- Standards

Participation of civil society in the standardization process + Last Calls

by Daniel Gultsch

Hi, I saw a talk by Sophia Longwe, who I believe works at Wikimedia Germany, at 39C3 (Chaos Communication Congress). I saw the talk in person, but there is a recording of it here: https://media.ccc.de/v/39c3-who-runs-the-www-wsis20-and-the-future-of-inter… The talk is a rudimentary overview of how the different bodies that "steer" the internet work t ranging from UN committees and ICANN down to mere mortals such as us. The XMPP Standards Foundation (XSF) was not called out specifically, but our colleagues at the IETF and W3C were mentioned. In her talk, she criticized the lack of participation from "civil society" in standardization work. She attributed this partially to high barriers to entry at IETF events (high costs, fancy hotels) and said (I’m paraphrasing) that it’s basically just rich FAANG employees. Some of that doesn’t exactly match my own experience at the IETF, but I don’t think any of what she said was in bad faith. I hope to meet her in Vienna (IETF126) to discuss some of these things in person. And who knows, maybe she is right. Anyway, long story short, this got me thinking about our processes here at the XSF (which, again, she didn’t mention at all): I think the XMPP Standards Foundation is in a unique position where many of our members can be described as "civil society" - people who might describe themselves as activists or promoters of XMPP rather than developers. (And/or people who do software development for a living, but whose jobs are unrelated to XMPP and who joined the XSF more in the capacity of a user.) At the same time, I’m observing that a lot of our Last Calls (and standards work in general) have few participants, at least relative to our overall membership numbers. Furthermore, I've heard criticism that the XSF doesn’t take the concerns of some minority groups seriously enough. (Which may or may not be true; I don’t want to take sides on that at this point.) This leads me to a question: Can we kill two or three birds with one stone here? Can we either rephrase some of the questions in the Last Call or add new ones that explicitly invite feedback from "civil society" (for lack of a better word)? I just want to get the discussion started, so I don’t have a final list, but the questions could go in a direction like this: * Would you use this feature if it were implemented in the XMPP client you currently use? * Do you think an implementation of this feature could negatively impact your community? * Does this improve (make easier) the work you do in your community? Cheers, Daniel

1 hour, 34 minutes

5
6
0 0

LAST CALL: XEP-0377 (Spam Reporting)

by Daniel Gultsch

This message constitutes notice of a Last Call for comments on XEP-0377. Title: Spam Reporting Abstract: This document specifies a mechanism by which users can report spam and other abuse to a server operator or other spam service. URL: https://xmpp.org/extensions/xep-0377.html This Last Call begins today and shall end at the close of business on 2026-01-05. Please consider the following questions during this Last Call and send your feedback to the standards(a)xmpp.org discussion list: 1. Is this specification needed to fill gaps in the XMPP protocol stack or to clarify an existing protocol? 2. Does the specification solve the problem stated in the introduction and requirements? 3. Do you plan to implement this specification in your code? If not, why not? 4. Do you have any security concerns related to this specification? 5. Is the specification accurate and clearly written? Your feedback is appreciated!

1 day, 18 hours

5
13
0 0

Means to handle spam

by Schimon Jehudah

Greetings to one and all. I would want to apologise for posting to this mailing-list, as mailing-lists "general" and "jdev" are closed. I am interested in discussing automated spam, and automated counter measures against that issue. I have created a moderation service (i.e. "bot") software to handle this concern. The interface of that software is of XMPP client, so anyone can operate it from anywhere. I would be glad to be honored by your kind participation. https://git.xmpp-it.net/sch/KaikOut Merry Christmas and a Happy New Year, Schimon

1 week, 3 days

1
0
0 0

XSF Membership Application period Q1 2026

by Alexander Gnauck

I have setup the XSF membership application Wiki page for the application period Q1-2026 Applications are encouraged from developers and others who are actively involved in the Jabber/XMPP community. To apply, create a page about yourself on the Wiki: https://wiki.xmpp.org/web/Membership_Applications_Q1_2026 If you don't have a wiki account, send your full name, preferred nickname and email address to me or one of the other Sysops: https://wiki.xmpp.org/web/Sysops When you need help with your application then don't hesitate to contact me directly Apply now!!! Thanks, Alex

2 weeks, 3 days

1
0
0 0

LAST CALL: XEP-0484 (Fast Authentication Streamlining Tokens)

by Daniel Gultsch

This message constitutes notice of a Last Call for comments on XEP-0484. Title: Fast Authentication Streamlining Tokens Abstract: This specification defines a token-based method to streamline authentication in XMPP, allowing fully authenticated stream establishment within a single round-trip. URL: https://xmpp.org/extensions/xep-0484.html This Last Call begins today and shall end at the close of business on 2025-01-27. Please consider the following questions during this Last Call and send your feedback to the standards(a)xmpp.org discussion list: 1. Is this specification needed to fill gaps in the XMPP protocol stack or to clarify an existing protocol? 2. Does the specification solve the problem stated in the introduction and requirements? 3. Do you plan to implement this specification in your code? If not, why not? 4. Do you have any security concerns related to this specification? 5. Is the specification accurate and clearly written? Your feedback is appreciated!

3 weeks, 6 days

6
20
0 0

Bind2 question

by Thilo Molitor

Why are the inlined bind2 features inside <feature/> elements rather than using the exact same syntax as when announcing the same features in the stream features element (e.g. <csi xmlns='urn:xmpp:csi:0'/>) For reference: <bind xmlns='urn:xmpp:bind:0'> <inline> <feature var="urn:xmpp:carbons:2" /> <feature var="urn:xmpp:csi:0" /> <feature var="urn:xmpp:sm:3" /> </inline> </bind> -tmolitor

3 weeks, 6 days

1
0
0 0

NEW: XEP-0509 (Initial Authentication Pipelining)

by Daniel Gultsch

Version 0.1.0 of XEP-0509 (Initial Authentication Pipelining) has been released. Abstract: This specification defines a protocol for discovering if the SASL2 <authenticate> can be pipelined safely along with the stream open, and if so allows the client to perform this pipelining safely. Changelog: Accepted as Experimental by council vote (dg) URL: https://xmpp.org/extensions/xep-0509.html Note: The information in the XEP list at https://xmpp.org/extensions/ is updated by a separate automated process and may be stale at the time this email is sent. The XEP documents linked herein are up-to- date.

3 weeks, 6 days

1
0
0 0

authorization-identifier versus authorization-identity in SASL2 and BIND2

by Thilo Molitor

Why is XEP-0386 (BIND2) talking about <authorization-identity/> at [1] whereas XEP-0388 (SASL2) is talking about <authorization-identifier/> at [2]? Bot specs use it for exactly the same thing: communicating the bare or full jid (if a bind occured). Why this double-element? XEP-0388 even states > If the Client is now authenticated, the Server sends a <success/> element, which contains an <authorization-identifier/> element containing the negotiated identity - this is a bare JID, unless resource binding has occurred, in which case it is a full JID. So it seems like a perfect fit to communicate the full jid after bind using the SASL2 element, why was this extra BIND2 element added? -tmolitor [1] https://xmpp.org/extensions/xep-0386.html#identifiers [2] https://xmpp.org/extensions/xep-0388.html#success

4 weeks

3
2
0 0

Should new features utilize different namespaces?

by Schimon Jehudah

Greetings. This is a concern about backward compatibility. Preface ------- Earlier, this evening, after I have sent a series of corrections to messages at the group chat of XSF Discussion, Mr. Guus has mentioned the concern of backward compatibility with clients that do not support message corrections, or reactions and other features that have a visual impact. Wed 10 Dec 2025 06:21:44 PM - Guus: > My client displays a wall of text in this chat room, full of quote > chains, reactions, links, and corrections. > > It's completely unreadable. I'm using a very old client with a basic > interface, but until recently, this was never an issue. > > It's disappointing to see that modern XMPP usage can make my > experience so abysmal - at least in rooms where newer clients are > active (even if _or perhaps because_ they try to implement "backwards > compatibility" features). Wed 10 Dec 2025 06:31:45 PM - lissine: > Check https://logs.xmpp.org/xsf/2025-12-10 to have an idea about the > experience of Guus Concern ------- I was wondering whether some features, which have visual impact on messages, should have XML Namespaces (xmlns). Consideration ------------- This would mean that messages that are marked as "corrected messages" will not be displayed with clients that do not support message correction, due to a namespace which is not recognized by clients that do not support that feature. Kind regards, Schimon

4 weeks, 1 day

3
5
0 0

UPDATED: XEP-0045 (Multi-User Chat)

by Daniel Gultsch

Version 1.35.3 of XEP-0045 (Multi-User Chat) has been released. Abstract: This specification defines an XMPP protocol extension for multi-user text chat, whereby multiple XMPP users can exchange messages in the context of a room or channel, similar to Internet Relay Chat (IRC). In addition to standard chatroom features such as room topics and invitations, the protocol defines a strong room control model, including the ability to kick and ban users, to name room moderators and administrators, to require membership or passwords in order to join the room, etc. Changelog: * muc#roomconfig_allowinvites doesn't restrict owners but enables additional permissions for members. (spw) URL: https://xmpp.org/extensions/xep-0045.html Note: The information in the XEP list at https://xmpp.org/extensions/ is updated by a separate automated process and may be stale at the time this email is sent. The XEP documents linked herein are up-to- date.

1 month

1
0
0 0

2026

2025

2024

2023

Standards