[Summit] updated Summit notes
stpeter at stpeter.im
Wed Feb 8 16:10:43 UTC 2012
XMPP Summit 11
- Dave's "PubSub Inbox" (Keeping PEP-style semantics but allowing
- Making MUC less unreliable
- XEP-0310 / XEP-0311
Fritzy's "fetching of stuff"
- similar to Matthew Wild's "Message Archive Management" (MAM)
- SleekXMPP bug
- File Transfer
Direction of Mobile Use Etc.
- messages are available, not delivered
- Twitter, microblogging, etc.
- expanded offline capabilities
Jingle and WebRTC
- WebRTC says "bring your own signalling"
- How to use Jingle in WebRTC
Themes from personal introductions...
- XMPP and the web (XMPP in the browser, BOSH, WebSocket) (+5)
- Security (trust, SASL, signing, encryption, security boundaries) (+4)
- PubSub (+3)
- Reliability (handling client disconnects, low bandwidth, MUC
- Internationalization (server support, SASLprep) (+3)
- WebRTC + Jingle (+2)
- Multi-User Jingle (audio, video, screensharing) (+2)
- Archiving (history, handling offline messages) (+2)
- IPv6 (+1)
- Data / machine-to-machine / smart grid (+1)
- Event visualization
- "Keeping It Real Time" Conference
- Real time objects in Redis
Internationalization Talk (Nobu and Hiro)
- see https://datatracker.ietf.org/doc/draft-saintandre-xmpp-6122bis/
- testing of Japanese domain names represented in punycode
- Q: did they test with Unicode domain names (non-ASCII)?
- running an IDN for testing (create accounts with IBR)...
- U-labels: さみっと.えっくすえむぴーぴー.net
- A-labels: xn--48j2ap4g.xn--r8jau4b8b4fa8gr9cba.net
Adam Brault, Keeping it Real Time Conference
- krtconf.com in November, ~145 people
- intent was to bring people together from different technologies and
solving the same kinds of problems
- interest in holding conference in Europe
- possible to co-locate with nodeconf in the future
- Q: Are these presentations or videos available somewhere?
Kevin Smith, Making MUC More Reliable
Dave Cridland, PEP Inbox
- working on XMPP-aware browser
- method for putting subscriptions on hold?
- (sent from inbox to feed source)
- subscription manager that lives at my bare JID
- when I log in, my server fetches the latest items for those topics
- what can we learn from IMAP here?
Matthew Wild, archiving++ ("Message Archive Management")
- XEP-0136 got Zoofied
- been working on archiving
- part of XEP-0136 has been implemented in Gajim
- common use case is synchronizing history between clients
- server archives by default
- trying to make it as simple as possible
- per-message IDs (timestamps not precise enough)
- Waqas: archive and offline message store are the same thing?
- expose an archive for the MUC room?
- buddycloud-style "inbox"
- possible substitute for message carbons
Reliability (client disconnection / message delivery)
- Q: if using XEP-0198 and XEP-0184, is there still a gap that needs
- some people will try to do some experimentation this weekend and
report back on Monday
- can be challenges depending on port used, TCP vs. BOSH, etc.
- fallback across ports?
- xmpp over websocket with XEP-0198 gives everything BOSH had
- needs to be updated and completed
- "finance report" from Dave Cridland
- 2000 euros on hoodies and t-shirts
- still down on the weekend (lunch and breaks at Cisco office)
- the lounge worked well!
- bigger space was good, more interactive
- FOSDEM guys were enthusiastic about the approach
- more formal demo schedule would help
- location of stand wasn't advertised correctly (location switch)
- more prominent signage (banner or tablecloth)
- jabber.org signage along with XMPP for name recognition
- better tape and signage- improve audio and video
- obtain wired connection to lounge to improve bandwidth for video
- better prepare for video and audio from the devroom
- perhaps video cameras and wireless mics?
- try to use better / open codecs next time
- public Jingle stream for talks?
- most talks were good, some presenters were inexperienced
- provide better instructions / mentoring for presenters
- collect presentations ahead of time
- need stronger devroom moderation
- assign moderators for various time periods (not one person the whole
- one person to monitor number of people in the room, direct traffic,
make sure the OPEN vs. FULL sign is correct
- don't just say "CLOSED", but redirect people to the lounge
- write up a HOWTO for devroom moderators
- find a way to store all of our stuff (done: arranged at Cisco office)
- hold XMPP Summit in North America?
- need to coordinate with Adam Brault, Julien Genestoux, pubsubhubbub
- try to make decision in next 6 weeks
Themes from the weekend / topics for coming months...
- WebRTC proof of concept with Jingle for signalling
- Is P2P
- "bring your own signaling"
XMPP over WebSocket (Fritzy)
- sharing sessions across browser windows / tabs
- 198-enabled session on server side and resume on client side
- or use EXTERNAL based on TLS session
- or ticket from XMPP server
- problem: store username and password on the client
- want to auth with same account on different websites
- want steady session that comes back when you reopen the tab
- generate a prebinding token?
- two-tab problem is separate from the reload problem
- cross-tab communication in browser (W3C spec for messaging?)
- use that as transport for communication about which tab is auth'd (etc.)
- XEP-0198 resumption over BOSH?
- limited time auth token + SASL mechanism (re-use OAuth)
- see https://datatracker.ietf.org/doc/draft-ietf-kitten-sasl-oauth/
OAuth for XMPP (Dodo)
- use case: Spotify publish tunes on my behalf
- need way to know that Spotify wants to do this
- send auth request for publisher affiliation over XMPP?
- or do XMPP on the backend and Web on the frontend?
- don't need to do it all over XMPP
- also: do we need this more generically, not just for pubsub?
- e.g.: view roster, send presence, etc.
- is some of this just http://xmpp.org/extensions/xep-0070.html ?
Pubsub Xep 0060
- Business logic splitup?
- Ability for remote sites to get affiliated with specific parts of user
- Move non-core use cases to separate spec
[demo from Stefan de Konink]
HTTP and the Web
- Dave Cridland describes his talk from Saturday
- HTTP is weak on security, especially endpoint authentication
- What if you used your JID for single sign-on?
- Some aspects of web applications are convoluted but could be
simplified by using XMPP
- noted: we could do this already, just need to build the API and
specify the wire protocol
- old browser problem - solved via realtime updates to browsers a la Chrome
- could this just leverage BrowserID (an alternative auth method)
- could also provide background notifications
- what services can XMPP provide?
- strong authentication
- real-time / background notifications
- what's needed:
- browser plugins (might be able to borrow from msgboy?)
- some specs to fill current gaps
- current Chrome UI: log into your browser with your gmail ID
- "this website wants to see your presence" (directed, subscription,
- World IPv6 Day 2012
- put out a call for participation
- prep servers, clients, libraries
- xmpp.org / jabber.org access at the bunker
- poke operators at xmpp.org about servers that are live
Server Directories (XEP-0309) and Incident Reporting (XEP-0267)
- How to solve drive-by shootings in MUC rooms?
- pending state before your presence is shared in the room?
More information about the Summit