-
emus
But Ge0rG, are the CVEs pulled to the security website by XSF now or is that to be biild?
-
emus
Apart from that, its end of month. Everyone is invited to add their news to the newsletrer! ππ
-
Ge0rG
emus: somebody needs to build that yet
-
emus
ok thx
-
phryk
Is it possible to generate account loginc URIs with the xmpp: scheme?
-
phryk
i.e. after a web registration, I'd like to offer a link people can click to log into the newly created account with an installed client β is that possible?
-
Zash
easier to make it secure by passing a reference to the client and have it register itself from there
-
phryk
That's what I'm doing β but not all clients support handling invite-based registrations, so I need a fallback.
-
Zash
If you are very lucky, xmpp://username@hostname/ may do the right thing.
-
Zash
https://www.rfc-editor.org/rfc/rfc5122#section-2.3
-
MattJ
That's the theory, but I don't know any client that actually supports that
-
wgreenhouse
> If you are very lucky, xmpp://username@hostname/ may do the right thing. conversations parsed that correctly, nice
-
wgreenhouse
is there an equivalent for MUCs?
-
Zash
wgreenhouse, what did it do, exactly?
-
Zash
It does the *wrong* thing here
-
phryk
Okay, then I guess I'll just put a collapsed element there so users can show their login data plainly but can make sure nobody's shoulder-surfing firstβ¦
-
MattJ
That's what I did for Snikket
-
MattJ
for the web registration flow
-
Zash
That's what the invite based registration stuff for Prosody already does, yes.
-
Zash
wgreenhouse, the correct or at least intended behavior would have been to offer to add a new account. it seems to do the same thing as xmpp:user@host here
-
Ge0rG
phryk: why not use easy account invitations like in Siskin. You create an invitation token / link and the user can complete account creation from their client. No need to transmit passwords
-
MattJ
Ge0rG, "but not all clients support handling invite-based registrations, so I need a fallback"
-
Zash
Dejaovuueueue
-
wgreenhouse
> wgreenhouse, the correct or at least intended behavior would have been to offer to add a new account. it seems to do the same thing as xmpp:user@host here Zash: yeah it offered to add the contact to roster, not register an account
-
Zash
Wrong!
-
Zash
xmpp:user@host means "talk to user@host", like mailto:user@host xmpp://user@host means "access host as user", like http://user@host
-
MattJ
wgreenhouse, then the equivalent (join a MUC) is xmpp:room@host?join
-
wgreenhouse
> Wrong! aha
-
wgreenhouse
> wgreenhouse, then the equivalent (join a MUC) is xmpp:room@host?join yeah, I knew this, I misunderstood the intent of the xmpp:// scheme until Zash's further explanation a moment ago
-
Zash
finally xmpp://you@yourhost/me@myhost would be "contact me from yourhost"
-
Zash
On some platforms where you can't deal with xmpp:user@host a hacky workaround like xmpp:///user@host was used iirc
-
Zash
as in, the authority part is empty there
-
emus
Hello, we have the first interest of a project (?) for the XSF fiscal host from Thilo Molitor who is the lead developer of Monal. The question is, how would it be working right now? We accept it, then we have a XSF account, we define a code and if that suits to the project we will transfer the money to a specified account, e.g. Thilo Molitor?
-
emus
@board, if that needs mire discussion I would like to ask to put it to the upcoming agenda
-
Sam
emus: they create a profile on Open Collective. Whenever someone donates, the money goes into the xsf bank account. Whenever they take the money out to pay for something it is paid out of the xsf account using their balance.The xsf does the accounting and what not.
-
Sam
The website stuff needs to be merged before it can actually be enabled on open collective though
-
emus
ok thx
-
emus
Is the process described in the PR
-
emus
havent had time to read yet
-
Sam
Huh, the new fiscal host page also did the HTTP complaint thing for me, but that one is definitely not cached.
-
Sam
Is anyone else here on Open Collective (and can you take a screenshot for me from an account that's not an administrator on the XSF one)?
-
Sam
Oh, nevermind, the button still exists if you're not logged in, it's just in a different place. Weird.
-
phryk
whoop, finally finished the dynamic setup guides for all OSes \o/