XSF Discussion - 2021-04-28

jonas’, re: https://github.com/dino/dino/issues/1041 maybe that XEP should have something along those lines in the Implementation Notes ?

So I was cleaning up my xep0280 branches and found a commit from 2019 that wasn't mered into mainline :(

I _think_ it was related to the 2019 LC

moparisthebest, the XEP says it quite strongly

Therefore, a recipient SHOULD NOT rely on delayed delivery notations to provide a completely accurate representation of the delivery path or timing of a stanza it has received.

i dont know what more can be done here, next step would be to draw developers examples on how a client can visualize it to users

i dont think a XEP is the right place for something like that

I feel like it might mention something along those lines though

"consider how to convey this to users in a proper way" or something

i have the opinion if you do anything other than simply display the delayed timestamp to the user, but otherwise ignoring it, you go down a rabbithole

that kind of this should likely be in XEPs no ?

"if you put this in the user's history in the correct place, rather than showing it as a new message, they'll likely never see it" ?

that's pretty darn close to a security consideration

i just feel that reduces XEPs to things that GUI chat clients implement

but as i understand it this is only one use case for xmpp

my opinion is, this stuff should get a place somewhere else

moparisthebest: security considerations is the section that's ignored by the most readers

Ge0rG, the only thing ignored *more* than security considerations are the things not written down in the first place :)

moparisthebest: blasphemy! Our protocols are very well documented and don't rely on tribal knowledge

Ge0rG, what if you shove all the examples in the security considerations and make the CVE block pop-up when they try to copypaste from them?

Pop-under or what the latest trends are? Hijack the DOM and additional text into the clipboard