'data' do you mean exactly?
  725. Dele Olajide has joined
  726. nyco use cases, verticals, numbers, values, benefits
  727. Ge0rG Guus: 'we' should be a volunteering person or maybe a small working team. SCAM or commteam might be a good fit.
  728. MattJ Guus, I think something winfried and I were discussing in Brussels... many of the people involved in the XSF are involved with various XMPP projects that don't necessarily get the exposure they deserve
  729. MattJ I'm sure some of them don't want to, but I'm also sure some of them do
  730. Ge0rG Winfried might be a good candidate if he happens to have time.
  731. Ge0rG I planned to ask him, but his server was down
  732. Guus I'm hearing the name "Winfried" a lot, so it makes sense to at least ask him if he is interested in taking point on this.
  733. tux has left
  734. alacer has left
  735. Guus but I do wonder if the reaching-out bit should be done by an officer.
  736. Ge0rG Guus: according to his own words from four weeks ago, he is
  737. Guus as it's the beginning of potentially formal relationship?
  738. Seve When I applied for board I mentioned I would like to see what can we do about making companies advertise they use XMPP like they would do using any kind of framework or language for example, but I have no experience on this topic. But I don't think just a single person can manage all of this. From my point of view we should gather together like we do on this meetings and start bit by bit discussing how, what, etc.
  739. Ge0rG From https://wiki.xmpp.org/web/Winfried_Tilanus_Application_2019 - > I want to do more of those: go out there and interview the people behind interesting XMPP deployments and publish about them.
  740. nyco if we want exposure, we can do interviews 5 to 10 questions, always the same, send them to a project/product leader (dev, product, marketing, CEO, whatever), put them in shape, do a blog post, automatically post to Twitter (and more, if possible)
  741. MattJ Guus, my point is that many of us are already working with the people we're discussing
  742. MattJ and that's our easiest way into such users of XMPP
  743. MattJ rather than starting cold with high-profile users we've got no current routes into
  744. nyco Seve this is an itch I also would like to scratch
  745. Seve nyco, that's in my todo list, I wanted to reach to companies and do that kind of interviewing, so it is fair for everybody
  746. Seve But we need to talk a bit on what to ask, and so on
  747. Guus Many things at the same time: Ge0rG: good! nyco: that would be awesome, but I like to have more: not just an article, but active involvement. MattJ also, that's a good start, but I also want to find _new_ organisations.
  748. nyco I'm following you Seve
  749. MattJ Guus, you think the XSF knows all the current ones?
  750. nyco Guus article vs article involvment
  751. Guus nyco: much more than articles! I'd like them to eventually become members 🙂
  752. Guus but they're all good starts
  753. nyco Guus MattJ yes, hidden uses of XMPP are everywhere
  754. Half-ShotX has left
  755. Guus MattJ no, definately not - and what you propose might be a good start.
  756. Guus This topic might warrant a meeting on its own
  757. Guus (also, we're running out of time - and I need to divert my attention soon)
  758. Seve Several even :D
  759. winfried Seve I already interviewed one and am in the process of finishing it, good to ream up
  760. Ge0rG winfried! \o/
  761. nyco Guus oh yeah, definitely, members rock though, I felt that many orgs follow the XSF, but do not wish to contribute/participate, for various reasons: not time, shyness, intimidating, too/only technical
  762. Guus Can we wrap up for today?
  763. MattJ nyco, also I've encountered some that didn't want their use of XMPP to be public knowledge
  764. Half-ShotX has joined
  765. nyco hey, we have passed the 16:00 mark, we should adjourn this meeting, who against that?
  766. MattJ +1
  767. Seve MattJ, interesting
  768. nyco Next ? +1W as usual ?
  769. MattJ wfm
  770. Ge0rG 's got another point for heated discussion, but will delay that by +1W
  771. Guus I'm fine with +1w
  772. nyco BANG
  773. Seve Sure +1
  774. nyco Thanks everybody! 😉
  775. MattJ Thanks nyco and all :)
  776. Seve Very nice to meet with you all!
  777. Dele Olajide has left
  778. Guus Ge0rG curious, what was the topic?
  779. Guus I like to be prepared for next time 🙂
  780. Ge0rG Guus: it's related to the Jabber trademark.
  781. Guus your license was arranged, right?
  782. Guus so, different issue?
  783. Maranda has left
  784. Maranda has joined
  785. Ge0rG Guus: right
  786. Guus kk
  787. Guus "looking forward to it"
  788. Guus 😉
  789. MattJ :)
  790. lnj has joined
  791. zinid so XEP-CAR is postponed?
  792. goffi has left
  793. goffi has joined
  794. zinid *EAX-CAR
  795. Half-ShotX has left
  796. winfried Ge0rG: time to do some SSL debugging?
  797. Ge0rG winfried: do you mind running your domain through xmpp.net?
  798. winfried don't mind :-D
  799. MattJ zinid, yes, until next week
  800. zinid tl;dr? 😀
  801. MattJ Just so everyone can get a better understanding of what the responsibilities are
  802. zinid well, I'm just asking to run the url redirection, it's an experimental anyway
  803. MattJ Good to know
  804. zinid but of course I can just copy that CA/B Forum's insane requirements to the XEP so *nobody* will able to read it
  805. MattJ Can you give an example of an entity the redirect might go to?
  806. zinid MattJ, we're going to start the CA at process-one, that will be the first URL for redirection
  807. MattJ or... just maybe wait until I've read the other XEP, I'll probably understand more then :)
  808. MattJ Ok
  809. moparisthebest jonas’, Link Mauve: I'd say closest floss thing to Dropbox would be nextcloud or syncthing , I probably wouldn't want my xmpp client trying to reinvent that wheel...
  810. Link Mauve moparisthebest, does that mean you want it to be impossible to implement such a service?
  811. Link Mauve It doesn’t have to be your client.
  812. alameyo has left
  813. alameyo has joined
  814. Half-ShotX has joined
  815. ThibG has left
  816. ThibG has joined
  817. moparisthebest no of course not
  818. MattJ What advantages does using XMPP have here?
  819. moparisthebest just, to me, seems totally unsuited for XMPP
  820. winfried Ge0rG: https://xmpp.net/result.php?id=1452651 :-D
  821. Ge0rG winfried: so you only accept ECDSA and I reject ECDSA
  822. winfried Ge0rG: Got already a smelling suspicion....
  823. Ge0rG winfried: https://xmpp.net/result.php?domain=yax.im&type=server#ciphers
  824. Ge0rG winfried: is there a particular reason for ECDSA?
  825. Guus zinid can you share a link to the insane CA/B Forums requirements? 🙂
  826. zinid MattJ, for incident resolution we can just borrow formal rules developed by CA/B Forum, but I don't want to copy the whole requirements of CA/B Forum, they are too complex and this will prevent some OSS community to run any CA at all except a few companies with money
  827. Ge0rG Guus: https://cabforum.org/baseline-requirements-documents/
  828. Guus tx
  829. Link Mauve moparisthebest, getting notifications about things, and being able to manage things you already uploaded in some form over XMPP, doesn’t sound that unsuited to me.
  830. Link Mauve In the recent years, a lot of clients have started uploading files to their server for instance.
  831. zinid Guus, achtung, the document is very TL;DR 😀
  832. Half-ShotX has left
  833. Link Mauve It would be useful to have a way to manage that, instead of an upload once, regret forever kind of thing.
  834. moparisthebest only to share links, synchronizing directory trees across computers is an entirely different ballgame
  835. goffi XMPP is absolutely suited for that, and I'm already on the way of doing something similar. XMPP brings its ecosystem (accounts, permissions, notifications, etc.)
  836. Link Mauve And that.
  837. Guus zinid aren't they always? 🙂
  838. zinid Guus, yeah, CA is hard
  839. winfried Ge0rG: must have been, but I don't remember anymore... ;-) I guess I may relax my ciphers a bit.
  840. alameyo has left
  841. Ge0rG winfried: you could use the recommendations from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
  842. moparisthebest winfried, it doesn't look like cipher selection as much as you got an ecdsa key+certificate and not an RSA one ?
  843. Maranda has left
  844. Maranda has joined
  845. Half-ShotX has joined
  846. Ge0rG you can get a pure ecdsa cert from public CAs?
  847. zinid Ge0rG, yes
  848. zinid Let's Encrypt may issue pure ECC cert
  849. Ge0rG and it won't do RSA based DH?
  850. zinid Ge0rG, no, ejabberd's ACME only supports ECC so far and LE doesn't complain
  851. Ge0rG zinid: so I won't be able to talk to any of the ejabberd self-ACMEd servers if I forbid ECDSA?
  852. winfried has left
  853. zinid Ge0rG, yes, but that's a bug of ejabberd of course
  854. Ge0rG why are you even promoting that footgun?
  855. zinid I promote?
  856. zinid that was GSoC, and as any GSoC it sucks
  857. Ge0rG ECDSA is the most profoundly misdesigned crypto algorithm of the last decade or so
  858. zinid ah, you mean DSA?
  859. winfried has joined
  860. zinid sorry, I'm lost in terms
  861. zinid I thought you meant pure ECC cert (or how it's correctly called, i.e. not RSA)
  862. Ge0rG zinid: I'm speaking of the ECC based algorithms that are part of TLS
  863. zinid okay, then I don't know what you mean, I'm clueless
  864. moparisthebest Ge0rG, looks like you support all the ECDHE* algorithms and even prefer them though
  865. moparisthebest that's a different issue than ECDSA vs RSA certificates
  866. Ge0rG Okay, so I'm probably too stupid to follow my own advice.
  867. moparisthebest also TLS 1.3 called and said it ONLY supports ECDHE algorithms so, keep that in mind :)
  868. zinid ECDHE is something that only works with ECC certs, right?
  869. moparisthebest no
  870. zinid 😀
  871. moparisthebest entirely seperate, things
  872. zinid okay
  873. ThibG has left
  874. ThibG has joined
  875. moparisthebest for ECDSA vs RSA certificates, it's on my list of things to investigate, I *think* new nginx supports having both
  876. moparisthebest I'm *guessing* no XMPP server currently does
  877. Half-ShotX has left
  878. Half-ShotX has joined
  879. zinid wtf is ECDSA certificate?
  880. zinid which is based on ECC private key or what?
  881. Zash moparisthebest: You can probably configure Prosody with that now, if you have bleeding edge LuaSec
  882. winfried Zash: interesting challenge :-)
  883. moparisthebest I think I'll try nginx first :P
  884. zinid according to wikipedia it seems like ECDSA cert is indeed a ECC cert
  885. contrapunctus has left
  886. contrapunctus has joined
  887. zinid moparisthebest, haproxy supports the combo for sure
  888. zinid and we have some feature requests to support that in ejabberd
  889. moparisthebest but only useable with xep-0368 I'm guessing?
  890. zinid if you use front-end like haproxy? yes
  891. Zash moparisthebes, winfried: https://issues.prosody.im/809#comment-5
  892. moparisthebest awesome, maybe I will try that first then, thanks Zash
  893. alameyo has joined
  894. winfried Zash moparisthebest checking right now with my SSL-supplier if I can get a second certificate....
  895. Ge0rG winfried: unfortunately my testssl is going very slow.
  896. Ge0rG winfried: is the cert the same as on your https://?
  897. moparisthebest winfried, not using letsencrypt?
  898. winfried Ge0rG: same as https://tilanus.com/ not the same as https://www.tilanus.com/
  899. Half-ShotX has left
  900. Half-ShotX has joined
  901. Ge0rG winfried: one is a redirect to the other :>
  902. winfried Ge0rG: / yes
  903. Ge0rG winfried: anyway, I wanted to ping you regarding your promise in the Membership application. Can do that in public as well
  904. winfried Ge0rG: :-D
  905. Ge0rG winfried: it would be awesome if somebody could follow-up on https://github.com/xsf/xmpp.org/issues/490 and to contact the different teams behind the https://xmpp.org/uses/gaming items
  906. oli has joined
  907. winfried Ge0rG: do you know if anybody has contacts to one of those groups?
  908. Half-ShotX has left
  909. zinid Riot Games used to be our customer
  910. Half-ShotX has joined
  911. alacer has joined
  912. Ge0rG winfried: when I was collecting the links for the gaming section, I tried to find the most authoritative ones. If they don't list contacts, I don't have anything better unfortunately.
  913. Nekit has left
  914. Nekit has joined
  915. alacer has left
  916. alacer has joined
  917. zinid not sure how that promotes XMPP though, as the majority of them use highly customized XMPP servers
  918. zinid except maybe EVE online
  919. contrapunctus has left
  920. zinid for the record, EVE Online maintains their ejabberd branch at github
  921. zinid last time I checked they had very few changes from mainline
  922. Ge0rG zinid: is it wrong to run heavily patched servers?
  923. winfried Ge0rG: I would like to avoid making cold calls/doing research to find the right people, but I will be able to do so if needed...
  924. zinid Ge0rG, well, heavily patched means they patch the parts related to XMPP protocol, so basically they are not XMPP compliant
  925. kokonoe has left
  926. zinid like WhatsApp for example
  927. zinid it's hard to call them XMPP
  928. kokonoe has joined
  929. winfried zinid: I call WhatsApp XMPP inspired, not an XMPP deployment...
  930. zinid winfried, we can call almost all of them this way
  931. zinid they start from XMPP and then diverge drastically
  932. zinid dropping all the bloat of XMPP
  933. Ge0rG winfried: I can understand that, yeah. But I don't know what would be a better way. Write a post on xmpp.org saying "Dear large scale deployments, please contact us for cross promotion"?
  934. winfried Ge0rG: yes, would be a nice way, also good to point to if I am making a cold call...
  935. lnj has left
  936. Ge0rG winfried: this directly plugs into today's Board discussion, have a list of questions about the deployment.
  937. Ge0rG MattJ did a survey among xmpp developers recently.
  938. alacer has left
  939. zinid what survey?
  940. alameyo has left
  941. alameyo has joined
  942. winfried zinid: it is hard to draw a line when something is still XMPP or not, many private deployments extend or bend the protocol in some way. But some of them may still provide nice usecases for XMPP. But it would be good to stay critical about. (And some would be better of if they kept in closer contact with the XSF)
  943. winfried Ge0rG: I saw it, I answered it myself too ;-)
  944. lnj has joined
  945. tux has joined
  946. winfried Ge0rG: There may be different projects here: a survey, liason and whitepapers
  947. Ge0rG zinid: https://goo.gl/forms/L1AKnTLXjIAfP27W2
  948. Ge0rG Not sure where the results landed
  949. alameyo has left
  950. MattJ Ge0rG, Prosody community != XMPP developers...
  951. MattJ The results landed somewhere where Zash has been nagging me to process them (the survey isn't officially closed yet)
  952. winfried (will be AFK for a while) Ge0rG, zash, I will try a ECDSA and a RSA cert side by side later today
  953. Ge0rG winfried: I'm pretty sure it's not about the cert but about the allowed ciphers
  954. Ge0rG But then again, I'm not an expert
  955. moparisthebest that's correct but the ciphers you can use depend on your cert
  956. moparisthebest ECDHE-RSA-AES256-GCM-SHA384
  957. moparisthebest that can only be used with an RSA cert
  958. winfried I checked my configuration, it should allow RSA
  959. winfried (really gone now)
  960. moparisthebest ECDHE-ECDSA-AES256-GCM-SHA384
  961. moparisthebest that can only be used with an ECDSA cert
  962. Ge0rG But you can use ECDSA with an RSA cert?
  963. moparisthebest those are different things though
  964. moparisthebest gah I wish I knew the term, there is the certificate part, then the key exchange part, then the encription part
  965. moparisthebest also wish I could spell haha, encryption*
  966. Half-ShotX has left
  967. Ge0rG LMC to the rescue!
  968. zinid > And some would be better of if they kept in closer contact with the XSF I'm not sure they are interested, they don't think in terms of the protocol, just like when you deploy an HTTP server you don't go in contact with the corresponding standards body
  969. moparisthebest don't think dino does that yet, or I don't know the spell to invoke it
  970. MattJ zinid, I tend to agree. I think XMPP is useful for many of them to bootstrap, but they don't necessarily need federation or interoperability
  971. MattJ Even if both those things would generally be considered good by most people here, they do come at a cost, so I see why they get dropped easily
  972. MattJ We should still make contact with though, I think having communication with them can be good, even if we fail
  973. Half-ShotX has joined
  974. zinid MattJ, they also choose a solution, among others, so this is nothing to do with the protocol. I just know how they think, we talked to them a lot, for example, with Belkin (former Linksys). BTW, they run 2M IoT devices on their cluster (just in case, it's not mentioned by the XSF iot cases page)
  975. marc_ has left
  976. zinid and solution typically means "how much money"
  977. Half-ShotX has left
  978. lnj has left
  979. alacer has joined
  980. Ge0rG zinid: is Belkin documented anywhere in the public?
  981. lnj has joined
  982. zinid Ge0rG, yes, but I'm not sure they want to reveal their capacity
  983. zinid https://fluux.io/clients
  984. zinid they only allowed us to mention them as a client
  985. zinid *a customer
  986. alameyo has joined
  987. Ge0rG zinid: this is what I meant by "in the public"
  988. lovetox has joined
  989. zinid what exactly? The fact that they use XMPP? Or their capacity?
  990. zinid although, it's hard to call that XMPP, they just send encapsulated JSON and use XMPP as a streaming transport only. We try to convince them to MQTT instead.
  991. zinid *to use MQTT
  992. zinid as MQTT requires far less resources, we can shrink cluster capacity twice or so
  993. Half-ShotX has joined
  994. rtq3 has joined
  995. marc_ has joined
  996. rtq3 has left
  997. rtq3 has joined
  998. dele has joined
  999. Half-ShotX has left
  1000. Half-ShotX has joined
  1001. dele has left
  1002. Ge0rG zinid: the fact that they are using XMPP. That would be a good mention for the IoT page
  1003. zinid well, it's up to you of course, but my view is that XMPP is something about federation, and this is where "the community" fails miserably, I think there are less than a million of users using federated XMPP
  1004. 404.city has joined
  1005. alameyo has left
  1006. alameyo has joined
  1007. zinid in the sense that the XSF spends so much time to produce federated protocols (the compliance suite is an example), but the largest user base is located at walled gardens of quasi XMPP
  1008. Ge0rG zinid: I'm speaking of XMPP the protocol, not Jabber the IM network
  1009. zinid well, I clarified what I mean
  1010. alameyo has left
  1011. Half-ShotX has left
  1012. Half-ShotX has joined
  1013. Half-ShotX has left
  1014. alameyo has joined
  1015. rtq3 has left
  1016. Half-ShotX has joined
  1017. rtq3 has joined
  1018. rtq3 has left
  1019. rtq3 has joined
  1020. Half-ShotX has left
  1021. alacer has left
  1022. Half-ShotX has joined
  1023. Half-ShotX has left
  1024. Half-ShotX has joined
  1025. Half-ShotX has left
  1026. alameyo has left
  1027. alameyo has joined
  1028. alameyo has left
  1029. frainz has left
  1030. Dele Olajide has joined
  1031. ralphm has left
  1032. kokonoe has left
  1033. Half-ShotX has joined
  1034. Half-ShotX has left
  1035. kokonoe has joined
  1036. !xsf_Martin has joined
  1037. Dele Olajide has left
  1038. alameyo has joined
  1039. Half-ShotX has joined
  1040. Steve Kille has left
  1041. ralphm has joined
  1042. goffi has left
  1043. goffi has joined
  1044. Steve Kille has joined
  1045. Half-ShotX has left
  1046. jmpman has joined
  1047. lumi has joined
  1048. pep. Re CABF, can XSF members not infiltrate it? :p What do you need to get in? money?
  1049. Half-ShotX has joined
  1050. Zash Be a browser or a CA I guess?
  1051. Ge0rG pep.: excellent question. There was a discussion about xmpp srv-id already some years ago. But it seems to not have led anywhere
  1052. pep. Ge0rG, yeah I remember that thread
  1053. pep. Do we have a clear set of changes we want to bring to that document?
  1054. Half-ShotX has left
  1055. pep. Then we'd need to invest time in politics a bit
  1056. rion has left
  1057. alameyo has left
  1058. alameyo has joined
  1059. alameyo has left
  1060. Ge0rG pep.: we should at least demand that SRV id are not forbidden in SAN
  1061. !xsf_Martin has left
  1062. !xsf_Martin has joined
  1063. !xsf_Martin has left
  1064. !xsf_Martin has joined
  1065. Ge0rG I'm not sure what the state of art is in xmppAddr fields.
  1066. !xsf_Martin has left
  1067. !xsf_Martin has joined
  1068. !xsf_Martin has left
  1069. !xsf_Martin has joined
  1070. !xsf_Martin has left
  1071. !xsf_Martin has joined
  1072. Ge0rG It would be awesome if we could ask a public CA for a cert that only contains an srvId for an xmpp server. That would allow secure delegation of your xmpp to a service provider without letting them impersonate your webshits
  1073. Ge0rG Not that web security was in a good shape.
  1074. ralphm has left
  1075. ralphm has joined
  1076. pep. I'd also like to be able to be able to set another Key Usage
  1077. pep. (X509v3 Extended Key Usage)
  1078. Half-ShotX has joined
  1079. Ge0rG pep.: what exactly do you want to have there
  1080. pep. _not_ Web
  1081. pep. For a start
  1082. Ge0rG pep.: https://github.com/letsencrypt/boulder/issues/1309
  1083. pep. Yeah I know that issue
  1084. pep. And we need to do something about it now, because LE is not going to
  1085. pep. But it's not just about SRV id in SANs, it's also that Key Usage
  1086. pep. i.e., s/TlS Web Server Authentication/TLS Server Authentication/
  1087. pep. Or even s/Web/XMPP/
  1088. Half-ShotX has left
  1089. Half-ShotX has joined
  1090. contrapunctus has joined
  1091. Nekit has left
  1092. !xsf_Martin has left
  1093. ralphm has left
  1094. ralphm has joined
  1095. Half-ShotX has left
  1096. Half-ShotX has joined
  1097. winfried has left
  1098. alacer has joined
  1099. Half-ShotX has left
  1100. contrapunctus has left
  1101. contrapunctus has joined
  1102. vaulor has left
  1103. vaulor has joined
  1104. contrapunctus has left
  1105. contrapunctus has joined
  1106. contrapunctus has left
  1107. contrapunctus has joined
  1108. alameyo has joined
  1109. Half-ShotX has joined
  1110. alacer has left
  1111. Half-ShotX has left
  1112. !xsf_Martin has joined
  1113. ralphm has left
  1114. ralphm has joined
  1115. Half-ShotX has joined
  1116. rtq3 has left
  1117. rtq3 has joined
  1118. alameyo has left
  1119. alameyo has joined
  1120. moparisthebest Ge0rG, pep. , or we could push for DNSSEC + DANE ?
  1121. moparisthebest that way you control what key is valid for what server+port via DNS
  1122. alameyo has left
  1123. moparisthebest seems better and more doable than getting CAs to do anything
  1124. rtq3 has left
  1125. rtq3 has joined
  1126. winfried has joined
  1127. goffi has left
  1128. Half-ShotX has left
  1129. Half-ShotX has joined
  1130. Half-ShotX has left
  1131. alacer has joined
  1132. !xsf_Martin has left
  1133. !xsf_Martin has joined
  1134. !xsf_Martin has left
  1135. !xsf_Martin has joined
  1136. !xsf_Martin has left
  1137. !xsf_Martin has joined
  1138. !xsf_Martin has left
  1139. !xsf_Martin has joined
  1140. !xsf_Martin has left
  1141. !xsf_Martin has joined
  1142. !xsf_Martin has left
  1143. !xsf_Martin has joined
  1144. !xsf_Martin has left
  1145. !xsf_Martin has joined
  1146. !xsf_Martin has left
  1147. !xsf_Martin has joined
  1148. !xsf_Martin has left
  1149. !xsf_Martin has joined
  1150. !xsf_Martin has left
  1151. !xsf_Martin has joined
  1152. !xsf_Martin has left
  1153. !xsf_Martin has joined
  1154. !xsf_Martin has left
  1155. !xsf_Martin has joined
  1156. !xsf_Martin has left
  1157. !xsf_Martin has joined
  1158. !xsf_Martin has left
  1159. !xsf_Martin has joined
  1160. !xsf_Martin has left
  1161. !xsf_Martin has joined
  1162. !xsf_Martin has left
  1163. !xsf_Martin has joined
  1164. !xsf_Martin has left
  1165. !xsf_Martin has joined
  1166. contrapunctus has left
  1167. contrapunctus has joined
  1168. Half-ShotX has joined
  1169. contrapunctus has left
  1170. contrapunctus has joined
  1171. alacer has left
  1172. marc_ has left
  1173. marc_ has joined
  1174. oli has left
  1175. ralphm has left
  1176. ralphm has joined
  1177. contrapunctus has left
  1178. contrapunctus has joined
  1179. Wiktor moparisthebest, you can specify multiple certs in nginx since 1.11, it's desinged to be used in RSA+ECDSA scenarios, see: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate
  1180. Half-ShotX has left
  1181. Wiktor note that even though Let's Encrypt will issue ECDSA cert it will be signed by their RSA intermediate cert, they don't (yet) have full ECDSA chain: https://letsencrypt.org/upcoming-features/
  1182. frainz has joined
  1183. moparisthebest ah thanks, I thought I remembered them adding support for that I just haven't gotten around to it yet
  1184. Half-ShotX has joined
  1185. ThibG has left
  1186. ThibG has joined
  1187. Half-ShotX has left
  1188. Wiktor 👍️
  1189. rtq3 has left
  1190. rtq3 has joined
  1191. pep. moparisthebest, that's orthogonal. Even though I agree we could focus our efforts on one thing, but then I'm not sure which one to do. I remember daniel having criticism against dnssec, or the deployment (middle boxes) in germany or sth, but I don't remember the details
  1192. Ge0rG moparisthebest [19:57]: > Ge0rG, pep. , or we could push for DNSSEC + DANE ? I'm sure that 2019 will be the year of DNSSEC. Especially for the IM TLD
  1193. Half-ShotX has joined
  1194. pep. Yeah and that..
  1195. 404.city has left
  1196. moparisthebest all new domains since, idk, 2012 or something have DNSSEC support
  1197. pep. not .im no
  1198. moparisthebest I'd argue any domain having right now supports it, maybe it's time to abandon .im
  1199. pep. not im. no
  1200. moparisthebest that's not a new one
  1201. 404.city has joined
  1202. pep. Ah right my bad. Well in the meantime..
  1203. 404.city has left
  1204. moparisthebest oh, I missed a word haha
  1205. moparisthebest I'd argue any domain worth having right now supports it, maybe it's time to abandon .im
  1206. pep. I always verify the tld supports it before I buy anything fwiw
  1207. !xsf_Martin has left
  1208. !xsf_Martin has joined
  1209. !xsf_Martin has left
  1210. !xsf_Martin has joined
  1211. !xsf_Martin has left
  1212. !xsf_Martin has joined
  1213. !xsf_Martin has left
  1214. !xsf_Martin has joined
  1215. !xsf_Martin has left
  1216. !xsf_Martin has joined
  1217. !xsf_Martin has left
  1218. !xsf_Martin has joined
  1219. !xsf_Martin has left
  1220. !xsf_Martin has joined
  1221. !xsf_Martin has left
  1222. !xsf_Martin has joined
  1223. !xsf_Martin has left
  1224. !xsf_Martin has joined
  1225. !xsf_Martin has left
  1226. !xsf_Martin has joined
  1227. !xsf_Martin has left
  1228. !xsf_Martin has joined
  1229. !xsf_Martin has left
  1230. !xsf_Martin has joined
  1231. Half-ShotX has left
  1232. !xsf_Martin has left
  1233. !xsf_Martin has joined
  1234. !xsf_Martin has left
  1235. !xsf_Martin has joined
  1236. !xsf_Martin has left
  1237. !xsf_Martin has joined
  1238. !xsf_Martin has left
  1239. Ge0rG It'll be another decade until all DNS servers support it.
  1240. !xsf_Martin has joined
  1241. !xsf_Martin has left
  1242. !xsf_Martin has joined
  1243. moparisthebest I still can't find the link I wanted but the gtld's, all the new fancy ones, must have DNSSEC support
  1244. !xsf_Martin has left
  1245. !xsf_Martin has joined
  1246. !xsf_Martin has left
  1247. moparisthebest all DNS servers support it now? maybe you mean all TLDs ?
  1248. !xsf_Martin has joined
  1249. !xsf_Martin has left
  1250. !xsf_Martin has joined
  1251. !xsf_Martin has left
  1252. !xsf_Martin has joined
  1253. !xsf_Martin has left
  1254. !xsf_Martin has joined
  1255. alameyo has joined
  1256. !xsf_Martin has left
  1257. !xsf_Martin has joined
  1258. Ge0rG Just this week I had a problem with Telekom DNS server returning ServFail for a non existent SRV record on a DNSSEC signed domain... after a 3s delay!
  1259. !xsf_Martin has left
  1260. !xsf_Martin has joined
  1261. !xsf_Martin has left
  1262. !xsf_Martin has joined
  1263. !xsf_Martin has left
  1264. !xsf_Martin has joined
  1265. !xsf_Martin has left
  1266. !xsf_Martin has joined
  1267. Ge0rG moparisthebest: I'm speaking of resolvers out there in the wils
  1268. !xsf_Martin has left
  1269. !xsf_Martin has joined
  1270. Ge0rG moparisthebest: I'm speaking of resolvers out there in the wild
  1271. !xsf_Martin has left
  1272. !xsf_Martin has joined
  1273. !xsf_Martin has left
  1274. !xsf_Martin has joined
  1275. !xsf_Martin has left
  1276. !xsf_Martin has joined
  1277. Half-ShotX has joined
  1278. Ge0rG Some CPE routers still fail at SRV altogether
  1279. !xsf_Martin has left
  1280. !xsf_Martin has joined
  1281. moparisthebest those are already dead https://dnsflagday.net/
  1282. !xsf_Martin has left
  1283. !xsf_Martin has joined
  1284. !xsf_Martin has left
  1285. Link Mauve has left
  1286. Ge0rG On yax.im I've got 10-15% of non SRV clients
  1287. moparisthebest I give it about another year before 99.9% of the DNS requests are via HTTPS anyway
  1288. Half-ShotX has left
  1289. moparisthebest and all those support DNSSEC etc
  1290. !xsf_Martin Please tell me when he’s done flooding with part/join, so I can take back my normal nick.
  1291. Ge0rG yax.im: Serious problem detected! This domain will face issues after February 1st 2019!
  1292. oli has joined
  1293. Yagiza has left
  1294. pep. !xsf_Martin, how are we supposed to see now? :p
  1295. pep. xml_tab?
  1296. pep. Not even, that wouldn't get to me
  1297. oli has left
  1298. oli has joined
  1299. oli has left
  1300. oli has joined
  1301. oli has left
  1302. debacle has joined
  1303. oli has joined
  1304. !xsf_Martin has left
  1305. Link Mauve Seems fixed.
  1306. Half-ShotX has joined
  1307. contrapunctus has left
  1308. contrapunctus has joined
  1309. contrapunctus has left
  1310. contrapunctus has joined
  1311. kokonoe has left
  1312. kokonoe has joined
  1313. contrapunctus has left
  1314. contrapunctus has joined
  1315. Ge0rG You need to see presence changes to understand the context, right?
  1316. pep. indeed
  1317. Half-ShotX has left
  1318. Half-ShotX has joined
  1319. !xsf_Martin has joined
  1320. !xsf_Martin has left
  1321. !xsf_Martin has joined
  1322. !xsf_Martin has left
  1323. !xsf_Martin has joined
  1324. !xsf_Martin has left
  1325. !xsf_Martin has joined
  1326. !xsf_Martin has left
  1327. !xsf_Martin has joined
  1328. !xsf_Martin has left
  1329. !xsf_Martin has joined
  1330. !xsf_Martin has left
  1331. !xsf_Martin has joined
  1332. !xsf_Martin has left
  1333. !xsf_Martin has joined
  1334. !xsf_Martin has left
  1335. !xsf_Martin has joined
  1336. !xsf_Martin has left
  1337. !xsf_Martin has joined
  1338. !xsf_Martin has left
  1339. !xsf_Martin has joined
  1340. !xsf_Martin has left
  1341. !xsf_Martin has joined
  1342. !xsf_Martin has left
  1343. !xsf_Martin has joined
  1344. !xsf_Martin has left
  1345. !xsf_Martin has joined
  1346. !xsf_Martin has left
  1347. !xsf_Martin has joined
  1348. !xsf_Martin has left
  1349. !xsf_Martin has joined
  1350. !xsf_Martin has left
  1351. !xsf_Martin has joined
  1352. !xsf_Martin has left
  1353. !xsf_Martin has joined
  1354. !xsf_Martin has left
  1355. !xsf_Martin has joined
  1356. !xsf_Martin has left
  1357. !xsf_Martin has joined
  1358. !xsf_Martin has left
  1359. !xsf_Martin has joined
  1360. !xsf_Martin has left
  1361. !xsf_Martin has joined
  1362. !xsf_Martin has left
  1363. !xsf_Martin has joined
  1364. !xsf_Martin has left
  1365. !xsf_Martin has joined
  1366. !xsf_Martin has left
  1367. !xsf_Martin has joined
  1368. alameyo has left
  1369. alameyo has joined
  1370. alameyo has left
  1371. Half-ShotX has left
  1372. Half-ShotX has joined
  1373. Half-ShotX has left
  1374. coderx002 has joined
  1375. coderx002 has left
  1376. Half-ShotX has joined
  1377. jmpman has left
  1378. Half-ShotX has left
  1379. lumi has left
  1380. Nekit has joined
  1381. Half-ShotX has joined
  1382. valo has left
  1383. valo has joined
  1384. lumi has joined
  1385. alameyo has joined
  1386. igoose has left
  1387. igoose has joined
  1388. igoose has left
  1389. igoose has joined
  1390. lumi has left
  1391. lumi has joined
  1392. Half-ShotX has left
  1393. Half-ShotX has joined
  1394. Half-ShotX has left
  1395. contrapunctus has left
  1396. undefined has left
  1397. undefined has joined
  1398. contrapunctus has joined
  1399. contrapunctus has left
  1400. contrapunctus has joined
  1401. alameyo has left
  1402. alameyo has joined
  1403. contrapunctus has left
  1404. contrapunctus has joined
  1405. alameyo has left
  1406. contrapunctus has left
  1407. contrapunctus has joined
  1408. neshtaxmpp has left
  1409. neshtaxmpp has joined
  1410. ThibG has left
  1411. ThibG has joined
  1412. Half-ShotX has joined
  1413. contrapunctus has left
  1414. contrapunctus has joined
  1415. contrapunctus has left
  1416. contrapunctus has joined
  1417. contrapunctus has left
  1418. contrapunctus has joined
  1419. contrapunctus has left
  1420. contrapunctus has joined
  1421. contrapunctus has left
  1422. contrapunctus has joined
  1423. contrapunctus has left
  1424. contrapunctus has joined
  1425. contrapunctus has left
  1426. contrapunctus has joined
  1427. Half-ShotX has left
  1428. Half-ShotX has joined
  1429. oli has left
  1430. Half-ShotX has left
  1431. contrapunctus has left
  1432. contrapunctus has joined
  1433. contrapunctus has left
  1434. contrapunctus has joined
  1435. contrapunctus has left
  1436. contrapunctus has joined
  1437. contrapunctus has left
  1438. contrapunctus has joined
  1439. contrapunctus has left
  1440. contrapunctus has joined
  1441. contrapunctus has left
  1442. contrapunctus has joined
  1443. Half-ShotX has joined
  1444. marc_ has left
  1445. contrapunctus has left
  1446. contrapunctus has joined
  1447. Half-ShotX has left
  1448. vaulor has left
  1449. contrapunctus has left
  1450. Half-ShotX has joined
  1451. neshtaxmpp has left
  1452. Half-ShotX has left
  1453. contrapunctus has joined
  1454. neshtaxmpp has joined
  1455. Half-ShotX has joined
  1456. lorddavidiii has joined
  1457. Half-ShotX has left
  1458. alameyo has joined
  1459. contrapunctus has left
  1460. contrapunctus has joined
  1461. lorddavidiii has left
  1462. lumi has left
  1463. lumi has joined
  1464. Half-ShotX has joined
  1465. lorddavidiii has joined
  1466. contrapunctus has left
  1467. contrapunctus has joined
  1468. Half-ShotX has left
  1469. pep. Who do I need to ping again to appear in planet jabber? ralphm?
  1470. contrapunctus has left
  1471. winfried has left
  1472. contrapunctus has joined
  1473. contrapunctus has left
  1474. contrapunctus has joined
  1475. contrapunctus has left
  1476. contrapunctus has joined
  1477. winfried has joined
  1478. Half-ShotX has joined
  1479. contrapunctus has left
  1480. contrapunctus has joined
  1481. Half-ShotX has left
  1482. winfried moparisthebest Ge0rG: to resolve the discussion: at Prosody, with an ECDHE certificate it accepts only incoming ECDHE connections, with an RSA certificate only RSA connections
  1483. contrapunctus has left
  1484. contrapunctus has joined
  1485. Ge0rG That's... unfortunate.
  1486. andrey.g has left
  1487. alameyo has left
  1488. alameyo has joined
  1489. andrey.g has joined
  1490. alameyo has left
  1491. dwd pep., ralphm, indeed. Maybe intosi can help, I don't know.
  1492. Half-ShotX has joined
  1493. !xsf_Martin has left
  1494. dwd moparisthebest, I do hope we don't end up with DoH everywhere. The ramifications of that scare me badly.
  1495. kokonoe has left
  1496. yvo has left
  1497. debacle has left
  1498. moparisthebest winfried, I mean that's not prosody specific, that's universal TLS (assuming you meant ECDSA instead of ECDHE)
  1499. kokonoe has joined
  1500. moparisthebest dwd, too late, I think it's the default on latest android?
  1501. moparisthebest also enable-able in firefox
  1502. dwd moparisthebest, All the DNS data going through Google, is it?
  1503. dwd moparisthebest, And no doubt it's for our own good, of course.
  1504. moparisthebest I would guess by default yes :'(
  1505. Ge0rG Google and Clownflare
  1506. winfried moparisthebest: I also assume it is universal, but I just tested it on prosody
  1507. Ge0rG Using Google DNS is already a reality on my Samsung phone
  1508. moparisthebest winfried, but did you try both?
  1509. dwd winfried, OpenSSL, at least, can accept multiple cert/key pairs, and if given both it'll use whichever fits the ciphers requested.
  1510. winfried moparisthebest: yes, I tried both
  1511. moparisthebest I run my own though, which randomly picks from a list of upstream DNS servers, and proxies over tor, so I like dns-over-tls (and dns-over-https) sorry for shameless plug https://github.com/moparisthebest/jDnsProxy
  1512. winfried winfried: 100% guarantee, the key I select, the cipher I get :-D
  1513. winfried dwd: I know, but I am trying to get prosody talking both, no success so far.
  1514. winfried diving into the debugging logs right now
  1515. winfried has left
  1516. Half-ShotX has left
  1517. Half-ShotX has joined
  1518. alameyo has joined
  1519. lnj has left
  1520. winfried has joined
  1521. Half-ShotX has left
  1522. Half-ShotX has joined
  1523. winfried has left
  1524. Half-ShotX has left
  1525. valo has left
  1526. valo has joined
  1527. valo has left
  1528. wurstsalat has joined
  1529. winfried has joined
  1530. lovetox has left
  1531. lorddavidiii has left
  1532. winfried Zash: I tried https://issues.prosody.im/809#comment-5 no luck, it picks only the ec certificate like that. I tried to verify I really got the right version of luasec (installed the dev version locally, ahead in the path of the regular/package manager one) but I am not 100% sure it picked the right one.
  1533. valo has joined
  1534. Half-ShotX has joined
  1535. rtq3 has left
  1536. rtq3 has joined
  1537. Half-ShotX has left
  1538. Half-ShotX has joined
  1539. rtq3 has left
  1540. rtq3 has joined
  1541. Half-ShotX has left
  1542. Half-ShotX has joined
  1543. Half-ShotX has left
  1544. j.r has left
  1545. j.r has joined
  1546. efrit has joined
  1547. Half-ShotX has joined
  1548. Half-ShotX has left
  1549. Nekit has left
  1550. efrit has left
  1551. efrit has joined
  1552. Half-ShotX has joined
  1553. Dele Olajide has joined
  1554. Dele Olajide has left
  1555. jmpman has joined
  1556. Half-ShotX has left
  1557. Half-ShotX has joined
  1558. j.r has left
  1559. j.r has joined
  1560. rtq3 has left
  1561. rtq3 has joined
  1562. karoshi has left