Logs for jdev
[00:12:51] * stpeter left the chat.
[00:14:21] * Treebilou left the chat.
[00:14:26] * Treebilou joined the chat.
[00:22:53] * scippio left the chat.
[00:26:05] * teo1 left the chat.
[00:26:06] * teo1 joined the chat.
[00:33:51] * jcea left the chat.
[00:46:10] * hawke left the chat.
[00:57:00] * Tobias joined the chat.
[00:57:33] * Tobias left the chat.
[01:05:45] * jameschurchman joined the chat.
[01:12:36] * darkrain_ left the chat.
[02:34:08] * tofu left the chat.
[03:25:39] * jameschurchman left the chat.
[04:22:11] * misha left the chat.
[05:26:21] * bartender left the chat.
[05:26:33] * bartender joined the chat.
[05:38:24] * niekie left the chat.
[05:42:16] * lastsky joined the chat.
[05:43:45] * lastsky left the chat.
[05:54:40] * gigam left the chat.
[06:08:53] * Treebilou left the chat.
[06:50:45] * teo1 left the chat.
[06:50:46] * teo1 joined the chat.
[07:35:06] * Alex joined the chat.
[07:38:38] * nw joined the chat.
[07:46:15] * Zash joined the chat.
[07:51:28] * nw left the chat.
[08:16:08] * luca tagliaferri joined the chat.
[08:22:48] * nabatt joined the chat.
[08:25:19] * bear left the chat.
[08:25:20] * bear joined the chat.
[08:25:50] * tkoski joined the chat.
[08:25:59] * tkoski left the chat.
[08:33:10] * bartender left the chat.
[09:03:28] * Zash left the chat.
[09:09:11] * Tobias joined the chat.
[09:09:51] * Tobias left the chat.
[09:17:13] * Treebilou joined the chat.
[09:17:58] * Treebilou left the chat.
[09:18:05] * Treebilou joined the chat.
[09:24:06] * Tobias joined the chat.
[09:25:14] * misha joined the chat.
[09:30:57] * misha left the chat.
[09:31:00] * misha joined the chat.
[09:32:07] * mlundblad joined the chat.
[09:36:24] * misha left the chat.
[09:36:27] * misha joined the chat.
[09:50:24] * misha left the chat.
[09:50:27] * misha joined the chat.
[10:03:16] * bartender joined the chat.
[10:54:29] * bear left the chat.
[10:54:30] * bear joined the chat.
[11:03:17] * nabatt left the chat.
[11:06:37] * Tobias left the chat.
[11:06:43] * nabatt joined the chat.
[11:07:03] * Tobias joined the chat.
[11:21:02] * Neustradamus joined the chat.
[11:22:11] * naw joined the chat.
[11:26:34] * Tobias left the chat.
[11:28:22] * Tobias joined the chat.
[12:32:58] * jameschurchman joined the chat.
[12:45:06] * Tobias left the chat.
[12:49:06] * teo1 left the chat.
[12:52:38] * Tobias joined the chat.
[13:03:05] * Link Mauve left the chat.
[13:05:13] * scippio joined the chat.
[13:08:28] * Link Mauve joined the chat.
[13:10:18] * jameschurchman left the chat.
[13:15:38] * bob joined the chat.
[13:15:43] * bartender left the chat.
[13:29:06] * teo1 joined the chat.
[13:41:48] * Asterix left the chat.
[13:43:33] * petermount joined the chat.
[14:52:22] * Asterix joined the chat.
[15:12:27] * bob left the chat.
[15:21:39] * Alex left the chat.
[15:24:31] * mlundblad left the chat.
[15:41:39] * stpeter joined the chat.
[15:57:40] * dbanes joined the chat.
[16:18:15] * nabatt left the chat.
[16:22:27] * Zash joined the chat.
[16:30:42] * darkrain_ joined the chat.
[16:50:14] * dbanes left the chat.
[17:18:20] * scippio left the chat.
[17:24:38] * tofu joined the chat.
[17:25:48] * luca tagliaferri left the chat.
[17:31:47] * Tobias left the chat.
[17:40:16] * naw left the chat.
[17:51:48] * petermount left the chat.
[18:04:43] * lance joined the chat.
[18:05:44] * lance left the chat.
[18:06:43] <louiz’> is there consideration about standardizing something like that http://onesocialweb.org/spec/1.0/osw-vcard4.html
[18:06:43] * l-fy left the chat.
[18:08:10] <louiz’> I think that's a big issue of the curent vcard (or even vcard4): no access control
[18:08:38] <louiz’> Though, :
7.2.1 Access control
The access control element used in this specification is described in a separate document.
I cannot find this separate document
[18:21:57] <Zash> Didn't someone mention vcard4?
[18:22:11] <Zash> http://xmpp.org/extensions/inbox/vcard4.html
[18:22:25] <Zash> louiz’: Or did you mean the access control stuff only?
[18:22:53] <louiz’> I just saw that vcard4 was in the inbox, but I was disappointed that there is no access control stuff in it.
[18:23:09] <louiz’> My question is more about the access control stuff.
[18:23:14] <Zash> ACL-stuff should be separate and generic imoho
[18:23:23] <louiz’> indeed
[18:23:30] <Zash> whatsitcalled
[18:23:40] <Zash> labels
[18:23:42] <Zash> thingy
[18:23:45] <Zash> !xep labels
[18:24:14] <louiz’> http://xmpp.org/extensions/xep-0258.html ?
[18:24:19] <Zash> yes
[18:25:22] <Zash> Not that is ACL in itself
[18:25:28] <Zash> that that*
[18:27:49] <louiz’> This seem to be different
[18:28:04] <Zash> This? Security Labels?
[18:28:15] <Zash> Or OSWs stuff?
[18:28:33] <louiz’> Security Labels seems to be different for what would be needed to have "access control" on vcard4 or stuffs like that
[18:28:42] <louiz’> different from*
[18:30:51] <Kev> louiz’: Are you talking about fine-grained who-can-see-which-field stuff, or just who-can-see-my-vcard?
[18:31:01] <Kev> Because the latter is provided in the vcard4 XEP.
[18:31:09] <Zash> Wait, it is?
[18:31:11] <Kev> (By association of being pubsub)
[18:31:13] <Zash> oh, wrong way
[18:31:34] <louiz’> Kev, the first.
[18:32:01] <louiz’> Kev, ah. The vcard4 XEP says
The vCard information published to one's XMPP server is world-readable; therefore, users should exercise due caution when
determining what information to include (e.g., street addresses, personal telephone numbers, or email addresses).
[18:32:20] <louiz’> But, anyway, yeah: I’m talking about a more fine-grained thing
[18:32:46] <Zash> Security labels per field ;)
[18:34:59] <louiz’> This XEP is really confusing, for me :/
[18:35:58] <Kev> Which?
[18:36:06] <louiz’> http://xmpp.org/extensions/xep-0258.html Security labels
[18:36:30] <Kev> What's confusing about it?
[18:37:13] <louiz’> <displaymarking fgcolor='black' bgcolor='green'>UNCLASSIFIED</displaymarking>
This strange stuff, for example
[18:37:38] <Zash> http://www.celsias.com/media/uploads/admin/new-top-secret.jpg
[18:37:46] <Kev> louiz’: What's strange about it?
[18:38:58] <Kev> louiz’: That's display markup for the label.
[18:39:07] <louiz’> Yeah, is that useful?
[18:39:22] <louiz’> Well, for example, is there a way to tell « This field can be viewed by people in my roster in this group, and modified by
this and that JIDs »?
[18:39:35] <Zash> It's the XMPP version of those TOP SECRET stamps
[18:39:40] <Kev> That has nothing to do with labels, louiz’.
[18:39:55] <Kev> Labels are about saying what classification a message has.
[18:40:08] <louiz’> Then what I’m looking for has nothing to do with this XEP
[18:40:11] <Kev> e.g. "This document (message) is COSMIC TOP SECRET"
[18:40:14] <Kev> That's correct.
[18:40:32] <louiz’> That’s what I thought. And why I was confused by
19:26:56 Zash> Security labels per field ;)
[18:41:49] <Kev> I think what Zash was saying was that if you assigned your fields TOP SECRET, your server could ensure it only ships them
to people who have appropriate clearance.
[18:41:54] <Kev> I don't think he was making a serious suggestion.
[18:42:04] <Zash> louiz’: Each field has a label, which is connected to some policy, and then filterd out by the server based on that policy
[18:42:24] <louiz’> Yeah but you have to define policies, etc.
[18:42:48] <Zash> Kev: It would be annoying to loop throug each field and stuff right? :/
[18:43:06] <louiz’> We would need some already-written policies (like "people in this roster can/cannot access this") and apply them to the fields/nodes/items
[18:45:48] <louiz’> http://onesocialweb.org/spec/1.0/osw-activities.html#sect-id2404230 something like that, in fact
[18:47:17] * naw joined the chat.
[18:48:48] <Kev> louiz’: Right, that's terrible overkill for the majority of current vcard uses, though.
[18:50:29] <Zash> Could you have multiple nodes with diffrent '60 acl stuff?
[18:50:59] <louiz’> Kev, yes, but that could be reusable for, say, microblogging and stuffs like that
[18:51:32] <louiz’> Zash, what do you mean?
[18:53:39] <Zash> louiz’: Imagine one public and one private version of your vcard
[18:54:31] <louiz’> hum
[18:54:34] <louiz’> Why?
[18:54:54] <Zash> Why do you want ACLs?
[18:54:57] <louiz’> Only a single vcard, with some private fields (phone etc) and some public (name etc), no?
[18:55:46] <louiz’> For example, I cannot put my phone number in my vcard for my contact (more precisely the one in the "friends" group) to know,
without exposing it to everyone on the internet
[18:55:58] <louiz’> (for example, to anyone in the MUCs I’m in)
[18:57:23] <louiz’> The current vcard state is: noone knows or everyone does.
[18:57:28] <louiz’> And that’s a problem, I think
[19:01:41] <Zash> That actually reflects all information now ;P
[19:02:24] <Kev> louiz’: No, that's not what it means.
[19:02:47] <Kev> louiz’: It's 'you either know none of it, or you know all of it', which is different to 'no-one knows or everyone knows'.
[19:03:09] <louiz’> Yeah, in the vcard4 version, you're right
[19:03:18] <louiz’> (I was talking about vcard-temp, in my head)
[19:03:31] <louiz’> That’s better, but not quite good, IMO…
[19:04:31] <Kev> Yes, there are obvious cases where one would want to have different access to different bits of a vcard.
[19:04:40] <Kev> Or different vcards for different people.
[19:05:08] <louiz’> Yes, that, too. But that’s different from “Access-control”
[19:05:20] <louiz’> That’s specific to vcard
[19:05:35] <Kev> Yes, because we have generic access control for items already.
[19:05:36] <louiz’> While access-control could be a 0060 extension
[19:05:56] <Kev> -60 already has access controls.
[19:06:16] <Kev> It's just that vcard is special and has many data within one item, with different levels of sensitivity.
[19:06:18] <Zash> But not random child element acl
[19:06:39] <louiz’> You’re right
[19:06:51] <louiz’> I forgot Vcard4 was just one big item
[19:06:58] <Kev> Zash: No, try and force that into -60 as well and I'll veto your arse to hell and back :)
[19:07:14] <Zash> Kev: :D
[19:09:53] <Zash> Kev: But how would one solve it?
[19:10:38] <stpeter> I knew that someone would want per-field ACLs on vCard data....
[19:10:39] <Kev> For vcard, or the general case?
[19:10:59] <Kev> For vcard I think we write a vcard-acl XEP.
[19:11:01] <louiz’> stpeter, :)
[19:11:22] <Kev> For the general case, I think we don't until there's a really compelling reason to, and then write some monstrosity involving
xpath that no-one will ever implement.
[19:11:28] <stpeter> the personal-telephone node vs. the work-telephone node, etc.
[19:12:31] <Zash> We could come up with some monstrosity involving publishing some XSLT stuff that gets applied with some parameters...
[19:12:34] <louiz’> In fact, yes. I don’t see why onesocialweb is using acl for the activitystreams item, since this does concerne the item as
a whole, and 0060 already has that feature…
[19:13:02] <louiz’> s/In fact/Actually/ (I must stop doing that)
[19:13:10] <Zash> Per _item_?
[19:13:30] <louiz’> Yeah, per *item*. Why?
[19:13:53] <Zash> As opposed to per node
[19:14:06] <louiz’> Isn’t that possible with 0060?
[19:14:56] <Zash> I'm not sure, haven't learned the entire ting by heart yet ;)
[19:15:47] <stpeter> /me goes back to reviewing https://datatracker.ietf.org/doc/draft-bryan-metalinkhttp/?include_text=1 for tomorrow's IESG telechat
[19:16:03] <Zash> Oh?
[19:17:16] <Zash> Isn't that sorta like ... something that's called something
[19:17:21] <stpeter> :)
[19:17:38] <Zash> magnet links
[19:17:42] <Zash> was I thinking of
[19:17:57] * Ludovic joined the chat.
[19:18:04] <Zash> Which isn't that
[19:19:36] <louiz’> So, who’s writting this vcard-acl XEP? :)
[19:20:31] <Zash> Extract it from the OSW spec
[19:20:50] <stpeter> even http://xmpp.org/extensions/xep-0154.html didn't do per-field ACLs
[19:20:59] <louiz’> The acl part of the OSW spec is really really poor…
[19:21:41] <louiz’> (only two examples)
[19:21:53] <Zash> Don't they have a separate spec too
[19:22:00] <louiz’> I did’nt find it
[19:23:59] <stpeter> and how is the user going to manage these ACLs? IMHO only a very small percentage of users will want (and use) this feature
[19:24:34] <Zash> A public and a friends-only version of your vcard?
[19:25:21] <louiz’> This could be used, for example, on “social-network” (diaspora, OSW, etc) to have a profil with some private stuffs
[19:25:48] <louiz’> And how they manage that… Well, by clicking on the "manage access control" next to the field :p
[19:26:39] <louiz’> And if they don’t care, this does’nt change anything and would’nt bother them
[19:26:43] <Zash> Why wasn't '154 adopted by anyone?
[19:28:33] <Kev> stpeter: That may be true. Quite a few people use Facebook's ACL stuff, though, and that's pretty impenetrable.
[19:29:10] <louiz’> impenetrable?
[19:29:31] <Kev> louiz’: Yes.
[19:29:48] <louiz’> What is? (what cannot be penetrated?)
[19:29:57] <louiz’> Sorry for my bad english…
[19:30:06] <Kev> The ACL configuration stuff in Facebook is not straightforward.
[19:30:11] <louiz’> ah, ok
[19:31:12] <louiz’> Never used it, I don’t know. But a simple "this field is accessible by Everyone/The people in these groups: A, B, C”. I don’t
see where this is complicated
[19:37:52] <louiz’> And for the “Only a few people will want and use this feature”. This is maybe the main missing feature when I have a “XMPP
vs something else” discussion with someone…
[19:38:55] <louiz’> I’ve already seen some people complaining about this lack of privacy in vcard-temp (from power users and also from lambda
users)
[19:42:10] * Tobias joined the chat.
[20:50:35] * Tobias left the chat.
[20:54:09] * Tobias joined the chat.
[20:59:01] * deryni left the chat.
[21:00:07] * Zash left the chat.
[21:06:30] * Zash joined the chat.
[21:09:31] * mlundblad joined the chat.
[21:54:07] * scippio joined the chat.
[21:55:13] * naw left the chat.
[22:07:10] * deryni joined the chat.
[22:09:44] * Zash left the chat.
[22:12:17] * Ludovic left the chat.
[22:13:29] * bear left the chat.
[22:13:30] * bear joined the chat.
[22:41:36] * evilotto left the chat.
[23:03:40] * Tobias left the chat.
[23:04:19] * jcea joined the chat.
[23:05:33] * jcea left the chat.
[23:32:04] * mlundblad left the chat.