XSF Discussion - 2021-07-23

> With the added caveat of your body must be just the url alone, because something something inputmice Technically you can also omit the body entirely and just send the x-oob stand alone

It's just that you can't mix text and image

The body equals x-oob is just a short hand for 'usually you want to provide a fallback for clients that don't do x-oob'

Daniel: but couldn't you put the text into the <desc/> element of OOB and combine url + text in the message body? And wasn't there a client enforcing body==x-oob.url?

Ge0rG, i'm describing Conversations behaviour. not the xep

I know, we don't have any XEP describing the mess we are in.

https://docs.modernxmpp.org/client/protocol/#communicating-the-url

MattJ: that's as always a great resource, thanks.

Hi, I am looking for a topic for a bachelor thesis with which I can support XMPP. Does anyone have an unstarted project or an idea that is suitable for a bachelor thesis?

georgeorwell, good question, not from the top of my head. do you have any ideas?

brainstorming ideas:

- xmpp over quic

(especially with consideration of stream management and transport agnostic stream resumption)

qy: https://linkmauve.fr/extensions/xep-0280.html

- a MIX implementation for Smack :-P

- comparing XMPP's energy and traffic consumption with other protocols (MQTT, ZeroMQ, etc). this could potentially provide insights where XMPP (and implemenations) can be improved

i'd really love to provide a citeable reference that can be given if someone claims that XMPP is not suitable for all kinds of low energy use cases. While I don't expect that XMPP has the same low resource useage as binary protocols, I would expect that the overhead of XML is far lower and manageable as people expect in a lot of situations

georgeorwell, does that ad-hoc list help?

qy: and others at https://linkmauve.fr/extensions/ have WIP(?) DOAP listincg

phryk: ↑

flow: my previous ideas would have been about implementing currently unsupported xeps in various clients, but this only helps the specific client and not a larger part of the community. And the scientific value would be also very limited.

so yes, that helps a lot!

georgeorwell, right, I also don't see how this would be a good thesis, even for a bachelors

georgeorwell, you don't happen to be looking for a thesis in germany?

Zash, sorry what? I just fell out of bed, still very groggy. ^^ ✏

Something about showing DOAP data in each XEP

Link Mauve was working on that

If anyone else has suggestions, you are always welcome to contact me: https://www.huhn.dev/contact/

flow: yet i am :)

https://paste.xinu.at/9zDg3C is pretty much all the data about XEP support currently in the DOAPs

And at https://linkmauve.fr/extensions/ it's shown in each XEP

oooooooooooooooh. :D

i thought that was just a domain mirror or something. ^^;

How is xmpp.org implemented anyways?

https://github.com/xsf/xmpp.org/

Ah, static site generator I was pretty sure about, but it's implemented in python, nice.

well

no :)

No?

it's using a terribly outdated pelican version with a lot strange hacks

I wish I had the time to clean that up

I don't dare to look into theme/ too much

it sheds a terrible light on pelican ;)

but pelican is python?

Please tell me this doesn't use 2.7 :D

I wouldn't bet on that.

Wow, so what's the issue with migrating it to a newer version of pelican? Did stuff just change there, or is it the "lots of strange hacks" bit?^^

the latter.

Ah, so in essence the site is generated by a lovecraftian custom fork of ancient software?

Cthulu r'lyeh ni ni!

it's not a fork, to be fair

it's just a really complex theme

Pelican 3.3 from 2013, you better believe it's Python 2.x and also you need some kind of node.js madness to build the theme, which nobody knows how to do anymore, so you gotta edit minified css.

That about covers it?

that's just the CSS part of it

the jinja templates in the xsf theme are the reason why strange things happen when you upgrade pelican

Not that other blog engines seem any better. /me grumbles about Hugo and the Prosody blog breaking if you even think about switching version

thing is that pelican is pretty decent in my experience with my own sites

sounds like there's just stuff done in the theme that absolutely doesn't belong into a theme.

For money, I could probably fix that. :P

Is there an A+ rating for servers with the xmpp.net tester? :3

Do you want maximum internet points or working federation? (can't have both)

well, I'm going to break *some* federation. the test also made me notice that i still got some TLS ciphers in there I probably want to remove.

But might extend my own testing suite to crawl servers for their supported ciphers and such so I have some actual data i can base my decisions on.

I mean, I assume there's probably still servers out there doing no TLS, so even just requiring any TLS already breaks *some* federation. more of a matter of degree. the internet points are just a nice bonus on top. ^^

I think Its easy, enable tls1.2+, get 4096 bit cert, Cipher bitsize only 256 and only Forward secrecy

That's the plan, tho I have no idea how large the percentage of clients/servers is that this will stop from connecting/federating…

Tho I don't know if I can specify key size at letsencrypt, but wanted to look into that anways. :)

The big once all do. I have everything on that list except cipher bitsize is unessesarily high with 256 only in my opinion

> Tho I don't know if I can specify key size at letsencrypt, but wanted to look into that anways. :) You can

Let's Encrypt doesn't generate your keys

True, but if some computation on their end is dependant in key size I can imagine them limiting maximum key size.

I think the max was once 4096. But don't know if its still the case. There were people that wanted bigger once and created issues on the tracker..

Nice, works for me. :)

aTalk doesn't support omemo or otr in group conversations, right?

Its not a question for the xsf I assume.. You could just try it

Their play store description says they support both

> Menel wrote: > Its not a question for the xsf I assume.. > You could just try it Ok.

> Zash wrote: > qy: and others at https://linkmauve.fr/extensions/ have WIP(?) DOAP listincg Oh very good

It’s not up to date though, I’d rather integrate that on the website than to maintain it myself, for other to (not) know about it.

Right. Why I said "WIP". Mostly mentioned to point out existing efforts for this.

I've forgotten what's blocking merging of that

Figuring out Docker.

As in, integrating it into the automated build of the website.