Difference between pages "GSoC/2019" and "Minutes of the 2019 Summit: Day two"

From XMPP WIKI
(Difference between pages)
Jump to navigation Jump to search
 
(Add a note about jsf@chat.cluxia.eu having moved.)
 
Line 1: Line 1:
== Google Summer of Code 2019 ==
'''1017: Additional Agenda Bashing'''<br />
* XMPP Developer Foundation


The XMPP Standards Foundation (XSF) is going to apply as mentoring organization for Google Summer of Code 2019.


The XSF is an umbrella organisation for various XMPP-releated projects. As such, there's two tiers involved - the XSF itself, which is responsible for catherding mentors to submit ideas, choosing students etc., and the software projects themselves that then mentor students. Anyone interested in participating in GSoC as an XSF student can join the [[#Join_the_group_chat.21|gsoc@muc.xmpp.org chat room]], where various mentors will be available to answer questions and generally help. Although each idea in the lists of project ideas mentions a possible mentor, this MUC is the best place to start.
'''1019: Moved'''<br />
* XEP-0283 is hard to use due to security concerns (an attacker could move all contacts to another account)
* Migration is done through presence stanzas, so only online clients get the specific payload, other get a roster push
* Previous discussion lead to the idea of a "tombstone" stored on PEP for the former account
* This is only for roster, what about subscriptions, MUC, etc
* What about servers getting unavailable without prior notice?
* Kev wants to do the out-of-band confirmation again in case of unavailable server
* Ralph in favor of <gone/> reply to presence probe with a new location that would allow servers to do the right thing
* Privacy concerns: how visible should the tombstone be? (and what about GDPR)
* Daniel volunteers to specify the tombstoning for IBR
* import/export (0227) to be used as a separate mechanism, from old to new account.


As there are several disparate projects here, there's variety across several codebases in different languages and with significantly different aims, so take a look through all the ideas - there should be something for everyone here :)


'''1050: Full-stanza encryption'''<br />
* Paul showing some slides (https://cloud.jabberhead.tk/s/Eqd3cKnjdHpqN4N)
* Ralph asks if the XEP-0297 forwarding element could be reused to fit in the encrypted payload
* Having fixed elements inside the encrypted payload could allow plaintext attacks
* Decision on how to move forward postponed after lunch


=== Overview ===


[[GSoC/2019/Project Ideas | Project Ideas Page]]
'''1115: Show and tell session'''<br />
* Link Mauve:
** xmpp-account-manager: JS client to manage account settings and stuff
** xmpp-parsers-rs: it exists https://gitlab.com/xmpp-rs/xmpp-parsers/
* Dave
** Side-project (https://github.com/surevine/Metre ) allowing to host components without a full XMPP server, and act as a lawful proxy, supporting DNSSEC & DANE, C++14, MIT license
* Goffi
** Salut à toi file sharing using XMPP (either device-to-device, or using a filesharing/hosting to component), and media control using ad-hoc commands and MPRIS, event creation/invitation/sharing, and jp
* Daniel
** Moya messenger for south africa, 90% conversations, based off phone numbers and everything, started quicksy afterwards
** Presentation of Quicksy user onboarding and Quicksy directory
* OSSGuy
** Presenting jmp.chat, SMS gateway providing a phone number for your JID allowing you to send and receive messages, https://gitlab.com/ossguy/sgx-catapult
* Debacle
** Meteorogical data transfer using XMPP, specific conditions: low-powered linux device, TLS required, compression very useful
** For everybody interested in IoT, please remember, that there is a MUC, that needs more participants and more discussion: xmpp:iot@muc.xmpp.org?join
* MattJ
** Scansion: automated xmpp client, just describe actions, put XML input and output  (can copy XEP examples). Used for prosody integration tests
* Flow
** Non-blocking IO in smack using the reactor pattern, and smack integration tests are really good
* Guus
** Setting up a full-blown openfire with a lot of things with plugins (inverse, jitsi meet) in one minute (and cheating)
*Ralph
** https://ralphm.net/publications/xmpp_chat_voip/  


=== Timeline ===


{| class="wikitable"
'''1350: Discussing Agenda'''<br />
| Date
| Event
|-
| 2019-02-06 20:00 UTC
| Mentoring organization application deadline
|-
| 2019-02-26 12:00 UTC
| List of accepted mentoring organizations published
|}


The complete timeline can be found at [https://developers.google.com/open-source/gsoc/timeline the official GSoC 2019 page].
'''1400: Developer foundation'''<br />
* Umbrella outside of the XSF that does not need to be neutral
* Does it need to be a foundation? Try to avoid creating a legal entity until required
* The idea of the XSF collecting funds and redistribute it for sprints and such
* XSF's neutrality
* XDF (Stuff on whiteboard)
** Sprints (Developer Meetings)
** `My first client` curated
** Teasers / Ice breakers
** UX Guidelines
** Software Recommendations and list of servers (curated)
** XMPP Conf
** Meetups
* Daniel shared https://xmpp-developers.foundation/about/
* xmpp:jsf@chat.cluxia.eu?join is the room we've been idling in[0] (this is not the case anymore)


=== Join the group chat! ===
'''1445: SPAM'''<br />
* Link Mauve uses honeypot accounts on Prosody (mod_firewall based)
* https://github.com/JabberSPAM/blacklist describes a due process to blacklist servers
** contacting the server admins, wait for 7 days for a reply
** if no reply, contact ISP, wait for 14 days
** this takes time and needs (trusted) volunteers to contact admins and document the steps taken


Use a regular XMPP client and join the GSoC chat room '''[xmpp:gsoc@muc.xmpp.org?join gsoc@muc.xmpp.org]'''.


How to join:


* Download and install a client, or use a web client
'''1520: Compression'''<br />
* Create an account, or use an existing one
* MattJ is waiting on a compression spec
* Find, join, and bookmark: [xmpp:gsoc@muc.xmpp.org?join gsoc@muc.xmpp.org].
* Discussions on when it's safe to flush compression and when not
* HTTP vs XMPP compression and authentication issues
 
 
'''1530: Summit Retro'''<br />
* Good stuff/Things that went well
** Better communication across the big table
** Clearer and simpler language
** Good attendance and involvement of people
** Show & Tell
** Minutes
** Time slotting/keeping
** Little talking over each other
** We got a lot of stuff discussed
** Quality of discussions and listening
** Good hosting location
** Lunch vouchers
** Remote participation
** WiFi
** Sponsors
* Things we could improve
** Have agenda before the summit to read up on things
** Diversity
** Video
** Voices don't carry well in this room
** Discussion for show and tell
** Show and Tell before lunch (issue + helpful)
** Slots for Show and Tell
** Split up Show and Tell over 2 days
** Earlier hotels
** Hotel pricing
** Obvious room doubling
** Late wiki page finalisation
** Wiki?
** My first summit / Expectations / Easier on-boarding
** More sponsors
** Objectives for discussions / Not all discussions lead to concrete actions/results
** SCAM metadata unused
** Ventilation
** More breaks
** In room coffee/drinks
** PA system
* Actions:
** MattJ + Winfried will write down guidelines/recommendations on
** how to have a good and successful Summit for participants
* including my first summit
* Advertise more (Twitter, Facebook, Website, etc.)
* Three Shown and Tell slots (before lunch and end on day 1)
* Speaking/Queueing mechanism
* More sponsors
* Sponsors (including dinner and summit sponsers) on website
* Wiki? topics, summary, relevant XEPs/links in advance / interest and scheduling as before / expected outcomes
* Ralph is sending a mail about A/V issues to Cisco
* Evaluate venue
* Show and Tell: 5 minutes time and includes questions
* Attempt to finalize on hotel earlier
* Consider if wiki is a sensible place for summit info colleciton and publish
* More breaks / fresh air
* Investigate snacks in room
* Microphone / PA
 
 
[0]: Addition on 2019/03/30: Now moved to/split into xmpp:modernxmpp@rooms.modernxmpp.org?join as a set of guidelines on how to use the protocol as well as UX guidelines, and something to come under the XSF umbrella (as possible) to provide developer documentation on how to use the different available libraries.

Latest revision as of 00:08, 30 March 2019

1017: Additional Agenda Bashing

  • XMPP Developer Foundation


1019: Moved

  • XEP-0283 is hard to use due to security concerns (an attacker could move all contacts to another account)
  • Migration is done through presence stanzas, so only online clients get the specific payload, other get a roster push
  • Previous discussion lead to the idea of a "tombstone" stored on PEP for the former account
  • This is only for roster, what about subscriptions, MUC, etc
  • What about servers getting unavailable without prior notice?
  • Kev wants to do the out-of-band confirmation again in case of unavailable server
  • Ralph in favor of <gone/> reply to presence probe with a new location that would allow servers to do the right thing
  • Privacy concerns: how visible should the tombstone be? (and what about GDPR)
  • Daniel volunteers to specify the tombstoning for IBR
  • import/export (0227) to be used as a separate mechanism, from old to new account.


1050: Full-stanza encryption

  • Paul showing some slides (https://cloud.jabberhead.tk/s/Eqd3cKnjdHpqN4N)
  • Ralph asks if the XEP-0297 forwarding element could be reused to fit in the encrypted payload
  • Having fixed elements inside the encrypted payload could allow plaintext attacks
  • Decision on how to move forward postponed after lunch


1115: Show and tell session

  • Link Mauve:
  • Dave
    • Side-project (https://github.com/surevine/Metre ) allowing to host components without a full XMPP server, and act as a lawful proxy, supporting DNSSEC & DANE, C++14, MIT license
  • Goffi
    • Salut à toi file sharing using XMPP (either device-to-device, or using a filesharing/hosting to component), and media control using ad-hoc commands and MPRIS, event creation/invitation/sharing, and jp
  • Daniel
    • Moya messenger for south africa, 90% conversations, based off phone numbers and everything, started quicksy afterwards
    • Presentation of Quicksy user onboarding and Quicksy directory
  • OSSGuy
  • Debacle
    • Meteorogical data transfer using XMPP, specific conditions: low-powered linux device, TLS required, compression very useful
    • For everybody interested in IoT, please remember, that there is a MUC, that needs more participants and more discussion: xmpp:iot@muc.xmpp.org?join
  • MattJ
    • Scansion: automated xmpp client, just describe actions, put XML input and output (can copy XEP examples). Used for prosody integration tests
  • Flow
    • Non-blocking IO in smack using the reactor pattern, and smack integration tests are really good
  • Guus
    • Setting up a full-blown openfire with a lot of things with plugins (inverse, jitsi meet) in one minute (and cheating)
  • Ralph


1350: Discussing Agenda

1400: Developer foundation

  • Umbrella outside of the XSF that does not need to be neutral
  • Does it need to be a foundation? Try to avoid creating a legal entity until required
  • The idea of the XSF collecting funds and redistribute it for sprints and such
  • XSF's neutrality
  • XDF (Stuff on whiteboard)
    • Sprints (Developer Meetings)
    • `My first client` curated
    • Teasers / Ice breakers
    • UX Guidelines
    • Software Recommendations and list of servers (curated)
    • XMPP Conf
    • Meetups
  • Daniel shared https://xmpp-developers.foundation/about/
  • xmpp:jsf@chat.cluxia.eu?join is the room we've been idling in[0] (this is not the case anymore)

1445: SPAM

  • Link Mauve uses honeypot accounts on Prosody (mod_firewall based)
  • https://github.com/JabberSPAM/blacklist describes a due process to blacklist servers
    • contacting the server admins, wait for 7 days for a reply
    • if no reply, contact ISP, wait for 14 days
    • this takes time and needs (trusted) volunteers to contact admins and document the steps taken


1520: Compression

  • MattJ is waiting on a compression spec
  • Discussions on when it's safe to flush compression and when not
  • HTTP vs XMPP compression and authentication issues


1530: Summit Retro

  • Good stuff/Things that went well
    • Better communication across the big table
    • Clearer and simpler language
    • Good attendance and involvement of people
    • Show & Tell
    • Minutes
    • Time slotting/keeping
    • Little talking over each other
    • We got a lot of stuff discussed
    • Quality of discussions and listening
    • Good hosting location
    • Lunch vouchers
    • Remote participation
    • WiFi
    • Sponsors
  • Things we could improve
    • Have agenda before the summit to read up on things
    • Diversity
    • Video
    • Voices don't carry well in this room
    • Discussion for show and tell
    • Show and Tell before lunch (issue + helpful)
    • Slots for Show and Tell
    • Split up Show and Tell over 2 days
    • Earlier hotels
    • Hotel pricing
    • Obvious room doubling
    • Late wiki page finalisation
    • Wiki?
    • My first summit / Expectations / Easier on-boarding
    • More sponsors
    • Objectives for discussions / Not all discussions lead to concrete actions/results
    • SCAM metadata unused
    • Ventilation
    • More breaks
    • In room coffee/drinks
    • PA system
  • Actions:
    • MattJ + Winfried will write down guidelines/recommendations on
    • how to have a good and successful Summit for participants
  • including my first summit
  • Advertise more (Twitter, Facebook, Website, etc.)
  • Three Shown and Tell slots (before lunch and end on day 1)
  • Speaking/Queueing mechanism
  • More sponsors
  • Sponsors (including dinner and summit sponsers) on website
  • Wiki? topics, summary, relevant XEPs/links in advance / interest and scheduling as before / expected outcomes
  • Ralph is sending a mail about A/V issues to Cisco
  • Evaluate venue
  • Show and Tell: 5 minutes time and includes questions
  • Attempt to finalize on hotel earlier
  • Consider if wiki is a sensible place for summit info colleciton and publish
  • More breaks / fresh air
  • Investigate snacks in room
  • Microphone / PA


[0]: Addition on 2019/03/30: Now moved to/split into xmpp:modernxmpp@rooms.modernxmpp.org?join as a set of guidelines on how to use the protocol as well as UX guidelines, and something to come under the XSF umbrella (as possible) to provide developer documentation on how to use the different available libraries.