-
Guus
is using an empty <before> element in a RSM request a spec'ed way to request for the 'last' page of a result set?
-
lovetox
yes
-
lovetox
its described in the RSM XEP
-
Guus
https://xmpp.org/extensions/xep-0059.html ?
-
Guus
can't find it there
-
MattJ
https://xmpp.org/extensions/xep-0059.html#last
-
Guus
do'h!
-
Guus
d'oh?
-
Guus
bah!
-
Guus
thanks.
-
MattJ
It's ok, it's still early in the morning :)
- Guus off to find more coffee
- Ge0rG got some coffee already, and travelled 150km
-
jonas’
I don’t envy you
-
MattJ
Is that a long way?
-
jonas’
it’s more than the 7 km or so I commute to work
-
MattJ
93 Great British Miles, so yeah quite far
-
Guus
https://igniterealtime.org:443/httpfileupload/747e77fb-3cd9-4f54-ba4e-c6309947f2af/image.png
-
jonas’
lol
-
Ge0rG
my usual commute to work is measured in meters, not in kilometers
-
jonas’
7 km is a bit above the average for my commute to work in the last year. I had home office a few times.
-
Ge0rG
hm. when I divide the kilometers driven last year by working days, I have a daily average of ~43km. That's rather high, and it doesn't even count in the railway kilometers.
-
jonas’
Pendlerpauschale!
-
Guus
I used to commute 1000km a week. I've learned that the time lost in commute, not so much distance, annoyed me more.
-
Guus
it's so... pointless.
-
Guus
For the past few years, I'm working remote - saves me 2 to 3 hours a day that I can spend on things that are more enjoying than sitting somewhere, waiting to arrive somewhere else.
-
jonas’
I’m using commute time for reading up on stuff nowadays
-
Guus
(I did have ~one year of commute by bicycle, which was good for clearing my head / getting in shape (less out-of-shape) - that was good too).
-
jonas’
I imagine
-
jonas’
cycling is kind of a suicide mission here tho
-
jonas’
waaay too many high-traffic roads without dedicated cyclist lanes
-
Guus
Yeah, I was driving myself. Reading while operating a vehicle is frowned upon, generally. Never got into audiobooks - although I was very up-to-speed with current affairs through radio shows.
-
Guus
Yeah, I've learned that. Once drove over what i thought was a dedicated cyclist lane in Germany, which turned out to be the emergency shoulder of a highway.
-
jonas’
driving yourself sounds like an ecological nightmare in addition to the waste of time
-
jonas’
holy smokes
-
Guus
there was a colonne of military vehicles passing us. Every. Single. One. Used. Its. Horn. On. Us.
-
jonas’
yeah, cyclists on the highway is also something which gets mentioned in radio traffic reports
-
jonas’
but now I get *why* you’d even do that -- thinking that the emergency stuff was for cyclists
-
Guus
Yeah, that's not done here too. But we got confused by first having been on what actually was a dedicated bike path on a very similar road.
-
Guus
In the Netherlands, things are very clear to me, in that respect.
-
Guus
Also, this was 20 years ago 🙂
-
Guus
oh, being self-employed and being able to deduct travel from taxes should give me a nice way to see how much I travelled (for work) last year.
-
Guus
just under 120 hours.
-
jonas’
so that’s probably less than I commuted last year
-
jonas’
which is by approximation in the order of 140-180h
-
Guus
I travelled just over 10,000km last year
-
jonas’
in those 120h?
-
Ge0rG
I try not to travel more than I have podcasts in my subscription
-
Guus
I have two customers that are both relatively far away (~140km one-way). I'm visiting one of them once a month, and the other once a week, when I have an active project with them.
-
jonas’
I’m in the order of 3200km, so your travel is *much* faster than mine :D
-
Guus
yeah those km and hours correlate to each-other.
-
Guus
most of it is highway.
-
jonas’
(which isn’t surprising, because I’m commuting from one end of the city to the other)
-
jonas’
(via public transport, which is okay, but mostly blocked by rush hour individual traffic)
-
Guus
10430/120 = 87km/h
-
Guus
makes sense.
-
Ge0rG
I hope I'll be driving a BEV two weeks from now, so that I can still commute by individual transport but not have such a bad consciencs✎ -
Ge0rG
I hope I'll be driving a BEV two weeks from now, so that I can still commute by individual transport but not have such a bad conscience ✏
-
Guus
BEV?
-
Ge0rG
Guus: battery-electric vehicle (of course only charged by regenerative energy sources)
-
Guus
ah right.
-
Guus
I'm on regular petrol - next car probably will be an electric one as well.
-
Guus
still - 10,000k is a dramatic improvement over a few years ago for me 🙂✎ -
Guus
still - 10,000km is a dramatic improvement over a few years ago for me 🙂 ✏
- jonas’ silently points at burning australia.
-
Guus
Not arguing that more should be done.
-
Ge0rG
I'm pretty sure that what's happening now all over the world is the beginning of the Apocalypse.
-
jonas’
yeah -- I’ve been in a fun discussion the other day and it’s echoing back
-
jonas’
"Jesus will save us" was the tip of the iceberg
-
jonas’
but we’re getting lots of off-topic now :)
-
Ge0rG
jonas’: Jesus will save us from that, too
-
jonas’
from the off-topic?
-
Ge0rG
sure
-
jonas’
I thought our lord and saviour for off-topic was xmpp:xmpp@chat.yax.im?join ?
-
Guus
I'm very interested in what will happen in the Netherlands in the next few months. Somewhere in March I think, the speed limit is dropped from 130km/h to 100, in order to reduce emissions.
-
Guus
I wonder what that does for not just the emissions, but also traffic jams, injuries, etc.
-
jonas’
yeah
-
jonas’
also, kudos to the netherlands
-
jonas’
even thinking out loud about introducing a 130 km/h speed limit gets you on the kill-list as a politician on Germany :)
-
Ge0rG
jonas’: you shouldn't be making fun of it. Politician kill-lists are a real thing in Germany
-
Guus
It's a grudgedly applied limit, because we suddenly found out we had to stop all kinds of developments due to to high emission levels.
-
jonas’
Ge0rG, I know.
-
jonas’
Guus, ah, germany simply doesn’t care.
-
Guus
I think the average commute in the Netherlands is 20km or something
-
Seve
wow 100km/h, so slow Guus
-
jonas’
"we’ll deal with the trials when they happen" or something
-
Guus
Germany obviously is bigger.
-
Ge0rG
I would love to see a speed limit on Die Autobahn, even just because my BEV will be capped to 167km/h
-
Guus
100km/h is slow, yes. No-one really likes it, and I wonder if it will hold up at all. But it's the least worst thing that they could do, at this point.✎ -
Guus
also, the limit does not apply at night, I think.
-
Kev
Well, that bit makes sense at least. Stop people being used to driving at speed, and then tell them the only time they're allowed to do it is overnight when they're driving tired.
-
Ge0rG
Kev: it's only to support natural selection.
-
Zash
120km/h is the highest speed limit in Sweden.
-
Guus
100km/h is slow, yes. No-one really likes it, and I wonder if it will hold up at all. But it's the least unpopular thing that they could do, at this point. ✏
-
debacle
I wonder, if XEP-0157: Contact Addresses for XMPP Services should standardize the address of the data protection officer. Because of GDPR and IMHO none of the standardized roles seems to fit. E.g. <field var='data-protection-addresses' type='list-multi' label='One or more addresses for data protection and privacy'/> I didn't check the related RFCs for such things, though. And maybe we can standardize the address of motorway traffic police officer, too.
-
Ge0rG
motorwhat?
-
debacle
Autobahn!
-
jonas’
they had a group called autobahn
-
jonas’
technopop
-
!XSF_Martin
With the Album Nagelbrett or so.
-
!XSF_Martin
The dude abides!
-
Guus
Kraftwerk!
-
jonas’
Kampfhund!
-
!XSF_Martin
https://proxy.mdosch.de/?mortyurl=https%3A%2F%2Fs2.qwant.com%2Fthumbr%2F200x200%2Fe%2Ff%2F1efb1083c05fbb5ac43e5005853f9ca02e1ede3e01aa08a979338d406b320d%2Fbig-lebowski-autobahn-nagelbett2-1856.jpg%3Fu%3Dhttp%253A%252F%252F3.bp.blogspot.com%252F-p9_oyJzTjAw%252FUuk01RDzdeI%252FAAAAAAAAWaE%252Fq5S3o5oev9I%252Fs1600%252Fbig-lebowski-autobahn-nagelbett2-1856.jpg%26q%3D0%26b%3D1%26p%3D0%26a%3D0%26b_id%3DOIP.ouLprTXlo81s_QO-m1hF0wHaHa&mortyhash=77c57ead43440344f9b841078413628118bd2e6f6b37ab7256e9a841d2dd93a0
-
jonas’
> proxy.mdosch.de?
-
!XSF_Martin
For my searx
-
jonas’
it’s been too long since I watched the Big Lebowski
-
!XSF_Martin
So I can preview results in image searx without leaking my ip and search term to a lot of websites. 😃
-
jonas’
so now we all leak our IPs to you?
-
!XSF_Martin
😈
-
Zash
Standardized server-provided previews?
-
!XSF_Martin
I already know your ip, see: https://ip.mdosch.de
-
!XSF_Martin
> Standardized server-provided previews? What? Searx is using the Morty proxy on the image search result page.
-
Ge0rG
this has completely derailed
-
!XSF_Martin
Uh, this is xsf. Felt like Schrödinger's. 😂
-
nyco
Late
-
pep.
!
- ralphm bangs gavel
-
ralphm
0. Welcome + Agenda
- ralphm waves
- Seve says hi
-
ralphm
Welcome all. Who do we have? Do you have an agenda item?
-
nyco
https://mensuel.framapad.org/p/9elq-XSFBoardWeeklyMeeting-2020-01-23-zzbs
-
Guus
o/
-
pep.
No agenda item right now. There are things I need to send.. soon(tm)
-
ralphm
DO we have a MattJ?
-
ralphm
1. Minute taker
-
MattJ
Hey
-
ralphm
Thanks nyco!
-
ralphm
2. XSF Objectives
-
ralphm
The PR that's still listed on our Trello has since been retracted, in favor of an offer to make XEP-0001 a bit clearer.
-
ralphm
I believe one of the issues was that XEP-0001 doesn't clearly (enough) document or reference what we believe to be an open standard.
-
ralphm
Working from what is written in our IPR Policy, I believe we should be able to resolve that unclarity.
-
Guus
I don't think it'd hurt much to clarify things, if we can do that without adding so much prose that that in itself opens things up for interpretation.
-
Guus
iirc, Kev volunteered to make a suggestion for an improvement, after a time of reflection.
-
ralphm
RIght.
-
Kev
Right.
-
ralphm
So I think we can close this item for the time being.
-
pep.
For this kind of soul-seeking process I'd like to involve members. If we get to something board thinks is ok, then propose it for a vote or sth
-
Guus
I don't think that's needed.
-
pep.
searching*?
-
Kev
I'm not looking to suggest a change to process, just a clarification to XEP1 of what our process already is.
-
pep.
Guus, why not?
-
Guus
as I assume Kev is going to write up a more specific definition of what Ralph, Dave, me and others understand to be the definition as how we interpret it today.
-
Kev
(We might, subsequently, decide we want to change our process, but one step at a time)
-
ralphm
pep., IMO, I don't think we need to be soul-seeking. The XSF has been pretty consistent in their interpretation of what constitutes an open standard, in our IPR, FAQ and Mission statement. Documenting that clearly in XEP-0001, however, is useful.
-
Kev
And I have to vanish now. Will read the minutes.
-
pep.
Even just "clarifying" something possibly changes what people were picturing
-
Guus
I think Kev's approach is sensible: clearly document what we have, and decide if we want to change that only afterwards.
-
pep.
Different minds, different ways to interpret things
-
pep.
etc. etc.
-
MattJ
As Kev/etc. said, I'm with documenting the current state of things
-
ralphm
Indeed
-
MattJ
Changes are a separate discussion
-
pep.
I'm not saying I'm against documenting things, note
-
pep.
Just that I don't think it's possible to solely "document" this kind of things. Anyway I'll wait to see what comes out
-
Guus
Let's see what Kev comes up with. We'll have to vote on it to merge that change anyway.
-
Guus
Let's not over-engineer this to much.
-
ralphm
Thanks
-
Seve
Super :)
-
ralphm
2. XMPP Summit / FOSDEM
-
ralphm
Things are well on their way, with various people involved in getting this organized again.
-
Guus
(scam hat on) did everyone receive the dinner invitation?
-
ralphm
I did.
-
MattJ
Yep
-
Guus
it should have gone out to members and summit mailinglists.
-
Guus
cool
-
ralphm
For those reading these logs and/or minutes: please register for the XSF Dinner.
-
Guus
Unsure if we need to discuss more around these events in this meeting?
-
Guus
(happy to, unsure what)
-
ralphm
nothing in particular
-
ralphm
Other than to mention that we will not have a Board meeting next week.
-
Guus
right.
-
ralphm
3. GSoC
-
ralphm
I was curious if there are any updates.
-
Guus
For those reading these logs and/or minutes: please have your name added to the wiki page if you attend the summit. I'll use that for the guest list at Cisco's.
-
ralphm
Thanks Guus
-
Guus
flow registered us as an organisation
-
Guus
iirc, him and larma are signed up as an org admin. He asked me to sign up as one too, in the understanding that I'd be a backup only.
-
Guus
I did that.
-
larma
we still have to fill profile details before the application is considered complete
-
larma
deadline for that is Feb 5
-
ralphm
larma: also Project Ideas, right?
-
Guus
At that time, we should have project ideas ready, right?
-
Guus
In any case: projects that want to join should start preparing.
-
larma
We only need to have the page with profile ideas, which already exists. I know some orgs were accepted in the past without a proper ideas page, but it's better to have it filled by then
-
Guus
it doesn't hurt to have a list of teaser tasks, etc.
-
ralphm
larma: agreed. Hereby another reminder for our community to add more ideas on https://wiki.xmpp.org/web/GSoC/2020/Project_Ideas
-
Guus
that will all reflect better on our application.
-
Guus
larma / flow maybe it'd be good if you guys explicitly poke projects for those?
-
Guus
the better the quality of our proposal, the higher the chances that we get accepted.
-
larma
Guus, sure, openfire and smack already have their list linked
-
ralphm
4. AOB I would be happy for today's meeting to be short, and hope to see many of you next week.
-
MattJ
None here
-
pep.
none
-
Seve
None :)
-
Guus
None here
-
ralphm
5. Date of Next
-
ralphm
+2W
-
ralphm
6. Close
-
ralphm
Thanks all!
- ralphm bangs gavel
-
pep.
Thanks.
-
edhelas
yup
-
Guus
oh, forgot something
-
MattJ
Too late!
-
pep.
Guus, please send on the list if possible :)
-
pep.
If it's not urgent
-
Guus
needs to be done before summit
-
Guus
I'll take it to the list.
-
ralphm
what?
-
Guus
Dave doing MC at summit (with keV)
-
Guus
Dwd asked for board to explicitly discuss him acting in that role
-
pep.
As I said in scam@ I'm +1. And we can also take that to the list and have board vote there until next week. If people are already gone?
-
Guus
Context is the discussion about the definition of "open standard" and "omemo" that happened, and how he took a position. Dave wondered if that made it undesirable for him to act as an MC.
-
Guus
He explicitly asked me to put that before board.
-
Guus
dwd - feel free to chime in.
-
Guus
Dave and me discussed this before Kev changed his availability status at the summit from 'online' to 'in-the-room'. Kev, as previous years, offered to lead the troops at the summit. As I understand things, Dave and Kev discussed doing it together, this year.
-
Guus
All of this is already a lot more formal than I wanted to be "pick someone that takes point" to be.
-
Guus
I think it suffices for board to answer Dave's question if they have objections on Dave acting as a master of ceremony at the upcoming Summit. I'd like to leave it at that.
-
MattJ
I think many people "took a position" in the discussions, I don't have any objections
-
Guus
I for one don't see any issue. If taking a position in an argument disqualifies you from doing anything like this, we have bigger issues.
-
pep.
#freespeach #censorship
-
pep.
speech.
-
pep.
Always miss this one
-
Guus
Seve ralphm ?
-
moparisthebest
I feel the need to pipe in here, no hard feelings on my end at all, people have different opinions and that's perfectly fine
-
Guus
Thanks moparisthebest
-
Guus
dwd please let me know if this satisfies your request. If not, we can take it to a mailinglist.
-
Guus
sorry for not bringing this up during the meeting - that would've been better.
-
moparisthebest
judging by the text I've read from dwd , him MC'ing sounds hilarious :) on that topic is there going to be a live stream ?
-
jonas’
what’s MC?
-
jonas’
I suppose it’s not about MC as in https://www.youtube.com/watch?v=ymNFyxvIdaM
-
moparisthebest
I still regularly link people to https://wiki.xmpp.org/web/The_Knight :)
-
moparisthebest
jonas’, https://en.wikipedia.org/wiki/Master_of_ceremonies
-
jonas’
!
-
Seve
I'm sorry, it sounds as I'm not aware of this (Dave being MC for this summit). Is it in a mailinglist? Or it has been in this room?
-
Guus
Seve it was not discussed outside of Scam, I think
-
Seve
Last thing I know was Kev was not able to make it to the Summit this year, but now I see it looks like he can? :D
-
Seve
Ah I see
-
Guus
This hardly is an official position
-
Guus
we might as well push someone forward during the first hour of the summit - but it helps to get things going of we pick someone before then.
-
Guus
Like I said: this entire discussion now is a lot more formal than what I think is needed.
-
Seve
I think it is very worth having this already decided as Summit time always ends up being too short. Depends on how serious we want this to be :) This is a subjective opinion as I don't know how Dave is as a MC, but just to not make this message longer, I would go with him if he stepped up for this. It depends now on the audience if he is too humorous haha :) But yeah, I like him and this, again, is subjective :P
-
ralphm
I am personally just happy that someone wants to share the Summit and don't care if it is Kev or Dave or both in turns.
-
ralphm
I also don't think Board should have an opinion on it.
-
Guus
he asked.
-
ralphm
And I answered. Though maybe differently than dwd wanted.
-
Kev
FWIW, I do think it's good for Board to at least approve the Chair, and when I offered to Chair I hadn't realised that Dave wanted to do it.
-
ralphm
I approve of Kev and/or Dave.
-
Kev
I was offering, rather than asking, Dave very much wants to do it, IIUC, so I'm happy for Board to say Dave, or Board to say Dave/Kev to work out between themselves, or whatever.
-
Kev
But as Dave wants to, I'm not intending interfering.
-
Kev
(Sorry, was out, am now back)
-
Guus
I'm with ralphm on this one.
-
ralphm
Ok, when we get tired of the voice of Dave, it is good to know there's a backup :-)
-
Kev
(Unless Dave does a terrible job, in which case I'll attempt a coup, but I don't anticipate that :D)
-
Guus
We'll bring the rotten tomatoes to support your cause.
-
ralphm
I love a good coup d'état.
- pep. prepares the pitchfork
-
moparisthebest
how do you run someone off the stage at the XSF summit? throw some JSON printouts at them?
-
ralphm
Ooh, I could bring my XEP-0060 printout.
-
Seve
Say, "Is this the Matrix discussion room" while going in
-
Guus
I'm fairly sure Dave would be resistant to most of that.
-
ralphm
Seve: oh, I should have given Matthew Hodgson a heads-up.
-
Guus
threaten to remove bacon from breakfast, however, might be effective.
-
moparisthebest
too far
-
Ge0rG
marc: FYI re XEP-0401: https://mail.jabber.org/pipermail/standards/2020-January/036913.html
-
Ge0rG
Also XEP-0401 at work here: https://georg.lukas.pro/picture.php?/708/category/xmpp
-
Zash
Neat!
-
marc
Ge0rG, awesome!
-
Ge0rG
marc: the invitation module is live on yax.im
-
Daniel
Ge0rG: you can also add the same play store referrer for the Conversations on that landing page if you haven't already
-
Ge0rG
Daniel: I had to quirk around the new play installer library, it crashed the Play app with an xmpp: URI
-
Ge0rG
Daniel: so I switched to "https://yax.im/i/%23" + jid + params
-
Daniel
Didn't have any problems with that
-
Ge0rG
Daniel: a referrerized version of the landing page is on https://yaxim.org/invite/
-
Ge0rG
Daniel: maybe the Play client on my Android 6 is too old?
-
Ge0rG
I had a bunch of crashes and dubious Play errors when trying to record that video
-
Ge0rG
what you see is the sixth or so attempt
-
marc
Ge0rG, awesome, tbh I dislike the current implementation (separate IQ) but since end users don't care we can implement a proper version based on SASL in parallel?
-
Ge0rG
marc: based on SASL2. SASL isn't flexible enough
-
Ge0rG
marc: and SASL2 is early beta at best
-
marc
Ge0rG, I meant SASL2 ;)
-
Ge0rG
somebody ought to work on it
-
Ge0rG
marc: I'm sure we can add a SASL2 flow into 0401 when SASL2 is ready
-
Guus
Please add yourself to the list of participants at https://wiki.xmpp.org/web/Conferences/Summit_24 if you're attending the summit. I need that list to be complete, to arrange for access to the Cisco building.
- Guus eyes dwd
-
marc
Ge0rG: so what do you propose for 401? Wait until SASL2 is ready or use the hack for now and update it later?
-
marc
I mean 401 as XEP not the implementation
-
Ge0rG
marc: use the hack and update it when SASL2 becomes ready
-
Ge0rG
as SASL2 is not standardized, I'm sure we won't even need to bump anything when it appears
-
marc
Ge0rG, not even bump 401?
-
dwd
Ge0rG, What's missing in SASL2?
-
Zash
Implementations?
-
Ge0rG
marc: I don't see a need
-
dwd
Zash, Sure. I need to find time to test the one I have for Openfire and PR it.
-
Ge0rG
marc: the new feature is feature-namespaced and nobody implemented 0401 before anyway
-
marc
Ge0rG, I'm not in SASL2 but when we change the wire protocol from the "hacky" to SASL2-version, we need to bump 401, no?
-
Zash
New version of the XEP?
-
Ge0rG
marc: I'm not sure about that
-
jubalh
XEP-0232 is the only one that tell others my client version, right?
-
Ge0rG
jubalh: https://xmpp.org/extensions/xep-0092.html and there is also disco identity
-
jubalh
whats disco identity?
-
Ge0rG
jubalh: https://xmpp.org/extensions/xep-0030.html#example-2 has one for servers, but clients often contain the respective name in there
-
Daniel
But don't use that to communicate your version
-
Ge0rG
yeah, don't add anything dynamic in there, as it breaks disco#info caching
-
Zash
Having your version in XEP-0232 does that too
-
Daniel
So 92 it is
-
jubalh
I'll read all of them now before asking more questions :)
-
Zash
"breaks" is a bit harsh, but we don't need to shove too much stuff into disco#info
-
moparisthebest
so we need a special push protocol specifically for new apple induced constraints? that's nice
-
Ge0rG
moparisthebest: another one beyond the Push XEP?
-
moparisthebest
yep, see https://mail.jabber.org/pipermail/standards/2020-January/036925.html
-
dwd
Yeah, Apple are cracking down on silent/straight-to-app notifications. This affects features like fully encrypted stanzas rather badly, since only the app knows if a stanza arriving is of the sort you'd want to use a visible notification for. Facebook/Whatsapp and others are rather annoyed about it all.
-
dwd
Personally, I think it's part and parcel of not using open standards.
-
moparisthebest
and it does hurt to cripple an open standard to support a closed platform made up almost entirely of users who don't care about open anything
-
Ge0rG
dwd: we need to get back to the "contains actual message" push payload then?
-
moparisthebest
on the other hand "xmpp sucks, doesn't even have a useable ios client"
-
dwd
Ge0rG, Well, for us (Pando) we don't display message content in the notifications anyway, and we'll never do full stanza encryption because of metadata analysis (we offer that back to the hospitals). So it somewhat depends on what UX you're trying to get versus what securiy model you're aiming for.
-
dwd
moparisthebest, And yes, this second is important. But note it'll affect WhatsApp as well.
-
moparisthebest
and signal from the link in that thread, I suppose everyone
-
moparisthebest
the more annoying bit for xmpp specifically is, it's easier to just change all your servers if you control all the servers haha
-
dwd
moparisthebest, Likewise with clients. Open Standards is a harder path.
-
moparisthebest
clients are easier to change there because none really work today anyway, but yep
-
Ge0rG
I'd take the ramblings of Mr. Nenakhov with a grain of salt. I know that Anu had to do significant work on Monal for iOS 13, but he managed to make it work, so...
-
moparisthebest
not reliably from what I've heard, and only with the voip hack which is well documented as gone now
-
dwd
Ge0rG, I heard all the same things from Facebook and Wire people.
-
moparisthebest
just follow the links, you don't have to take his word for it
-
dwd
Ge0rG, I think Andrew's right in this case.
-
Ge0rG
Well, we can thank Facebook for that, then. But maybe the faceless automaton that is the Apple approval process will be kind to Free and Federated IM clients.
-
dwd
Ge0rG, Hahahaha!
-
dwd
Ge0rG, But seriously, please do let me know what you think is missing from SASL2. Once I've an implementation in Openfire, I was considering Last Calling, so if you think tere are important things to do first, please say.
-
Ge0rG
dwd: essentially what Zash said. It only exists in theory.
-
Ge0rG
dwd: for me to make use of it somebody would have to convince flow to implement it in smack in a way that can be back ported to the previous release
-
dwd
Ge0rG, Zash has half an implementation, and it's on flow's roadmap. Openfire has an implementation, though it's not yet in master (having rescured it I need to test it a bit before makign the PR, but the code is there).
-
dwd
Ge0rG, flow's aim is to get it working for ISR etc, which seems like a major effort - I doubt it'll backport cleanly, though a simplistic implementation should work.
-
Ge0rG
dwd: also with it being a security algorithm, somebody with a background in security needs to vet it
-
Ge0rG
I'm not yet ready to upgrade my minimum sdk level to smack 4.4 equivalent
-
dwd
Ge0rG, Well, it's not a security algorithm. It packages existing security algorithms in the same way as the existing SASL binding.
-
lovetox
dwd im interested in SASL2
-
lovetox
if you have a server impl, i would try to impl it in Gajim
-
lovetox
im most interested in the password reset thing
-
Ge0rG
Wasn't there also a discussion about SASL being IETF territory?
-
dwd
lovetox, I did have half an implementation; I just couldn't figure out how to prevent the stream restart.
-
dwd
Ge0rG, Any SASL mechanism, yes. SASL2 isn't one. It's borderline, I'll accept, being a binding, and I'd like some review from IETF folks, but we can get Alexey to look quite easily - and he designed the original.
-
lovetox
dwd what was the XEP again?
-
Ge0rG
dwd: that sounds like a reasonable plan indeed. Is asking Alexey blocked by needing more implementations?
-
dwd
Ge0rG, Well, if Kev considers implementing, I think Alexey would pretty much get sucked in...
-
dwd
lovetox, XEP-0388.
-
lovetox
oh that was the one about 2FA
-
lovetox
not the one with password reset
-
lovetox
also useful though
-
lovetox
although i dont know how this works in practice
-
lovetox
if you have a bad connection, you need to 2FA every minute?
-
dwd
lovetox, Though my Openfire code at https://github.com/dwd/Openfire/tree/dwd/sasl2 has SASL2 (XEP-0388), TOTP-2FA (XEP-0400), and I genuinely can't recall what else right now.
-
dwd
lovetox, That was why I did CLIENT-KEY, so you could get a "Remember this device" thing.
-
moparisthebest
that might also just resolve itself with QUIC
-
moparisthebest
since you can keep the same connection across network disconnects or networks
-
dwd
lovetox, XEP-0399. I do have code that's very similar to XEP-0399, but not quite. And there's SASL-HT* as well which could be used in much the same way, and, as moparisthebest says, QUIC.
-
Ge0rG
I suppose 2FA only makes sense at the moment when you have to enter a password.
-
dwd
FWIW, if I were to do CLIENT-KEY again, I'd probably do something weird based aorund HPKE instead.
-
Ge0rG
Why not just x.509 client certificates