[Members] Fwd: [Summit] updated Summit notes

Peter Saint-Andre stpeter at stpeter.im
Wed Feb 8 20:41:09 UTC 2012

FYI. There are some tasks that we can work on in preparation for next
year, but overall I think it was quite successful. Thanks to everyone on
the FOSDEM team!

-------- Original Message --------
Subject: [Summit] updated Summit notes
Date: Wed, 08 Feb 2012 09:10:43 -0700
From: Peter Saint-Andre <stpeter at stpeter.im>
Reply-To: XMPP Summit <summit at xmpp.org>
To: XMPP Summit <summit at xmpp.org>

XMPP Summit 11
Brussels, Belgium


Possible Topics

 - Dave's "PubSub Inbox" (Keeping PEP-style semantics but allowing
offline support)

 - Making MUC less unreliable
 - XEP-0310 / XEP-0311

Fritzy's "fetching of stuff"
 - similar to Matthew Wild's "Message Archive Management" (MAM)

 - SleekXMPP bug
 - Internationalization
 - File Transfer

Direction of Mobile Use Etc.
 - messages are available, not delivered
 - Twitter, microblogging, etc.
 - expanded offline capabilities

Jingle and WebRTC
 - WebRTC says "bring your own signalling"
 - How to use Jingle in WebRTC

Themes from personal introductions...
- XMPP and the web (XMPP in the browser, BOSH, WebSocket) (+5)
- Security (trust, SASL, signing, encryption, security boundaries) (+4)
- PubSub (+3)
- Reliability (handling client disconnects, low bandwidth, MUC
reconnect) (+3)
- Internationalization (server support, SASLprep) (+3)
- WebRTC + Jingle (+2)
- Multi-User Jingle (audio, video, screensharing) (+2)
- Archiving (history, handling offline messages) (+2)
- IPv6 (+1)
- Data / machine-to-machine / smart grid (+1)
- Event visualization
- Components
- "Keeping It Real Time" Conference
- Real time objects in Redis
- Scalability
- Servers
- Deployment
- Clients
- OAuth
- Lua/Prosody

Internationalization Talk (Nobu and Hiro)
- http://www.sfc.wide.ad.jp/~satu/currentstateofi18nsupport4servers.pdf
- see https://datatracker.ietf.org/doc/draft-saintandre-xmpp-6122bis/
- testing of Japanese domain names represented in punycode
- Q: did they test with Unicode domain names (non-ASCII)?
- running an IDN for testing (create accounts with IBR)...
  - U-labels: さみっと.えっくすえむぴーぴー.net
  - A-labels: xn--48j2ap4g.xn--r8jau4b8b4fa8gr9cba.net

Adam Brault, Keeping it Real Time Conference
- krtconf.com in November, ~145 people
- intent was to bring people together from different technologies and
solving the same kinds of problems
- interest in holding conference in Europe
- possible to co-locate with nodeconf in the future
- Q: Are these presentations or videos available somewhere?

Kevin Smith, Making MUC More Reliable
- http://xmpp.org/extensions/xep-0310.html
- http://xmpp.org/extensions/xep-0311.html

Dave Cridland, PEP Inbox
- working on XMPP-aware browser
- method for putting subscriptions on hold?
- (sent from inbox to feed source)
- subscription manager that lives at my bare JID
- when I log in, my server fetches the latest items for those topics
- what can we learn from IMAP here?

Matthew Wild, archiving++ ("Message Archive Management")
- XEP-0136 got Zoofied
- been working on archiving
- part of XEP-0136 has been implemented in Gajim
- common use case is synchronizing history between clients
- server archives by default
- trying to make it as simple as possible
- per-message IDs (timestamps not precise enough)
- Waqas: archive and offline message store are the same thing?
- expose an archive for the MUC room?
- buddycloud-style "inbox"
- possible substitute for message carbons

Reliability (client disconnection / message delivery)
- Q: if using XEP-0198 and XEP-0184, is there still a gap that needs
further work?
- some people will try to do some experimentation this weekend and
report back on Monday
- can be challenges depending on port used, TCP vs. BOSH, etc.
- fallback across ports?
- xmpp over websocket with XEP-0198 gives everything BOSH had
- http://tools.ietf.org/html/draft-moffitt-xmpp-over-websocket-00
  - needs to be updated and completed


FOSDEM recap
- "finance report" from Dave Cridland
  - 2000 euros on hoodies and t-shirts
  - still down on the weekend (lunch and breaks at Cisco office)
- the lounge worked well!
  - bigger space was good, more interactive
  - FOSDEM guys were enthusiastic about the approach
  - more formal demo schedule would help
  - location of stand wasn't advertised correctly (location switch)
  - more prominent signage (banner or tablecloth)
  - jabber.org signage along with XMPP for name recognition
  - better tape and signage- improve audio and video
  - obtain wired connection to lounge to improve bandwidth for video
  - better prepare for video and audio from the devroom
  - perhaps video cameras and wireless mics?
  - try to use better / open codecs next time
  - public Jingle stream for talks?
- most talks were good, some presenters were inexperienced
  - provide better instructions / mentoring for presenters
  - collect presentations ahead of time
- need stronger devroom moderation
  - assign moderators for various time periods (not one person the whole
  - one person to monitor number of people in the room, direct traffic,
make sure the OPEN vs. FULL sign is correct
  - don't just say "CLOSED", but redirect people to the lounge
  - write up a HOWTO for devroom moderators
- find a way to store all of our stuff (done: arranged at Cisco office)
- hold XMPP Summit in North America?
  - need to coordinate with Adam Brault, Julien Genestoux, pubsubhubbub
folks, etc.
  - try to make decision in next 6 weeks

Themes from the weekend / topics for coming months...

- WebRTC proof of concept with Jingle for signalling
  - Is P2P
  - "bring your own signaling"

XMPP over WebSocket (Fritzy)
- sharing sessions across browser windows / tabs
- 198-enabled session on server side and resume on client side
- or use EXTERNAL based on TLS session
- or ticket from XMPP server
- problem: store username and password on the client
- want to auth with same account on different websites
- want steady session that comes back when you reopen the tab
- generate a prebinding token?
- two-tab problem is separate from the reload problem
- cross-tab communication in browser (W3C spec for messaging?)
  - http://dev.w3.org/html5/postmsg/
- use that as transport for communication about which tab is auth'd (etc.)
- XEP-0198 resumption over BOSH?
- limited time auth token + SASL mechanism (re-use OAuth)
- see https://datatracker.ietf.org/doc/draft-ietf-kitten-sasl-oauth/

OAuth for XMPP (Dodo)
- use case: Spotify publish tunes on my behalf
- need way to know that Spotify wants to do this
- send auth request for publisher affiliation over XMPP?
- or do XMPP on the backend and Web on the frontend?
- don't need to do it all over XMPP
- also: do we need this more generically, not just for pubsub?
- e.g.: view roster, send presence, etc.
- is some of this just http://xmpp.org/extensions/xep-0070.html ?

Pubsub Xep 0060
- Business logic splitup?
- Ability for remote sites to get affiliated with specific parts of user
- Move non-core use cases to separate spec

[demo from Stefan de Konink]

HTTP and the Web
- Dave Cridland describes his talk from Saturday
- HTTP is weak on security, especially endpoint authentication
- What if you used your JID for single sign-on?
- Some aspects of web applications are convoluted but could be
simplified by using XMPP
- http://browserid.org/
- noted: we could do this already, just need to build the API and
specify the wire protocol
- old browser problem - solved via realtime updates to browsers a la Chrome
- could this just leverage BrowserID (an alternative auth method)
- could also provide background notifications
- what services can XMPP provide?
  - strong authentication
  - real-time / background notifications
- what's needed:
  - browser plugins (might be able to borrow from msgboy?)
  - some specs to fill current gaps
- current Chrome UI: log into your browser with your gmail ID
- "this website wants to see your presence" (directed, subscription,

- World IPv6 Day 2012
  - put out a call for participation
  - prep servers, clients, libraries
  - xmpp.org / jabber.org access at the bunker
  - poke operators at xmpp.org about servers that are live

Server Directories (XEP-0309) and Incident Reporting (XEP-0267)
- How to solve drive-by shootings in MUC rooms?
  - pending state before your presence is shared in the room?


More information about the Members mailing list