XSF Discussion - 2020-11-09

Hm, regarding XEP-0373 (OpenPGP for XMPP), it is not possible to retreive the Fingerprint of the key contained in a secret key backup without decrypting it first.

That's probably both a good and a bad thing.

UX-wise I'd like to show the user the fingerprint of the key they are about to restore

Hm, are there any benefits of having the fingerprint hidden in the backup? In the end, the public key gets published anyways

Ah I see this is adressed in https://wiki.xmpp.org/web/XEP-Remarks/XEP-0373:_OpenPGP_for_XMPP

but what for vanitasvitae do you need this before?

this is an operation which is carried out very very rarley

true

just download the key, decrypt it and show the user the fingerprints

but still if would be nice to tell the user "hey, we found a backup of key XYZ, would you like to restore that backup or maybe generate a new key instead?"

ok, but is it not enough to say "we found a backup"

I agree that this is a minor issue

also whats problematic i guess is

if you dont have the fingerprint encrypted

The remarks page mentions some nice proposals to improve the situation

this means its not sure that they belong together

true

but I mean, that could be mitigated by verifying the fingerprint after decryption

still would present implementations with a possible pitfall though

Memberbot is online now for our 2020 elections. Great applicants again this year

uh-oh, somebody failed to apply for membership renewal

oh, still two weeks time for that one

Ge0rG, ya, still open. Will remind them soon

\o/

thanks Alex

Alex: 👍

dwd: it looks like you are still applying for both B & C

It does, doesn't it? I should make a decision as to whether and which to drop.

People have run for both before, I don't believe anyone has been elected for both during my time at least

Let's see :)

Well, actually, they have. I'm pretty sure Peter did, several times, but I did in 2015.

dwd: do you intend to run both positions if elected?

Yes, though I'll explicitly avoid chairing either (not that I think I'd win if I tried), or acting as liaison (which is properly the job of the council chair).

I did act as liaison in 2015, and it was a bit difficult to keep the hats separate.

dwd: you might want to update the last statement in your Board application then, > I'll review the state of applications, and if I feel I can I'll withdraw from one or other.

(in both applications, actually)

Yes. Although there's context - there's stuff I'd like to get done in both, so it depends if I think most of that stuff would get done. I haven't yet reviewed the state of applications, though.

dwd: there are five for Board and seven for Council, if that is what you meant by "review"

Well, my hope was that I could do more than just count. Sadly, doesn't seem to be the case for Board.

dwd, fwiw, I’ll be happy to chair council again should I be reelected

Thank you! I'm amazed you find the time, given you've the editor role as well, but you've consistently done a better job than I did, so I wouldn't be standing anyway.

dwd, thank you :)

I mean, of course, supposing we both get elected. I have some thinking to do on that front about whether to withdraw, of course.

yeah, let’s not call any election results before it’s done ........

jonas’: well, we can go to the Supreme Court if the results aren't favorable, right?

Luckily, the Supreme Court of the XSF is basically whoever shows up to the AGM in "person".

So at least that's quick.