Ge0rGmy usual commute to work is measured in meters, not in kilometers
jonas’7 km is a bit above the average for my commute to work in the last year. I had home office a few times.
Ge0rGhm. when I divide the kilometers driven last year by working days, I have a daily average of ~43km. That's rather high, and it doesn't even count in the railway kilometers.
mukt2has left
mukt2has joined
jonas’Pendlerpauschale!
mukt2has left
krauqhas joined
Danielhas left
Danielhas joined
mukt2has joined
GuusI used to commute 1000km a week. I've learned that the time lost in commute, not so much distance, annoyed me more.
Guusit's so... pointless.
GuusFor the past few years, I'm working remote - saves me 2 to 3 hours a day that I can spend on things that are more enjoying than sitting somewhere, waiting to arrive somewhere else.
jonas’I’m using commute time for reading up on stuff nowadays
Guus(I did have ~one year of commute by bicycle, which was good for clearing my head / getting in shape (less out-of-shape) - that was good too).
jonas’I imagine
jonas’cycling is kind of a suicide mission here tho
jonas’waaay too many high-traffic roads without dedicated cyclist lanes
GuusYeah, I was driving myself. Reading while operating a vehicle is frowned upon, generally. Never got into audiobooks - although I was very up-to-speed with current affairs through radio shows.
GuusYeah, I've learned that. Once drove over what i thought was a dedicated cyclist lane in Germany, which turned out to be the emergency shoulder of a highway.
jonas’driving yourself sounds like an ecological nightmare in addition to the waste of time
jonas’holy smokes
Guusthere was a colonne of military vehicles passing us. Every. Single. One. Used. Its. Horn. On. Us.
jonas’yeah, cyclists on the highway is also something which gets mentioned in radio traffic reports
jonas’but now I get *why* you’d even do that -- thinking that the emergency stuff was for cyclists
GuusYeah, that's not done here too. But we got confused by first having been on what actually was a dedicated bike path on a very similar road.
GuusIn the Netherlands, things are very clear to me, in that respect.
GuusAlso, this was 20 years ago 🙂
Guusoh, being self-employed and being able to deduct travel from taxes should give me a nice way to see how much I travelled (for work) last year.
Guusjust under 120 hours.
jonas’so that’s probably less than I commuted last year
jonas’which is by approximation in the order of 140-180h
winfriedhas left
winfriedhas joined
j.rhas left
j.rhas joined
winfriedhas left
GuusI travelled just over 10,000km last year
dwdhas left
winfriedhas joined
jonas’in those 120h?
Ge0rGI try not to travel more than I have podcasts in my subscription
GuusI have two customers that are both relatively far away (~140km one-way). I'm visiting one of them once a month, and the other once a week, when I have an active project with them.
jonas’I’m in the order of 3200km, so your travel is *much* faster than mine :D
winfriedhas left
winfriedhas joined
Guusyeah those km and hours correlate to each-other.
Guusmost of it is highway.
jonas’(which isn’t surprising, because I’m commuting from one end of the city to the other)
jonas’(via public transport, which is okay, but mostly blocked by rush hour individual traffic)
Guus10430/120 = 87km/h
Guusmakes sense.
Ge0rGI hope I'll be driving a BEV two weeks from now, so that I can still commute by individual transport but not have such a bad consciencs
Ge0rGI hope I'll be driving a BEV two weeks from now, so that I can still commute by individual transport but not have such a bad conscience
GuusBEV?
Ge0rGGuus: battery-electric vehicle (of course only charged by regenerative energy sources)
Guusah right.
dwdhas joined
GuusI'm on regular petrol - next car probably will be an electric one as well.
Guusstill - 10,000k is a dramatic improvement over a few years ago for me 🙂
Guusstill - 10,000km is a dramatic improvement over a few years ago for me 🙂
jonas’silently points at burning australia.
GuusNot arguing that more should be done.
Ge0rGI'm pretty sure that what's happening now all over the world is the beginning of the Apocalypse.
jonas’yeah -- I’ve been in a fun discussion the other day and it’s echoing back
jonas’"Jesus will save us" was the tip of the iceberg
jonas’but we’re getting lots of off-topic now :)
Zashhas left
Ge0rGjonas’: Jesus will save us from that, too
jonas’from the off-topic?
Ge0rGsure
jonas’I thought our lord and saviour for off-topic was xmpp:xmpp@chat.yax.im?join ?
!XSF_Martinhas left
Zashhas joined
!XSF_Martinhas joined
mimi89999has left
GuusI'm very interested in what will happen in the Netherlands in the next few months. Somewhere in March I think, the speed limit is dropped from 130km/h to 100, in order to reduce emissions.
GuusI wonder what that does for not just the emissions, but also traffic jams, injuries, etc.
jonas’yeah
jonas’also, kudos to the netherlands
jonas’even thinking out loud about introducing a 130 km/h speed limit gets you on the kill-list as a politician on Germany :)
Ge0rGjonas’: you shouldn't be making fun of it. Politician kill-lists are a real thing in Germany
GuusIt's a grudgedly applied limit, because we suddenly found out we had to stop all kinds of developments due to to high emission levels.
jonas’Ge0rG, I know.
jonas’Guus, ah, germany simply doesn’t care.
GuusI think the average commute in the Netherlands is 20km or something
Sevewow 100km/h, so slow Guus
jonas’"we’ll deal with the trials when they happen" or something
GuusGermany obviously is bigger.
Ge0rGI would love to see a speed limit on Die Autobahn, even just because my BEV will be capped to 167km/h
Guus100km/h is slow, yes. No-one really likes it, and I wonder if it will hold up at all. But it's the least worst thing that they could do, at this point.
Guusalso, the limit does not apply at night, I think.
KevWell, that bit makes sense at least. Stop people being used to driving at speed, and then tell them the only time they're allowed to do it is overnight when they're driving tired.
Ge0rGKev: it's only to support natural selection.
mimi89999has joined
Zash120km/h is the highest speed limit in Sweden.
mukt2has left
Guus100km/h is slow, yes. No-one really likes it, and I wonder if it will hold up at all. But it's the least unpopular thing that they could do, at this point.
Wojtekhas joined
winfriedhas left
winfriedhas joined
winfriedhas left
winfriedhas joined
winfriedhas left
winfriedhas joined
winfriedhas left
winfriedhas joined
mukt2has joined
Danielhas left
Danielhas joined
sonnyhas joined
sonnyhas left
jubalhhas joined
mukt2has left
larmahas left
debaclehas joined
mukt2has joined
Yagizahas left
Yagizahas joined
larmahas joined
lskdjfhas joined
jubalhhas left
Yagizahas left
Yagizahas joined
lorddavidiiihas left
lorddavidiiihas joined
lorddavidiiihas left
mukt2has left
lorddavidiiihas joined
mukt2has joined
emushas left
emushas joined
matkorhas left
matkorhas joined
lorddavidiiihas left
lorddavidiiihas joined
mukt2has left
mukt2has joined
sonnyhas joined
debacleI wonder, if XEP-0157: Contact Addresses for XMPP Services should standardize the address of the data protection officer. Because of GDPR and IMHO none of the standardized roles seems to fit. E.g.
<field
var='data-protection-addresses'
type='list-multi'
label='One or more addresses for data protection and privacy'/>
I didn't check the related RFCs for such things, though.
And maybe we can standardize the address of motorway traffic police officer, too.
pep.No agenda item right now. There are things I need to send.. soon(tm)
ralphmDO we have a MattJ?
winfriedhas left
winfriedhas joined
ralphm1. Minute taker
MattJHey
ralphmThanks nyco!
ralphm2. XSF Objectives
Zashhas left
Zashhas joined
ralphmThe PR that's still listed on our Trello has since been retracted, in favor of an offer to make XEP-0001 a bit clearer.
winfriedhas left
winfriedhas joined
ralphmI believe one of the issues was that XEP-0001 doesn't clearly (enough) document or reference what we believe to be an open standard.
ralphmWorking from what is written in our IPR Policy, I believe we should be able to resolve that unclarity.
mukt2has left
GuusI don't think it'd hurt much to clarify things, if we can do that without adding so much prose that that in itself opens things up for interpretation.
Guusiirc, Kev volunteered to make a suggestion for an improvement, after a time of reflection.
ralphmRIght.
KevRight.
ralphmSo I think we can close this item for the time being.
pep.For this kind of soul-seeking process I'd like to involve members. If we get to something board thinks is ok, then propose it for a vote or sth
GuusI don't think that's needed.
pep.searching*?
stpeterhas joined
KevI'm not looking to suggest a change to process, just a clarification to XEP1 of what our process already is.
pep.Guus, why not?
Guusas I assume Kev is going to write up a more specific definition of what Ralph, Dave, me and others understand to be the definition as how we interpret it today.
winfriedhas left
Kev(We might, subsequently, decide we want to change our process, but one step at a time)
winfriedhas joined
ralphmpep., IMO, I don't think we need to be soul-seeking. The XSF has been pretty consistent in their interpretation of what constitutes an open standard, in our IPR, FAQ and Mission statement. Documenting that clearly in XEP-0001, however, is useful.
KevAnd I have to vanish now. Will read the minutes.
pep.Even just "clarifying" something possibly changes what people were picturing
GuusI think Kev's approach is sensible: clearly document what we have, and decide if we want to change that only afterwards.
pep.Different minds, different ways to interpret things
pep.etc. etc.
MattJAs Kev/etc. said, I'm with documenting the current state of things
ralphmIndeed
MattJChanges are a separate discussion
pep.I'm not saying I'm against documenting things, note
pep.Just that I don't think it's possible to solely "document" this kind of things. Anyway I'll wait to see what comes out
emushas left
winfriedhas left
GuusLet's see what Kev comes up with. We'll have to vote on it to merge that change anyway.
SubPubhas left
GuusLet's not over-engineer this to much.
winfriedhas joined
ralphmThanks
SeveSuper :)
ralphm2. XMPP Summit / FOSDEM
matkorhas left
ralphmThings are well on their way, with various people involved in getting this organized again.
Guus(scam hat on) did everyone receive the dinner invitation?
ralphmI did.
MattJYep
Guusit should have gone out to members and summit mailinglists.
Guuscool
ralphmFor those reading these logs and/or minutes: please register for the XSF Dinner.
emushas joined
GuusUnsure if we need to discuss more around these events in this meeting?
Guus(happy to, unsure what)
ralphmnothing in particular
ralphmOther than to mention that we will not have a Board meeting next week.
Guusright.
ralphm3. GSoC
ralphmI was curious if there are any updates.
GuusFor those reading these logs and/or minutes: please have your name added to the wiki page if you attend the summit. I'll use that for the guest list at Cisco's.
ralphmThanks Guus
Guusflow registered us as an organisation
Guusiirc, him and larma are signed up as an org admin. He asked me to sign up as one too, in the understanding that I'd be a backup only.
GuusI did that.
larmawe still have to fill profile details before the application is considered complete
larmadeadline for that is Feb 5
ralphmlarma: also Project Ideas, right?
GuusAt that time, we should have project ideas ready, right?
GuusIn any case: projects that want to join should start preparing.
larmaWe only need to have the page with profile ideas, which already exists. I know some orgs were accepted in the past without a proper ideas page, but it's better to have it filled by then
Guusit doesn't hurt to have a list of teaser tasks, etc.
ralphmlarma: agreed. Hereby another reminder for our community to add more ideas on https://wiki.xmpp.org/web/GSoC/2020/Project_Ideas
Guusthat will all reflect better on our application.
Guuslarma / flow maybe it'd be good if you guys explicitly poke projects for those?
Guusthe better the quality of our proposal, the higher the chances that we get accepted.
larmaGuus, sure, openfire and smack already have their list linked
ralphm4. AOB
I would be happy for today's meeting to be short, and hope to see many of you next week.
MattJNone here
pep.none
SeveNone :)
GuusNone here
ralphm5. Date of Next
ralphm+2W
ralphm6. Close
ralphmThanks all!
ralphmbangs gavel
pep.Thanks.
edhelasyup
Guusoh, forgot something
MattJToo late!
pep.Guus, please send on the list if possible :)
pep.If it's not urgent
Guusneeds to be done before summit
winfriedhas left
winfriedhas joined
GuusI'll take it to the list.
ralphmwhat?
lovetoxhas left
lovetoxhas joined
winfriedhas left
winfriedhas joined
mukt2has joined
GuusDave doing MC at summit (with keV)
GuusDwd asked for board to explicitly discuss him acting in that role
pep.As I said in scam@ I'm +1. And we can also take that to the list and have board vote there until next week. If people are already gone?
GuusContext is the discussion about the definition of "open standard" and "omemo" that happened, and how he took a position. Dave wondered if that made it undesirable for him to act as an MC.
GuusHe explicitly asked me to put that before board.
Guusdwd - feel free to chime in.
GuusDave and me discussed this before Kev changed his availability status at the summit from 'online' to 'in-the-room'. Kev, as previous years, offered to lead the troops at the summit. As I understand things, Dave and Kev discussed doing it together, this year.
GuusAll of this is already a lot more formal than I wanted to be "pick someone that takes point" to be.
GuusI think it suffices for board to answer Dave's question if they have objections on Dave acting as a master of ceremony at the upcoming Summit. I'd like to leave it at that.
MattJI think many people "took a position" in the discussions, I don't have any objections
GuusI for one don't see any issue. If taking a position in an argument disqualifies you from doing anything like this, we have bigger issues.
pep.#freespeach #censorship
pep.speech.
pep.Always miss this one
GuusSeve ralphm ?
moparisthebestI feel the need to pipe in here, no hard feelings on my end at all, people have different opinions and that's perfectly fine
GuusThanks moparisthebest
j.rhas left
Guusdwd please let me know if this satisfies your request. If not, we can take it to a mailinglist.
j.rhas joined
Guussorry for not bringing this up during the meeting - that would've been better.
sonnyhas joined
adiaholichas left
adiaholichas joined
moparisthebestjudging by the text I've read from dwd , him MC'ing sounds hilarious :) on that topic is there going to be a live stream ?
jonas’what’s MC?
jonas’I suppose it’s not about MC as in https://www.youtube.com/watch?v=ymNFyxvIdaM
moparisthebestI still regularly link people to https://wiki.xmpp.org/web/The_Knight :)
SeveI'm sorry, it sounds as I'm not aware of this (Dave being MC for this summit). Is it in a mailinglist? Or it has been in this room?
GuusSeve it was not discussed outside of Scam, I think
SeveLast thing I know was Kev was not able to make it to the Summit this year, but now I see it looks like he can? :D
SeveAh I see
GuusThis hardly is an official position
Guuswe might as well push someone forward during the first hour of the summit - but it helps to get things going of we pick someone before then.
GuusLike I said: this entire discussion now is a lot more formal than what I think is needed.
SeveI think it is very worth having this already decided as Summit time always ends up being too short. Depends on how serious we want this to be :) This is a subjective opinion as I don't know how Dave is as a MC, but just to not make this message longer, I would go with him if he stepped up for this. It depends now on the audience if he is too humorous haha :) But yeah, I like him and this, again, is subjective :P
sonnyhas left
calvinhas joined
eevvoorhas left
ralphmI am personally just happy that someone wants to share the Summit and don't care if it is Kev or Dave or both in turns.
ralphmI also don't think Board should have an opinion on it.
Guushe asked.
ralphmAnd I answered. Though maybe differently than dwd wanted.
KevFWIW, I do think it's good for Board to at least approve the Chair, and when I offered to Chair I hadn't realised that Dave wanted to do it.
pdurbinhas joined
ralphmI approve of Kev and/or Dave.
KevI was offering, rather than asking, Dave very much wants to do it, IIUC, so I'm happy for Board to say Dave, or Board to say Dave/Kev to work out between themselves, or whatever.
adiaholichas left
KevBut as Dave wants to, I'm not intending interfering.
adiaholichas joined
Kev(Sorry, was out, am now back)
GuusI'm with ralphm on this one.
ralphmOk, when we get tired of the voice of Dave, it is good to know there's a backup :-)
mukt2has left
neshtaxmpphas left
Kev(Unless Dave does a terrible job, in which case I'll attempt a coup, but I don't anticipate that :D)
GuusWe'll bring the rotten tomatoes to support your cause.
ralphmI love a good coup d'état.
pep.prepares the pitchfork
moparisthebesthow do you run someone off the stage at the XSF summit? throw some JSON printouts at them?
Nekithas left
ralphmOoh, I could bring my XEP-0060 printout.
stpeterhas left
SeveSay, "Is this the Matrix discussion room" while going in
GuusI'm fairly sure Dave would be resistant to most of that.
jubalhhas joined
ralphmSeve: oh, I should have given Matthew Hodgson a heads-up.
Guusthreaten to remove bacon from breakfast, however, might be effective.
moparisthebesttoo far
jubalhhas left
sonnyhas joined
stpeterhas joined
mukt2has joined
Nekithas joined
adiaholichas left
adiaholichas joined
mukt2has left
mukt2has joined
eevvoorhas joined
pdurbinhas left
mukt2has left
matkorhas joined
eevvoorhas left
mathijshas left
mathijshas joined
calvinhas left
calvinhas joined
mukt2has joined
j.rhas left
j.rhas joined
calvinhas left
calvinhas joined
mathijshas left
mathijshas joined
mathijshas left
mathijshas joined
calvinhas left
calvinhas joined
jubalhhas joined
mukt2has left
neshtaxmpphas joined
calvinhas left
calvinhas joined
jubalhhas left
sonnyhas left
sonnyhas joined
jubalhhas joined
mukt2has joined
lovetoxhas left
lovetoxhas joined
lovetoxhas left
lovetoxhas joined
Shellhas left
calvinhas left
mathijshas left
mathijshas joined
sonnyhas left
calvinhas joined
jubalhhas left
Douglas Terabytehas left
Douglas Terabytehas joined
mukt2has left
adiaholichas left
adiaholichas joined
jubalhhas joined
mathijshas left
mathijshas joined
mathijshas left
mathijshas joined
matkorhas left
mukt2has joined
Nekithas left
Yagizahas left
winfriedhas left
winfriedhas joined
pdurbinhas joined
winfriedhas left
winfriedhas joined
winfriedhas left
winfriedhas joined
emushas left
mathijshas left
mathijshas joined
emushas joined
pdurbinhas left
mathijshas left
mathijshas joined
Douglas Terabytehas left
Douglas Terabytehas joined
!XSF_Martinhas left
!XSF_Martinhas joined
!XSF_Martinhas left
!XSF_Martinhas joined
Wojtekhas left
mukt2has left
eevvoorhas joined
matkorhas joined
mathijshas left
mathijshas joined
mathijshas left
mathijshas joined
Douglas Terabytehas left
Douglas Terabytehas joined
adiaholichas left
matkorhas left
matkorhas joined
adiaholichas joined
mukt2has joined
waqashas joined
mukt2has left
mukt2has joined
debaclehas left
mathijshas left
mathijshas joined
winfriedhas left
winfriedhas joined
Douglas Terabytehas left
mathijshas left
mathijshas joined
winfriedhas left
winfriedhas joined
Nekithas joined
Douglas Terabytehas joined
stpeterhas left
winfriedhas left
winfriedhas joined
j.rhas left
j.rhas joined
Douglas Terabytehas left
mukt2has left
matkorhas left
matkorhas joined
pdurbinhas joined
mukt2has joined
winfriedhas left
winfriedhas joined
pdurbinhas left
mukt2has left
Douglas Terabytehas joined
Maxhas left
Maxhas joined
matkorhas left
sonnyhas joined
sonnyhas left
winfriedhas left
winfriedhas joined
mukt2has joined
Nekithas left
Ge0rGmarc: FYI re XEP-0401: https://mail.jabber.org/pipermail/standards/2020-January/036913.html
Ge0rGAlso XEP-0401 at work here: https://georg.lukas.pro/picture.php?/708/category/xmpp
winfriedhas left
winfriedhas joined
sonnyhas joined
ZashNeat!
debaclehas joined
marcGe0rG, awesome!
Ge0rGmarc: the invitation module is live on yax.im
DanielGe0rG: you can also add the same play store referrer for the Conversations on that landing page if you haven't already
Ge0rGDaniel: I had to quirk around the new play installer library, it crashed the Play app with an xmpp: URI
Ge0rGDaniel: so I switched to "https://yax.im/i/%23" + jid + params
DanielDidn't have any problems with that
Ge0rGDaniel: a referrerized version of the landing page is on https://yaxim.org/invite/
Ge0rGDaniel: maybe the Play client on my Android 6 is too old?
Ge0rGI had a bunch of crashes and dubious Play errors when trying to record that video
Ge0rGwhat you see is the sixth or so attempt
marcGe0rG, awesome, tbh I dislike the current implementation (separate IQ) but since end users don't care we can implement a proper version based on SASL in parallel?
Ge0rGmarc: based on SASL2. SASL isn't flexible enough
Ge0rGmarc: and SASL2 is early beta at best
marcGe0rG, I meant SASL2 ;)
Ge0rGsomebody ought to work on it
Ge0rGmarc: I'm sure we can add a SASL2 flow into 0401 when SASL2 is ready
GuusPlease add yourself to the list of participants at https://wiki.xmpp.org/web/Conferences/Summit_24 if you're attending the summit. I need that list to be complete, to arrange for access to the Cisco building.
Guuseyes dwd
marcGe0rG: so what do you propose for 401? Wait until SASL2 is ready or use the hack for now and update it later?
sonnyhas left
marcI mean 401 as XEP not the implementation
Ge0rGmarc: use the hack and update it when SASL2 becomes ready
Ge0rGas SASL2 is not standardized, I'm sure we won't even need to bump anything when it appears
marcGe0rG, not even bump 401?
mukt2has left
dwdGe0rG, What's missing in SASL2?
ZashImplementations?
Ge0rGmarc: I don't see a need
mathijshas left
mathijshas joined
dwdZash, Sure. I need to find time to test the one I have for Openfire and PR it.
Ge0rGmarc: the new feature is feature-namespaced and nobody implemented 0401 before anyway
marcGe0rG, I'm not in SASL2 but when we change the wire protocol from the "hacky" to SASL2-version, we need to bump 401, no?
ZashNew version of the XEP?
Ge0rGmarc: I'm not sure about that
winfriedhas left
winfriedhas joined
winfriedhas left
winfriedhas joined
jubalhXEP-0232 is the only one that tell others my client version, right?
Ge0rGjubalh: https://xmpp.org/extensions/xep-0092.html and there is also disco identity
jubalhwhats disco identity?
Ge0rGjubalh: https://xmpp.org/extensions/xep-0030.html#example-2 has one for servers, but clients often contain the respective name in there
mathijshas left
mathijshas joined
DanielBut don't use that to communicate your version
Ge0rGyeah, don't add anything dynamic in there, as it breaks disco#info caching
ZashHaving your version in XEP-0232 does that too
DanielSo 92 it is
jubalhI'll read all of them now before asking more questions :)
Zash"breaks" is a bit harsh, but we don't need to shove too much stuff into disco#info
j.rhas left
j.rhas joined
!XSF_Martinhas left
moparisthebestso we need a special push protocol specifically for new apple induced constraints? that's nice
sonnyhas joined
calvinhas left
calvinhas joined
calvinhas left
calvinhas joined
calvinhas left
calvinhas joined
pdurbinhas joined
j.rhas left
calvinhas left
calvinhas joined
j.rhas joined
calvinhas left
calvinhas joined
calvinhas left
calvinhas joined
calvinhas left
calvinhas joined
Tobiashas left
sonnyhas left
winfriedhas left
calvinhas left
calvinhas joined
calvinhas left
calvinhas joined
winfriedhas joined
pdurbinhas left
mukt2has joined
Marandahas left
calvinhas left
eevvoorhas left
winfriedhas left
winfriedhas joined
winfriedhas left
winfriedhas joined
winfriedhas left
winfriedhas joined
winfriedhas left
winfriedhas joined
winfriedhas left
winfriedhas joined
mukt2has left
Ge0rGmoparisthebest: another one beyond the Push XEP?
winfriedhas left
winfriedhas joined
winfriedhas left
winfriedhas joined
eevvoorhas joined
moparisthebestyep, see https://mail.jabber.org/pipermail/standards/2020-January/036925.html
andyhas left
dwdYeah, Apple are cracking down on silent/straight-to-app notifications. This affects features like fully encrypted stanzas rather badly, since only the app knows if a stanza arriving is of the sort you'd want to use a visible notification for. Facebook/Whatsapp and others are rather annoyed about it all.
dwdPersonally, I think it's part and parcel of not using open standards.
moparisthebestand it does hurt to cripple an open standard to support a closed platform made up almost entirely of users who don't care about open anything
Ge0rGdwd: we need to get back to the "contains actual message" push payload then?
moparisthebeston the other hand "xmpp sucks, doesn't even have a useable ios client"
dwdGe0rG, Well, for us (Pando) we don't display message content in the notifications anyway, and we'll never do full stanza encryption because of metadata analysis (we offer that back to the hospitals). So it somewhat depends on what UX you're trying to get versus what securiy model you're aiming for.
dwdmoparisthebest, And yes, this second is important. But note it'll affect WhatsApp as well.
eevvoorhas left
moparisthebestand signal from the link in that thread, I suppose everyone
moparisthebestthe more annoying bit for xmpp specifically is, it's easier to just change all your servers if you control all the servers haha
karoshihas left
karoshihas joined
Marandahas joined
dwdmoparisthebest, Likewise with clients. Open Standards is a harder path.
moparisthebestclients are easier to change there because none really work today anyway, but yep
Ge0rGI'd take the ramblings of Mr. Nenakhov with a grain of salt. I know that Anu had to do significant work on Monal for iOS 13, but he managed to make it work, so...
moparisthebestnot reliably from what I've heard, and only with the voip hack which is well documented as gone now
dwdGe0rG, I heard all the same things from Facebook and Wire people.
moparisthebestjust follow the links, you don't have to take his word for it
dwdGe0rG, I think Andrew's right in this case.
Ge0rGWell, we can thank Facebook for that, then. But maybe the faceless automaton that is the Apple approval process will be kind to Free and Federated IM clients.
dwdGe0rG, Hahahaha!
debaclehas left
eevvoorhas joined
dwdGe0rG, But seriously, please do let me know what you think is missing from SASL2. Once I've an implementation in Openfire, I was considering Last Calling, so if you think tere are important things to do first, please say.
Ge0rGdwd: essentially what Zash said. It only exists in theory.
Ge0rGdwd: for me to make use of it somebody would have to convince flow to implement it in smack in a way that can be back ported to the previous release
dwdGe0rG, Zash has half an implementation, and it's on flow's roadmap. Openfire has an implementation, though it's not yet in master (having rescured it I need to test it a bit before makign the PR, but the code is there).
dwdGe0rG, flow's aim is to get it working for ISR etc, which seems like a major effort - I doubt it'll backport cleanly, though a simplistic implementation should work.
Ge0rGdwd: also with it being a security algorithm, somebody with a background in security needs to vet it
Ge0rGI'm not yet ready to upgrade my minimum sdk level to smack 4.4 equivalent
dwdGe0rG, Well, it's not a security algorithm. It packages existing security algorithms in the same way as the existing SASL binding.
lovetoxdwd im interested in SASL2
lovetoxif you have a server impl, i would try to impl it in Gajim
lovetoxim most interested in the password reset thing
Ge0rGWasn't there also a discussion about SASL being IETF territory?
dwdlovetox, I did have half an implementation; I just couldn't figure out how to prevent the stream restart.
dwdGe0rG, Any SASL mechanism, yes. SASL2 isn't one. It's borderline, I'll accept, being a binding, and I'd like some review from IETF folks, but we can get Alexey to look quite easily - and he designed the original.
lovetoxdwd what was the XEP again?
Ge0rGdwd: that sounds like a reasonable plan indeed. Is asking Alexey blocked by needing more implementations?
debaclehas joined
dwdGe0rG, Well, if Kev considers implementing, I think Alexey would pretty much get sucked in...
dwdlovetox, XEP-0388.
lovetoxoh that was the one about 2FA
lovetoxnot the one with password reset
lovetoxalso useful though
lovetoxalthough i dont know how this works in practice
lovetoxif you have a bad connection, you need to 2FA every minute?
dwdlovetox, Though my Openfire code at https://github.com/dwd/Openfire/tree/dwd/sasl2 has SASL2 (XEP-0388), TOTP-2FA (XEP-0400), and I genuinely can't recall what else right now.
dwdlovetox, That was why I did CLIENT-KEY, so you could get a "Remember this device" thing.
moparisthebestthat might also just resolve itself with QUIC
moparisthebestsince you can keep the same connection across network disconnects or networks
dwdlovetox, XEP-0399. I do have code that's very similar to XEP-0399, but not quite. And there's SASL-HT* as well which could be used in much the same way, and, as moparisthebest says, QUIC.
Ge0rGI suppose 2FA only makes sense at the moment when you have to enter a password.
mukt2has joined
debaclehas left
goffihas left
dwdFWIW, if I were to do CLIENT-KEY again, I'd probably do something weird based aorund HPKE instead.
XSF Discussion - 2020-01-23