XSF Discussion - 2019-11-12

Can somebody from board add an item in the trello board (doesn't seem like I'm able to?) "Who is webteam. How to get in"

what's webteam?

I heard rumours of a team handling xsf/xmpp.org. That's what I'm told when I want to push things there, unless jonas or guus merge my stuff because they have rights for $reasons

Not the same as commteam?

So many teams

Apparently not, otherwise nyco would have rights to push and he didn't, for the last newsletter

I’m also in no team except editor and for some reason I got +w on the repo

it might’ve been an instance of "at the right place at the right time"

I don't think there's a strict rule about this, right now. Don't you have access as well, pep.?

pep. https://trello.com/c/PqY2mHjl/372-who-is-webteam-how-to-get-in

nyco, thanks

Seve, I don't. I don't especially want them, I just want to clarify the situation, know who I can ask etc.

There are several GitHub teams associated with the xmpp.org repo, including one called 'Web' and one called 'XMPP Comms Team'. nyco is in the latter and should have write access with that.

If not, you can take this up with iteam (e.g. Kev), and I don't think has to be discussed in a Board meeting.

pep.: ^

But not e.g. Kev, please. e.g. MattJ :)

wfm

"how to get in" doesn't have to be discussed in a board meeting?

I think some clarification is possibly needed, that doesn't necessarily mean a board meeting is needed

not really, everyone in comms should have access

So comms is the "web" team?

and if not, MattJ can set you up.

(that is, the one with access to xsf/xmpp.org?)

There are additional people in the "web" team, which are not necessarily in the comms team.

Why?

And who. I can't see it from here

Because e.g. Guus might want to write on the website as a Board member.

Fair enough, but this is not explained anywhere

That's what I'm asking for

https://github.com/orgs/xsf/teams should have an overview, but I don't know who can see that.

I only see board and editors

The teams are marked as "secret" for some reason

Out for lunch now, sorry

There may be a good reason for that, Github's auth/permissions can be frustrating, but I don't know

There really hasn't been any process to add people to the GitHub webteam, other than be invited by existing members. To the best of my knowledge, there is no intentional overlap with XSF workteams and the GitHub webteam.

MattJ, If possible, I'd ask for this to be changed to public

I can't say I didn't see that coming :)

I'm trying to remember if I know what the reason is.

If anything, the github webteam can probably be clean up.

I can imagine one possible explanation being that people don't necessarily want team associations showing up on their Github profiles

This makes the whole thing very opaque though

Maybe clean up, ask the remaining team for concerns, and make (not) public based on their feedback?

Nobody knows who can push

Or why they got commit rights in the first place

pep.: I think a clear list of who is (apart from iteam) allowed to push content to the website would be sensible.

sure

I don't think that making the github teams public is necessarily the way to do that.

It's the best way to keep both lists in sync

But ok

I also think that it doesn't matter, to some extent, as long as PRs are getting reviewed often enough. When contributing to most projects one doesn't try to find out who has commit access, they just send in PRs.

Having commteam members gain privileges to do reviewing of the public website does make sense to me.

We have work teams though, I didn't get editor rights until I got in there, and I wouldn't have expected to get them if I hadn't been accepted in the team

Guus: They have, no?

the way how XEPs are managed is a lot more structured than how our public website is.

As far as I can see, commteam has write access to both xmpp.org and xsf-tools.

I'm happy wherever the responsability of commiting to xsf/xmpp.org falls to, I just want it to be explicit (and it isn't atm)

Kev oh - that very well could be the case. I didn't check.

As far as I can see, iteam (although not expecting to use it for content) and commteam having write access to the website is sensible.

upon inspection: I don't think that commteam has access

I can't see everything

I think giving access beyond that should be a question for Board, because I don't think we should be giving out the ability to speak on behalf of the XSF (which is what the website is) arbitrarily.

Strange, I see the same as Kev and ralphm - commteam has write access to the repo

but I don't htink that nyco has access, for example, nor has seve.

Oh, then I'm missing stuff

Permission level: Write Can read, clone, and push to this repository. Can also manage issues and pull requests.

which is entirely possible

Guus is not a member of the commteam, incidentally.

That's JC, Nyco, Seve and Winifried.

nope i'm not. ✏

Don't let me confuse people - you guys are in a better position to see what's what than me.

My proposal would be to drop the 'web' team, and stick to actual well-defined teams

MattJ, +1

and add any other teams that it makes sense to have access

such as iteam, maybe board

MattJ: I think I'd propose to have an explicit web team, same as our other teams.

I don't care much either way.

Congrats, write the charter, etc. :)

I actually don't care either way

I'll follow Kev's good example and go do works stuff now.

(either)

But I CBA to do anything about it, and it mostly depends whether people on webteam and not on comms would want to do things.

I don't see why we would trust someone to manage our website and not trust them to do other public-facing stuff on behalf of the XSF

i.e. why anyone who works on the website shouldn't be part of commteam

or another team with reasonable grounds for access

Sounds reasonable.

Yup

FWIW, the reason that the "Web" team exists is an historical artifact, from when there was no comms team and the website was overhauled.

I agree it would be useful to just map the XSFs formal Work Teams, Council, and Board, as GitHub Teams as the basis for access.

I also don't see why they'd need to be secret, as team membership is already made public on our website.

Problem? https://xmpp.org/

Neustradamus: works for me, but while you are here, please give me admin access to the LinkedIn org for the XSF.

https://xmpp.org/ works for me

Vauge question?

Neustradamus: I think I've asked often enough by now.

I have a blank page for https://xmpp.org/

> I have a blank page for https://xmpp.org/ I suspect that this is a problem local to you. It works fine for others, including me. I've even tried an incognito tab.

Cache problem, sorry

Neustradamus: did you see my message?

It is possible to update the logo? - https://twitter.com/xmpp - https://wiki.xmpp.org/images/xmpp.png - https://xmpp.org/theme/images/xmpp-logo.svg and other too (regenerate from the last .SVG) - Memberbot - Other places

Neustradamus: Is it possible to respond to my request for LinkedIn Org admin? ✏

Neustradamus I can't fix 'other places' if I don't know where those are. 🙂

Hmm, I don't think I'm an admin of the XMPP team on Twitter (which I think means that I can't change the avatar there)

Please keep talking here, Neustradamus, and not in private. I know where the last updated version of the logo is.

But without access, I can't change it on the systems that it needs to be changed on.

Guus: I don't think that Tweetdeck allows profile changes like that, you'd have to log into Twitter with the account credentials directly.

ralphm which is another reason why I can't do that. I don't have the account credentials.

Guus: Kev does. Twitter is not designed for multiple people managing a single account, oddly enough.

Guus: - https://github.com/xsf and repositories

Neustradamus: a response to my message, please?

I'm not paying attention here, but if you need something please mail ralphm / Guus and I'll try to sort.

Kev: ok, thanks!

The logo on https://github.com/xsf seems OK to me?

I don't think that individual repositories can have logos.

(I've emailed Kev with the Twitter request)

You can add a logo that'll show up when a repo is mentioned by URL on social media (like Twitter, Slack), but we don't have that right now, and I don't think that's important either.

Guus, is this the current one? I looked for one recently for gajim's website https://commons.wikimedia.org/wiki/File:XMPP_logo.svg

That seems to be correct, yes. I'm always using the one that's on the top-left corner of https://xmpp.org

https://xmpp.org/theme/images/xmpp-logo.svg

which is easy to remember: https://xmpp.org/theme/images/xmpp-logo.svg

Guus: there was a little change after the previous, it was not the exactly same at right and left: https://commons.wikimedia.org/wiki/File:XMPP_logo.svg

Oh, Converse doesn't like me injecting links

Guus: looks fine here

github logo replaced

Can someone do it on LinkedIn?

From XMPP.org: https://i.ibb.co/vcqmc8b/xmpp-logo-xsf-test.png From Commons: https://i.ibb.co/Zgsjk3T/XMPP-logo-xsf-test.png

Guus: Do you the difference? :)

Please provide a PR to fix the logo on xmpp.org.

ralphm: you have to adopt the Neustradamus technique to get him to reply to you

Neustradamus: Guus makes a good point. If you'd stop ignoring me, I'd also be able to help him.

ralphm: fwiw once your rights are sorted out, I'd prefer this to get to whatever team it is appropriate rather than individuals

pep.: naturally

For every service that supports this.

(unlike Twitter, ugh)

Neustradamus: please respond to ralphm's request.

pep.: > ralphm: you have to adopt the Neustradamus technique to get him to reply to you What's that? You have to do a special dance?

while (true) { askSameQuestion(); sleep(random()%3600); /* this is where a sentinel would be implemented */ }

Neustradamus do you have a PNG version of the correct logo?

you can generate one given the SVG, with inkscape on the command line at least

Yeah, which is going to get me in trouble because I missed pixel. I'd rather have it from him, to avoid any confusion.

Wikipedia also lists https://www.livejournal.com/support/faq/270.html as an XMPP deployment

Link Mauve, would there be a case in which eme can be used with messages using multiple encryption formats?

Hmm, hopefully not, but I could see a made up case where you’d have full stanza encryption around (flagged with EME) and inside another kind of encryption, also flagged with EME.

But those are two different “message” containers.

Do you have another possible usecase?

Link Mauve, I was just thinking that someone could really just encrypt one message using both openpgp and omemo for example

Hmm, no, because they both can only encrypt the body.

That would mean multiple eme elements would be needed I think? The schema doesn't limit instances either

OTR-encrypted in OMEMO or OpenPGP might be a thing though, although I expect no one sane would ever do that.

Can we limit instances of a payload in a message, in the schema?

Link Mauve: yes we can. But should we?

What's wrong with having a body encrypted both ways? Besides of having the possibility to sneak in two different messages, and that the resulting security is the worst of both.

Link Mauve, I meant that one message stanza can contain both one omemo element and one openpgp element for example, to encrypt/sign whatever the same message content for something supporting one or the other

The OpenPGP encrypted payload body would read: "I sent you an OMEMO encrypted message but your client doesn’t seem to support that. Find more information on https://conversations.im/omemo"

Ge0rG, let’s rot13 encrypt twice with two EME tags for additional security!

Ge0rG, that's not what I meant either.

Maranda, sounds like an amazing can of worms.

Link Mauve: according to XEP-0419?

Ge0rG, yes.

Ge0rG, I meant encrypted using xep-0374 not the legacy format

Maranda: did you mean something different than what I wrote in my last non-sarcastic message?

which has its own element and doesn't use <body />

iiuc

so one message in that case could be encrypted using... both?

Maranda: you could put an <openpgp> element alongside an OMEMO <encrypted> element, and those might even contain ciphertexts of the same plaintext body

Ge0rG, whatever.. I'm just trying to understand if that's a possibility I should take in account or not for MAM if that wasn't clear and if 2 eme elements can be appended to a stanza to advertise both encryptions

Unless I hear a very convincing use-case for using multiple encryption mechanisms within the same stanza, I would probably recommend to not consider it. How many e-mail clients are capable of creating mails with OpenPGP and S/MIME parts?

Maranda: 0380 does not forbid multiple <encryption> elements

Maranda: other than that, you should retain all message elements in MAM

_maybe_ with the exception of well-known noise elements, like chat states

Ge0rG, for now it's very convenient to do otherwise... regarding retaining all elements.

but I'm reviewing that code right now so.

Maranda: I know that path. It leads into major pain later on.

sorted