This message constitutes notice of a Last Call for comments on
XEP-0377.
Title: Spam Reporting
Abstract:
This document specifies a mechanism by which users can report spam and
other abuse to a server operator or other spam service.
URL: https://xmpp.org/extensions/xep-0377.html
This Last Call begins today and shall end at the close of business on
2026-01-05.
Please consider the following questions during this Last Call and send
your feedback to the standards(a)xmpp.org discussion list:
1. Is this specification needed to fill gaps in the XMPP protocol
stack or to clarify an existing protocol?
2. Does the specification solve the problem stated in the introduction
and requirements?
3. Do you plan to implement this specification in your code? If not,
why not?
4. Do you have any security concerns related to this specification?
5. Is the specification accurate and clearly written?
Your feedback is appreciated!
Hi,
I saw a talk by Sophia Longwe, who I believe works at Wikimedia
Germany, at 39C3 (Chaos Communication Congress). I saw the talk in
person, but there is a recording of it here:
https://media.ccc.de/v/39c3-who-runs-the-www-wsis20-and-the-future-of-inter…
The talk is a rudimentary overview of how the different bodies that
"steer" the internet work t ranging from UN committees and ICANN down
to mere mortals such as us. The XMPP Standards Foundation (XSF) was
not called out specifically, but our colleagues at the IETF and W3C
were mentioned.
In her talk, she criticized the lack of participation from "civil
society" in standardization work. She attributed this partially to
high barriers to entry at IETF events (high costs, fancy hotels) and
said (I’m paraphrasing) that it’s basically just rich FAANG employees.
Some of that doesn’t exactly match my own experience at the IETF, but
I don’t think any of what she said was in bad faith. I hope to meet
her in Vienna (IETF126) to discuss some of these things in person. And
who knows, maybe she is right.
Anyway, long story short, this got me thinking about our processes
here at the XSF (which, again, she didn’t mention at all):
I think the XMPP Standards Foundation is in a unique position where
many of our members can be described as "civil society" - people who
might describe themselves as activists or promoters of XMPP rather
than developers. (And/or people who do software development for a
living, but whose jobs are unrelated to XMPP and who joined the XSF
more in the capacity of a user.)
At the same time, I’m observing that a lot of our Last Calls (and
standards work in general) have few participants, at least relative to
our overall membership numbers. Furthermore, I've heard criticism that
the XSF doesn’t take the concerns of some minority groups seriously
enough. (Which may or may not be true; I don’t want to take sides on
that at this point.)
This leads me to a question: Can we kill two or three birds with one
stone here? Can we either rephrase some of the questions in the Last
Call or add new ones that explicitly invite feedback from "civil
society" (for lack of a better word)?
I just want to get the discussion started, so I don’t have a final
list, but the questions could go in a direction like this:
* Would you use this feature if it were implemented in the XMPP client
you currently use?
* Do you think an implementation of this feature could negatively
impact your community?
* Does this improve (make easier) the work you do in your community?
Cheers,
Daniel
Greetings to one and all.
I would want to apologise for posting to this mailing-list, as
mailing-lists "general" and "jdev" are closed.
I am interested in discussing automated spam, and automated counter
measures against that issue.
I have created a moderation service (i.e. "bot") software to handle this
concern.
The interface of that software is of XMPP client, so anyone can operate
it from anywhere.
I would be glad to be honored by your kind participation.
https://git.xmpp-it.net/sch/KaikOut
Merry Christmas and a Happy New Year,
Schimon
I have setup the XSF membership application Wiki page for the
application period Q1-2026
Applications are encouraged from developers and others who are actively
involved in the Jabber/XMPP community.
To apply, create a page about yourself on the Wiki:
https://wiki.xmpp.org/web/Membership_Applications_Q1_2026
If you don't have a wiki account, send your full name, preferred
nickname and email address to me or one of the other Sysops:
https://wiki.xmpp.org/web/Sysops
When you need help with your application then don't hesitate to contact
me directly
Apply now!!!
Thanks,
Alex
This message constitutes notice of a Last Call for comments on
XEP-0484.
Title: Fast Authentication Streamlining Tokens
Abstract:
This specification defines a token-based method to streamline
authentication in XMPP, allowing fully authenticated stream
establishment within a single round-trip.
URL: https://xmpp.org/extensions/xep-0484.html
This Last Call begins today and shall end at the close of business on
2025-01-27.
Please consider the following questions during this Last Call and send
your feedback to the standards(a)xmpp.org discussion list:
1. Is this specification needed to fill gaps in the XMPP protocol
stack or to clarify an existing protocol?
2. Does the specification solve the problem stated in the introduction
and requirements?
3. Do you plan to implement this specification in your code? If not,
why not?
4. Do you have any security concerns related to this specification?
5. Is the specification accurate and clearly written?
Your feedback is appreciated!
Why are the inlined bind2 features inside <feature/> elements rather than
using the exact same syntax as when announcing the same features in the stream
features element (e.g. <csi xmlns='urn:xmpp:csi:0'/>)
For reference:
<bind xmlns='urn:xmpp:bind:0'>
<inline>
<feature var="urn:xmpp:carbons:2" />
<feature var="urn:xmpp:csi:0" />
<feature var="urn:xmpp:sm:3" />
</inline>
</bind>
-tmolitor
Version 0.1.0 of XEP-0509 (Initial Authentication Pipelining) has been
released.
Abstract:
This specification defines a protocol for discovering if the SASL2
<authenticate> can be pipelined safely along with the stream open, and
if so allows the client to perform this pipelining safely.
Changelog:
Accepted as Experimental by council vote (dg)
URL: https://xmpp.org/extensions/xep-0509.html
Note: The information in the XEP list at https://xmpp.org/extensions/
is updated by a separate automated process and may be stale at the
time this email is sent. The XEP documents linked herein are up-to-
date.
Why is XEP-0386 (BIND2) talking about <authorization-identity/> at [1] whereas
XEP-0388 (SASL2) is talking about <authorization-identifier/> at [2]?
Bot specs use it for exactly the same thing: communicating the bare or full
jid (if a bind occured). Why this double-element? XEP-0388 even states
> If the Client is now authenticated, the Server sends a <success/> element,
which contains an <authorization-identifier/> element containing the negotiated
identity - this is a bare JID, unless resource binding has occurred, in which
case it is a full JID.
So it seems like a perfect fit to communicate the full jid after bind using the
SASL2 element, why was this extra BIND2 element added?
-tmolitor
[1] https://xmpp.org/extensions/xep-0386.html#identifiers
[2] https://xmpp.org/extensions/xep-0388.html#success
Greetings.
This is a concern about backward compatibility.
Preface
-------
Earlier, this evening, after I have sent a series of corrections to
messages at the group chat of XSF Discussion, Mr. Guus has mentioned
the concern of backward compatibility with clients that do not support
message corrections, or reactions and other features that have a visual
impact.
Wed 10 Dec 2025 06:21:44 PM - Guus:
> My client displays a wall of text in this chat room, full of quote
> chains, reactions, links, and corrections.
>
> It's completely unreadable. I'm using a very old client with a basic
> interface, but until recently, this was never an issue.
>
> It's disappointing to see that modern XMPP usage can make my
> experience so abysmal - at least in rooms where newer clients are
> active (even if _or perhaps because_ they try to implement "backwards
> compatibility" features).
Wed 10 Dec 2025 06:31:45 PM - lissine:
> Check https://logs.xmpp.org/xsf/2025-12-10 to have an idea about the
> experience of Guus
Concern
-------
I was wondering whether some features, which have visual impact on
messages, should have XML Namespaces (xmlns).
Consideration
-------------
This would mean that messages that are marked as "corrected messages"
will not be displayed with clients that do not support message
correction, due to a namespace which is not recognized by clients that
do not support that feature.
Kind regards,
Schimon
Version 1.35.3 of XEP-0045 (Multi-User Chat) has been released.
Abstract:
This specification defines an XMPP protocol extension for multi-user
text chat, whereby multiple XMPP users can exchange messages in the
context of a room or channel, similar to Internet Relay Chat (IRC). In
addition to standard chatroom features such as room topics and
invitations, the protocol defines a strong room control model,
including the ability to kick and ban users, to name room moderators
and administrators, to require membership or passwords in order to
join the room, etc.
Changelog:
* muc#roomconfig_allowinvites doesn't restrict owners but enables
additional permissions for members. (spw)
URL: https://xmpp.org/extensions/xep-0045.html
Note: The information in the XEP list at https://xmpp.org/extensions/
is updated by a separate automated process and may be stale at the
time this email is sent. The XEP documents linked herein are up-to-
date.
