[JDEV] DotGNU/Jabber Meeting of Oct 12

[Adam Theo]

Hi, all. Another successful Jabber/DotGNU meeting. here's the log:
please send me your requests for dates (thirsday or friday) and times 
(any time) for a regular weekly meeting.


[17:48] <theo> ok, bringing up the Agenda...
[17:51] <theo> first item: inter-process communication.
[17:51] %% ajmitch has joined
[17:51] <theo> i'm quite sure jabber can be used for routing of XML 
around the net,
[17:51] <theo> hi, ajmitch  :)
[17:52] <theo> does anyone from dotgnu have any comments about what 
dotgnu needs?
[17:53] %% allgaier2 has joined
[17:53] <nb> My comment would be that we don't need this urgently at all :-)
[17:53] %% rs has joined
[17:53] <chillywilly> er?
[17:53] <theo> ok, why do you say that?
[17:53] <chillywilly> sure we do
[17:54] <chillywilly> can jabber route SOAP?
[17:54] <nb> The urgent objective is to build a webservices platform 
that is copyleft and that can compete with .NET
[17:54] <theo> nb: you don't think that dotGNU needs XML routing right now?
[17:54] <chillywilly> dude and how do you expect the pieces to talk to 
each other?
[17:54] <nb> Yes, that is an urgent need.
[17:54] <WeAreAllJesse> Err..uhh...what is dotgnu?
[17:54] <theo> chilly: yep, jabber can route SOAP, and XML-RPC, and any 
other text...
[17:54] <theo> Jesse:
[17:55] %% fingolfin has joined
[17:55] <chillywilly> http://dotgnu.org
[17:55] <theo> sorry, dotGNU is a platform being developed by GNU and 
FreeDevelopers to provide web services, authentication, identity, etc...
[17:55] <theo> in response to Microsoft's .NET project.
[17:55] <fingolfin> the core of Jabber (which used to be called etherx) 
is essentially a XML routing system
[17:55] <chillywilly> http://goats.gnue.org/~chilywilly/gcomm/ is 
something I am starting
[17:55] <nb> chillywilly: First we need to need to have pieces running 
that do something useful.
[17:56] <WeAreAllJesse> And I guess that thing that AOL was working on 
to compete with .NET
[17:56] <chillywilly> but dave and I gave it a different name ;)
[17:56] <theo> fin: right. Jabber is all about XML routing.
[17:56] <chillywilly> nb: a distributed object system is needed
[17:56] <nb> And in order to be able to run code remotely, we need a 
secure execution environment and an auth system.
[17:56] <nb> Those are the top priorities.
[17:57] <chillywilly> nb: yea, but I am not gonna be doing either one of 
those right now...
[17:57] <theo> nb: hm... ok, understood. let's move onto that now, 
Authentication.
[17:57] <nb> chillywilly:  I agree about hte need for a distributed 
object system...
[17:57] <theo> too bad Mike Hearn is not here,
[17:57] <theo> he's the local spearheader of authentication.
[17:57] <nb> but that isn't the top priority right now...
[17:58] <theo> mike has worked out a complete auth system,
[17:58] <rs> chillywilly:the link you posted returns a 404
[17:58] %% fingolfin has left
[17:58] <chillywilly> hmmmm
[17:58] <nb> I'd be happy to disucss this with you in some detail at 
another occasion :-)
[17:58] %% fingolfin has joined
[17:58] <theo> that uses tokens. digging up mike's stuff now..
[17:58] <fingolfin> yet another auth system? :)
[17:59] <theo> haha,
[17:59] <nb> I have a list of ten possible auth systems that exist or 
are under development.
[17:59] <theo> over on the jabber lists there have been alot of talk 
about authentication.
[17:59] <theo> we are getting ready to create a auth framework for jabber,
[17:59] <nb> One item on my list is "Jabber auth" ...
[18:00] <nb> I'd really love to learn more about this. :-)
[18:00] <theo> that will provide a basic framework, and allow "modules" 
to be plugged in to do certain types of auth, like Kerberos, or my 
Immier plan, or mike's Ticket plan, etc...
[18:00] <fingolfin> jabber has a nice 0k auth system, and jer just added 
in the last missing piece to it :)
[18:00] <fingolfin> theo: that sounds good
[18:00] <theo> fin: oohh... awesomwe.
[18:00] <fingolfin> theo: one hint, though, try to keep it ... implementable
[18:00] <theo> yes, i agree.
[18:01] <fingolfin> i.e. with jabber we tried to keep it such that 
clients are easy to implement
[18:01] <nb> How much momentun does the Jabber auth project have?
[18:01] <theo> alot now.
[18:01] <fingolfin> I guess I could add 0k auth/registration to 
JabberFoX within a couple of hours (if I had that time...)
[18:01] <theo> and nb:
[18:02] <theo> "Jabber Auth" is turning out to be a framework that 
allows different ways and models of authentication.
[18:02] <theo> so dotGNU could develop a auth system that works best for 
it, and use that within dotGNU,
[18:02] <nb> Do you have a website about it?
[18:02] <theo> while remaining 100% interoperable with other "jabber 
auth" systems.
[18:02] <theo> currently the only info is the webbed logs of the lists,
[18:03] <theo> which i'm bringing up now.
[18:03] <fingolfin> uhm
[18:03] <fingolfin> if you mean websites about jabber's 0k, there are 
plenty, or do you mean the auth architecture in general?
[18:04] <fingolfin> erhm, plenty -> two, one for 0k auth, one for 0k reg :)
[18:04] <theo> some threads:
[18:04] <theo> 
http://mailman.jabber.org/pipermail/jdev/2001-September/008599.html
[18:05] <theo> 
http://mailman.jabber.org/pipermail/jdev/2001-September/008616.html
[18:05] <theo> ah, hell, this entire month archive: 
http://mailman.jabber.org/pipermail/jdev/2001-September/thread.html
[18:05] <theo> and this last month's: 
http://mailman.jabber.org/pipermail/jdev/2001-October/thread.html
[18:06] <theo> that is all on general distributed auth system framework 
in jabber
[18:06] <theo> fin: and what about Jabber's auth OK system?
[18:06] <theo> in docs.jabber.org?
[18:06] <nb> Would there be any chance of finding a Jabber person who 
would be interested in porting some of the work that is done in the 
Jabber community to make it available under DotGNU?
[18:07] <theo> you mean code?
[18:07] <theo> yes, quite sure.
[18:07] <theo> i'll ask around for you, if you want,
[18:08] <theo> or you could drum up support by subscribing to the 
jdev at jabber.org list...
[18:08] <theo> http://mailman.jabber.org/jdev
[18:08] <nb> You know, DotGNU auth is really like a horse race...
[18:08] <theo> ack,
[18:08] <theo> http://mailman.jabber.org/listinfo/jdev
[18:08] <theo> how so?
[18:08] <nb> several auth projects running and we'll see which one runs 
best.
[18:09] <theo> yes, my thoughts, too.
[18:09] <theo> but here's a suggestion:
[18:09] <nb> I think a jabber-based project would have very good chances 
to gain very good momentum.
[18:09] <fingolfin> theo: wait, I can post in two links regarding 0k
[18:09] <theo> heavily work with us on developing this common framework.
[18:09] <theo> if the framework itself comes out to your liking (is very 
flexible and secure enough)
[18:09] %% WeAreAllJesse has left
[18:09] <fingolfin> http://docs.jabber.org/draft-proto/html/zerok.html
[18:10] <fingolfin> http://core.jabber.org/white/zerokreg.sgml.html
[18:10] <theo> then just take the ideas you had for dotGNU, and turn 
them into "modules" for this jabber auth framework.
[18:10] <theo> then let them conmpete.
[18:10] <nb> In what language are you implementing in, and what license 
are you using?
[18:10] <chillywilly> is this a good doc t start reading to learn jabber?
[18:10] <theo> this would be better, IMO, b/c it would ensure 
interoperability between all of them,
[18:10] <chillywilly> the have their own license
[18:10] <chillywilly> JOSL
[18:10] <fingolfin> w/o being involved into dotgnu, I think dotGNU could 
profit from the existing Jabber implementations & work already done; and 
Jabber could profit from dotGNU on the long run, too
[18:11] <nb> Even is the short run...
[18:11] <fingolfin> JOSL is similiar to the Mozilla license
[18:11] %% allgaier2 has left
[18:11] %% dirkx-mac has left
[18:11] <theo> implimentations: there is the Jabber Open Source Server, 
covered by the JOSL and written in C.
[18:11] <fingolfin> chillywilly: the two docs I posted are probably not 
goot to start learning jabber :)
[18:11] <theo> there is also a Java server starting up,
[18:11] <nb> Foir example there will be a conference the the cyberspace 
policy institute at George Washington University early next year...
[18:11] <rs> chillywilly:http://docs.jabber.org
[18:11] <theo> and a Python server.
[18:12] <theo> i don't know about their licensing, though.
[18:12] <chillywilly> nb: another one?
[18:12] <fingolfin> nb: I don't think so, unless dotGNU manages to do a 
lot on the shortrun, and then it would be the first project of this kind 
to do so :) but maybe mid run? :)
[18:12] <theo> and i have [plans for a Perl implimentation written in 
Kuhn's Artistic License 2.0
[18:12] <nb> Yes, another one specifically about auth and virtual ID.
[18:12] <chillywilly> no copyleft?
[18:13] <nb> The important people in Washington are very interested in 
that kind of thing now.
[18:13] <theo> chilly: i don't know. the Jabber Open Source Server is 
not copyleft, no, but the others might.
[18:13] <nb> For DotGNU copyleft is very important.
[18:13] <theo> [18:12] <dyfet> Since even the Mozilla project eventually 
was forced to consider this, would this end up being dual licensed?
[18:14] <theo> i don't think the JOSS will be open sourced,
[18:14] <nb> In fact anything other than GPL is likely to be a major 
obstacle.
[18:14] <theo> but i do think there will be both the Jabber Open Source 
Server in the JOSL, and a GNU Jabber server(s) in the GPL,
[18:14] <theo> each would take different approaches to doing Jabber, i 
think,
[18:15] <chillywilly> hey this standard is open so you could implement 
it any way you like
[18:15] <chillywilly> with whatever license you like
[18:15] <theo> and i'm sure there will be programmers working on the 
JOSS now that will give their code to the GNU implimentation,
[18:15] <theo> chilly: yep, exactly.
[18:16] <theo> the specs are open. anyone can impliment under any license.
[18:16] <chillywilly> it is nice to have GPL'd jabber stuff though...for 
dotgnu anyway
[18:16] <theo> yep, and it will happen, i'm sure.
[18:16] <theo> there are already GPL'ed clients...
[18:16] <theo> quite a few, in fact.
[18:16] <theo> so, licensing won't be an issue, i think.
[18:17] <theo> jabber is 100% open, so implimentations can be any license.
[18:17] <theo> and there will be quite a number of coders that will give 
their current JOSL code to GPL, i'm sure.
[18:18] <nb> So the main issue would be to find project leaders who are 
knowledgeable abou the Jabber stuff, and well-connected in the Jabber 
community?
[18:18] <theo> so, next business: authorization and access control.
[18:18] <theo> nb: yep, although jabber is simple enough that you could 
just use the docs as a ref to build an implimentation.
[18:18] <theo> the protocol docs are self-explanitory.
[18:19] <theo> it's just a matter of deciding what tools to use to build 
the server, and what "tactics" to take in programming it.
[18:19] <theo> i'm sure the vast collective experience of the GNU 
community can produce some excellent implimentations.
[18:19] <chillywilly> what do we gain by using jabber as the messagin 
backend?
[18:19] <theo> using all GNU tools.
[18:19] <nb> In many areas of programming, experience is extremely 
important.
[18:20] <theo> for one: Jabber already exists. it is flexible, fast, and 
moderatley secure (we are working to make that *very* secure now)
[18:20] <fingolfin> chillywilly: a well-thought, tested and established 
enginge?
[18:20] <nb> I mean specific experience... I wouldn't want to bet on a 
team that is not led by a person who has specific experience related to 
jabber.
[18:21] <theo> so authorization: jabber is also working on a access 
control/permissions system.
[18:21] <theo> it is part of the "Jabber Profiles" work, run by me and 
Mike Hearn.
[18:21] <nb> How secure is your "*very* secure"?  Comparable to GnuPG?
[18:21] <theo> nb: ah, ok. gotcha. i for one am willing to help dotgnu 
programmers understand Jabber.
[18:21] <theo> nb: hopefully more secure.
[18:22] <chillywilly> thing is no mattter what someone is going to have 
to learn the jabber system
[18:22] <theo> nb: one of the goals of Heg (here in the room) is to 
tuirn Jabber into a real-time e-commerce b2b platform,
[18:22] <theo> to do large and very sensitive financial transactions and 
verifications.
[18:22] <nb> That's good to hear.
[18:23] <theo> he wants it to be the infrastructure of the banking 
industru for the 21st centrury.
[18:23] <theo> yes, so i'm confident that with enough man power, 
jabber's security will only be a matter of "how secure you want it?"
[18:24] <nb> I think having a DotGNU port of his stuff would be a wise 
marketing move for him in that case.
[18:24] <theo> yep, i'm sure it would.
[18:25] <nb> You know I talked with the chairman of an industry 
consortium today...
[18:25] <theo> authorization: Jabber Profiles covers access control and 
Permissions: http://www.theoretic.com/profiles
[18:25] <nb> he told me how the credit card companies don't want to pay 
a "Microsoft tax"...
[18:25] <theo> hm..... very interesting... very good.
[18:26] <nb> but each copany is currently most interested in developing 
their own stuff and then pushing it as a standard.
[18:26] <theo> i'm going to be attending the "Open Source in Banking and 
Finance" conference in early november.
[18:26] <theo> hope to make lots of contacts there.
[18:26] <nb> It's *not* going to be easy for us to break into that kind 
of market.
[18:26] <theo> next on the list: registration/subscription infrastructure.
[18:26] %% rs has left
[18:27] <theo> nb: i agree. but it can be done with smart marketing and 
packaging.
[18:27] <theo> registration:
[18:27] <theo> nb, what do you think of jabber providing the 
infrastructure for registration and subscription to servives for dotgnu?
[18:28] <nb> Really the only way to build credibility is via conference 
in mainstream venues such as CPI.
[18:29] <nb> Theo: what exactly do you mean with "registration and 
subscription"?
[18:29] <theo> hm...
[18:29] <theo> in jabber, this sort of thing will be very flexible,
[18:29] %% fingolfin has left
[18:29] <nb> I think people will expect to sign up to all kinds of 
services via forms on websites...
[18:29] <theo> a Pub/Sub working group was just created to discuss this 
sort of thing, but...
[18:30] <nb> that's what webmasters and customers are used to today.
[18:30] <theo> i mean registrations as in becomming a "dotgnu member". 
getting an account, etc...
[18:30] <theo> and subscriptions as in signing up to get stock quotes, 
or calendaring services, etc.
[18:31] <theo> both of which could be managed as the userb wants, likely 
from a central "location" (like their home computer)
[18:31] %% chillywilly has left
[18:31] <nb> If you want to push any other solution (different from HTML 
forms) that's going to be a tough sell I think.
[18:31] %% chillywilly has joined
[18:31] <theo> possibly.
[18:31] <theo> and this will lead into jabber and dotgnu's solutions to 
'winforms'.
[18:32] <nb> What are "winforms" ?
[18:32] <theo> i think they are microsoft's "solution" to merging the 
web with the desktop.... in a UI perspective.
[18:33] <theo> a common "spec" that can be used to create forms on a 
website or a local application, also create websites that look and act 
like a desktop app.
[18:33] <theo> basically universal, "cross platform" form mark up.
[18:34] <theo> [18:33] <dyfet> in other words new form tags for windows 
ui elements?
[18:34] <theo> dyfet: yep, exactly.
[18:34] <theo> i guess i should start wrapping this meeting up,
[18:34] <chillywilly> i was reading about how they xml would lead to a 
standardized UI markup language
[18:35] <theo> and saving the rest for next week (which should hopefully 
go off smoother  :-)
[18:35] <theo> yes,
[18:35] <chillywilly> ya, maybe dave can say something in here
[18:35] <chillywilly> :P
[18:35] <theo> there are a number of alternatives:
[18:35] <theo> XUL, wxWindows, XForms, etc...
[18:36] <theo> [18:35] <dyfet> figures...i will have to see how that 
works its way thru w3c!
[18:35] <dyfet> lol
[18:36] <theo> ok, i think this will be a wrap.
[18:36] <theo> it gives us alot to chew about,
[18:36] <theo> and i think the most important thing from this meeting 
was the talk about licensing and implimentations.
[18:37] <chillywilly> time to hack!
[18:37] <chillywilly> for those of us who have no lives
[18:37] <theo> now everyone understands how a dotgnu implimentation can 
work.
[18:37] %% allgaier2 has joined
[18:37] <theo> legally-wise  :)
[18:38] <nb> Theo, can you put David and me in touch with the key people 
in the auth and ecommerce-related Jabber projects?
[18:38] <theo> so, any last comments? i'll be posting this archive to 
the web, to both jabber and dotgnu lists...
[18:38] %% chillywilly has left
[18:38] <theo> nb: no prob.
[18:38] <theo> i'll get you hooked up over the next 2 days.
[18:38] <nb> Sounds great... thanks!
[18:38] <theo> <dyfet> Actually this was informative, even with this 
annoying problem.  We absolutely should talk more.
[18:39] %% allgaier2 has left
[18:39] <theo> dyfet: i agree...
[18:39] <theo> i will make this a regular, weekly thing.
[18:39] <theo> is Friday or Thursday best for everyone here?
[18:39] <theo> and what about time? like now or earlier?
[18:40] <theo> [18:39] <dyfet> And I will fix my client if its at my end...
[18:40] <theo> dyfet: i'll help you,
[18:40] <nb> If it's Friday, then I'd request that it shouldn't be earlier.
[18:40] %% chillywilly has joined
[18:41] <theo> ok,
[18:41] <nb> On Thursdays essentially any time can be arranged, in most 
weeks.

-- 
    /\    -- Adam Theo, Age 22, Tallahassee FL USA --
   //\\   Theoretic Solutions (http://www.theoretic.com)
  /____\    "Software, Internet Services and Advocacy"
/--||--\ Personal Website (http://www.theoretic.com/adamtheo)
    ||    Jabber Open IM (http://www.jabber.org)
    ||    Email & Jabber: adamtheo at theoretic.com
    ||    AIM: AdamTheo2000   ICQ: 3617306   Y!: AdamTheo2
  "A free-market socialist computer geek patriotic American buddhist."