close
  • chevron_right

    Erlang Solutions: Blockchain Tech Deep Dive 1/4

    news.movim.eu / PlanetJabber · 5 days ago - 16:36 · 6 minutes

INTRODUCTION

Blockchain technology is transforming nearly every industry, whether it be banking,  government, fashion or logistics. The benefits of using blockchain are substantial – businesses can lower transaction costs, free up capital, speed up processes, and enhance security and trust. So it’s no surprise that more and more companies and developers are interested in working with the technology and leveraging its potential than ever before.

This blog post series will cover some of the thinking from Erlang Solutions’ subject matter experts on blockchain technology published over the last couple of years. Across four main themes, we will explore how companies and developers are working with blockchain, the principles behind the technology, what we can expect in the future and where we all fit into things.

Theme I – 6 Principles – Blockchain Guidance

Theme II – Blockchain Myths vs Reality

Theme III – Digital Asset Ownership

Theme IV – How Erlang Optimises Blockchain

Blockchain – an overview

The world is becoming decentralised.

A multitude of platforms, technologies, and services are moving from centralised proprietary systems to decentralised, open ones. This is being driven by several powerful social and psychological factors which you can find discussed later in Blockchain: Myths vs Reality and Digital Asset Ownership in the Era of Blockchain by Dominic Perini and MIchael Jaiyeola.

A blockchain is one architectural design of the broader concept of distributed ledger technology (DLT). Essentially, a blockchain is an expanding list of cryptographically signed, irrevocable transactional records that are shared by all participants in a network. Each record is time-stamped and references links to previous transactions. Anyone with access rights can trace back a transactional event, at any point in its history, belonging to any participant.


For organisations, blockchain presents an opportunity for a fundamental change in how data is managed; from where every company has its own copy of a data set to a scenario in which all parties in a network have controlled access to a shared copy.

The key benefit of this is that traditional independent institutions can collaboratively work together to integrate and optimise existing processes to mutual advantage while, crucially, not compromising on the security of sensitive data.

We view it as vital that relevant parties from every industry are across the latest in debate surrounding blockchain as the technology is set to become increasingly prevalent in all of our lives.

Theme I

6 Principles – Blockchain Guidance

1. Software Engineering

Embrace the best practices in software engineering, in particular, the exploitation of functional programming and the design patterns that emerge from it. Develop and optimise code that speeds up the software development process, its evolution and adaptation, delivering on critical time-to-market business requirements, which is essential when it comes to blockchain!

Take a modern approach to test ensuring that a high degree of quality is preserved throughout the lifecycle of a system. Leverage auto-generated Property-Based Test and continuous stress tests combined with traditional Test-Driven Development.

Empower your software engineers to embrace modern agile software development methodologies that support scaling the workforce whenever and however needed. Practising agile ways of deployment automation, type checks, sensible naming conventions and documentation is extremely important, especially during handovers or when onboarding new developers.

Distributed Systems

Work with engineers previously involved in the development of massively scalable systems. Their experience working on messaging systems or distributed databases gives you the confidence that they will choose the correct partitioning, sharding and replica parameters.

The need for engineering highly scalable and distributed systems has grown, and this is what we do every day. Building distributed systems to cater to billions of users and transactions on a daily basis. Delivering solutions that are resilient against node crashes or bad actors, and therefore exclude single points of failure.

“Having numerous clients around the globe spanning from startups to Fortune 500 companies, Erlang Solutions has gained invaluable experience and thrives when working on complex cases and providing solutions to distributed systems.”

Yanislav Malahov, æternity founder

Networking

Find a team with vast experience in growing automated network traffic management and dynamic topologies. Check if their monitoring capacity and expertise can be embedded to allow adaptation to changing scenarios, and identify problems before they occur (preemptive adaptation).

Does their approach also ensure that back-pressure control protects the system’s capacity against overloads and increases its robustness? These modern approaches are valid for centralised, decentralised and distributed peer-to-peer (p2p) networks, often associated with bespoke service discovery mechanisms, and should be something that you clear with your team early on.

Security & Resilience

Make sure that you have the right people to monitor your system and repair mechanisms, and strategies using important resilience components. Dedicated secure p2p protocols, static analysis and property-based testing are among the techniques you should adopt to drive the security of a system. Information validation is used to protect against the man in the middle (MitM) attacks. Back pressure mechanisms protect against distributed denial of service attacks (DDOS).

Both symmetrical and asymmetrical encryptions are used to achieve the highest level of security possible. It’s also worth checking on hardware security ensuring that sensitive private keys are only accessible via hardware security modules (HSM).

Erlang is a high-level language that avoids a lot of the security issues that are an issue with C/C++ (no buffer overflows, no dangling pointers, etc)

Dal Gemmell, Head of Product at Helium Inc.

Integration

‘Blockchain needs to be integrated into existing technology to be usable and affordable.’
Arzu Toren, Global Banker

Integrating applications on top of complex backends, as well as providing synchronous and asynchronous interfaces among backends, is a serious job. So it’s worth checking if your team uses frontend facing APIs such as REST and Websocket to implement responsive applications. They should comply with industry standards for compatibility and security to drive message exchanges on top of a variety of AMQP and JMS queuing mechanisms.

In the Blockchain space, we are highly competent in designing cross-chain smart contracts capable of changing anchor data to major networks such as Bitcoin, leveraging its security against history revisions. We can provide guidance to plan effective and reliable integration tests, ensuring the compliance of data validation and communication protocols is preserved throughout the development process.

Erlang can easily interface with C/C++/Rust libraries using Native Implemented Functions (NIFs), and we do that a lot to talk to cryptographic libraries and for performance-critical code.

Dal Gemmell, Head of Product at Helium Inc.

Programming Language

Engage with us as true polyglots! We specialise in Erlang and Elixir, but we are highly competent in every other language in the industry, this could be Java/Scala, JS, C/C++, Python, Rust or Go , we stay relevant!

Vast expertise in language interpretation and virtual machines has proven to be critical know-how in a variety of modern blockchain solutions.

“Erlang Solutions is renowned for its technical talent, and having already embedded some of its engineers and architects in our development team, we have no doubt that Erlang Solutions will play a crucial part in building out an extremely strong core team.”

Yanislav Malahov, æternity founder

For any business size in any industry, we’re ready to investigate, build and deploy your blockchain-based project on time and to budget.

Get in touch with your blockchain project queries general@erlang-solutions.com or via the contact us form. Stay tuned for the next theme in this series ‘Blockchain: Myths vs Reality by Dominic Perini.

The post Blockchain Tech Deep Dive 1/4 appeared first on Erlang Solutions .

  • chevron_right

    Ignite Realtime Blog: Smack 4.4.4 released

    news.movim.eu / PlanetJabber · Monday, 1 November - 18:06 · 2 minutes

We are happy to announce the release of Smack 4.4.4. Thanks to numerous contributors this patch level release includes many fixes and improvements. I’d like to especially thank the folks from Jitsi , namely Boris Grozev, Damian Minkov, Ingo Bauersachs, and Jonathan Lennox. Who tracked down multiple bugs, including a nasty concurrency bug. Furthermore, thanks to Ingo, Smack and its important dependencies jxmpp and MiniDNS are now, again, OSGi compatible.

For a high-level overview of what’s changed in Smack 4.4.4, check out Smack’s changelog .

The shortlog for the 4.4.4 release is

flo@neo-pc ~/code/smack $ git shortlog -n --no-merges 4.4.3..4.4.4 Florian Schmaus (23):      Smack 4.4.4-SNAPSHOT      [xdata] Add missing ensureAtMostSingleValue() to parseBooleanFormField      [xdata] Safe the raw character data of form field values      [caps] Use the raw character data of form fields when caclulating the hash      [pubsub] FormNode(Provider) should not fail if there is no DataForm      [socks5] Ensure that the local SOCKS5 proxy is running (if enabled)      [core] Assert that 'event' is not END_DOCUMENT in forwardToEndTagOfDepth()      [socks5] Fix javadoc of getLocalStreamHost()      [socks5] Remove stale null check      [disco] Add DisocverInfo.nullSafeContainsFuture(DiscoverInfo, CharSequence)      [muc] Check mucServicedDiscoInfo for null in serviceSupportsStableIds()      [carbons] Remove erroneous assert statement in connectionClosed()      [muc] Check for self-presence first in presence listener      [muc] Call userHasLeft() *after* the leave presence was sent      [jingle] Add empty element optimization for <content/>      [core] Pass down the XML environment in IQChildElementXmlStringBuilder      [jingle] Mimic Manager.connection() in JingleTransportManager      [jingle] Make Jingle.Builder extend IqBuilder      [jingle] Add unit test to check that there are no redundant namespaces      [build] Remove OSS Sonatype Snapshot repository      Update NOTICE file      [resources] Rename get-contributors.sh to generate-notice-file      Smack 4.4.4Ingo Bauersachs (5):      Prevent password enforcement for SASL anonymous      Fix BOSH connection establishment      Make Smack jars OSGi bundles      Add getter for the stanza associated with the exception      Add missing stream namespace to xml declarationJonathan Lennox (2):      Update documentation of default SecurityMode.      Add removeExtension methods to StanzaBuilder.Damian Minkov (1):      [muc] Also process destory message if it contains <status/>Guus der Kinderen (1):      SMACK-908: Don't use components to count tabs in DebuggerSimon Abykov (1):      Accept an empty string as the label value

As always, this Smack release is available via Maven Central .

We would like to use this occasion to point at that Smack now ships with a NOTICE file. Please note that this adds some requirements when using Smack as per the Apache License 2.0 . The content of Smack’s NOTICE file can conveniently be retrieved using Smack.getNoticeStream() .

1 post - 1 participant

Read full topic

  • chevron_right

    Ignite Realtime Blog: Push Notification Openfire plugin 0.9.0 released

    news.movim.eu / PlanetJabber · Wednesday, 27 October - 16:09

I’m happy to be able to announce that we’ve released version 0.9.0 of the Push Notifications plugin for Openfire!

This version does not bring new functionality. It does fix a bug that older versions of this plugin had, when running on Openfire 4.6.4 or later.

For other release announcements and news follow us on Twitter

1 post - 1 participant

Read full topic

  • chevron_right

    Paul Schaub: A Simple OpenPGP API

    news.movim.eu / PlanetJabber · Sunday, 10 October - 15:45 · 2 minutes

In this post I want to share how easy it is to use OpenPGP using the Stateless OpenPGP Protocol (SOP).

I talked about the SOP specification and its purpose and benefits already in past blog posts. This time I want to give some in-depth examples of how the API can be used in your application.

There are SOP API implementations available in different languages like Java and Rust . They have in common, that they are based around the Stateless OpenPGP Command Line Specification , so they are very similar in form and function.

For Java-based systems, the SOP API was defined in the sop-java library. This module merely contains interface definitions. It is up to the user to choose a library that provides an implementation for those interfaces. Currently the only known implementation is pgpainless-sop based on PGPainless.

The single entry point to the SOP API is the SOP interface (obviously). It provides methods for OpenPGP actions. All we need to get started is an instantiation of this interface:

// This is an ideal candidate for a dependency injection framework!SOP sop = new SOPImpl(); // provided by pgpainless-sop

Let’s start by generating a secret key for the user Alice:

byte[] key = sop.generateKey()        .userId("Alice <alice@example.org>")        .generate()        .getBytes();

The resulting byte array now contains our OpenPGP secret key. Next, lets extract the public key certificate, so that we can share it with out contacts.

// public keybyte[] cert = sop.extractCert()        .key(key) // secret key        .getBytes();

There we go! Both byte arrays contain the key material in ASCII armored form (which we could disable by calling .noArmor() ), so we can simply share the certificate with our contacts.

Let’s actually create an encrypted, signed message. We obviously need our secret key from above, as well as the certificate of our contact Bob.

// get bobs certificatebyte[] bobsCert = ...byte[] message = "Hello, World!\n".getBytes(StandardCharsets.UTF_8);byte[] encryptedAndSigned = sop.encrypt()        .signWith(key) // sign with our key        .withCert(cert) // encrypt for us, so that we too can decrypt        .withCert(bobsCert) // encrypt for Bob        .plaintext(message)        .getBytes();

Again, by default this message is ASCII armored, so we can simply share it as a String with Bob.

We can decrypt and verify Bobs reply like this:

// Bobs answerbyte[] bobsEncryptedSignedReply = ...ByteArrayAndResult<DecryptionResult> decrypted = sop.decrypt()        .verifyWithCert(bobsCert) // verify bobs signature        .withKey(key) // decrypt with our key        .ciphertext(bobsEncryptedSignedReply)        .toByteArrayAndResult();// Bobs plaintext replybyte[] message = decrypted.getBytes();// List of signature verificationsList<Verification> verifications = decrypted.getResult().getVerifications();

Easy! Signing messages and verifying signed-only messages basically works the same, so I’ll omit examples for it in this post.

As you can see, performing basic OpenPGP operations using the Stateless OpenPGP Protocol is as simple as it gets. And the best part is that the API is defined as an interface, so swapping the backend can simply be done by replacing the SOP object with an implementation from another library. All API usages stay the same.

I want to use this opportunity to encourage YOU the reader: If there is no SOP API available for your language of choice, consider creating one! Take a look at the specification and an API definition like sop-java or the sop Rust crate to get an idea of how to design the API. If you keep your SOP API independent from any backend library it will be easy to swap backends out for another library later in the process.

Let’s make OpenPGP great again! Happy Hacking!

  • chevron_right

    Erlang Solutions: FinTech Matters newsletter | September 2021

    news.movim.eu / PlanetJabber · Friday, 17 September - 11:44 · 4 minutes

Subscribe to receive FinTech Matters and other great content, notifications of events and more to your inbox, we will only send you relevant, high-quality content and you can unsubscribe at any time.

Read on to discover what really matters for tech in financial services right now for the Erlang ecosystem and beyond.

It’s back to school season following what was a disrupted summer for most, but one where the FinTech world has continued to innovate and grow – global investment in H1 reached $98bn (£18bn in the UK) and Revolut raised a funding round of $800m at a valuation of $33bn.

Michael Jaiyeola, FinTech Marketing Lead

[Subscribe now]

The Top Stories Right Now

Study To Investigate The Impact Of Open Source Software On The EU Economy

This detailed report from the EU examines the technological independence, competitiveness and innovation around open source software. The main breakthrough of the study is described as being the ‘identification of open source as a public good’. The value of open source technologies for many modern industries is well recognised but financial services have lagged behind somewhat. It is true that in highly regulated industries the compliance requirements may require some extra work when it comes to open source, but the idea that to be successful you must build using proprietary technology is finally being dispelled. A report at the beginning of the year by ResearchAndMarkets.com forecast The Open Source Service Market to grow by 24 % by 2025.

Communities like those of Erlang and Elixir offer collaboration and information sharing to raise standards for all – it’s not about free software. Where financial services infrastructure leverages open source technology that meets shared requirements then individual companies can focus on adding differential value to their products and services. For FinTech faster innovations while driving down development costs and speed to market is the holy trinity and open source technology enables this in the right use cases where being agile, responsive and scalable will determine competitiveness and success.

Get the report

Solarisbank raises $224M at a $1.65B valuation

Solarisbank, the tech company with a banking license, (whose platform is built using Erlang and Elixir) will use the new funding to acquire Contis and expand API-based embedded banking tech in Europe. Solaris was one of the first to be a fully-fledged bank that offers Banking-as-a-Service which is one of the FinTech segments (along with embedded finance) that has thrived over the pandemic period.

Read more

FCA loses £300k worth of electronic devices

In a do as I say not as I do comedy own goal, the FCA has misplaced a total of 323 electronic devices (estimated worth £310,600) over the past three years, according to a freedom of information request.  The devices are predominantly made up of hundreds of laptops, tablets, desktops and mobile phones reported lost or stolen by FCA employees. Unsurprisingly, this raises questions about data protection standards at the industry regulator.

Read more

Verizon and Mastercard partner to bring 5G capabilities to payments

The strategic aim is to integrate 5G into payments focusing on contactless shopping, checkout automation and Point of Sale (POS) experience solutions. It is stated that this will be achieved by harnessing the latest in IoT technology alongside real-time edge computing.

Read more

More content from us

Kivra – Nordic FinTech case study for digital document sending platform

Memo Bank’s story – How they used Elixir to build a bank from scratch

State of play in FinTech – I take a high-level look at some of the industry trends of 2021 so far

Kim Kardashian’s cryptocurrency Instagram post – the ‘financial promotion with the single biggest audience reach in history’!

When ultra influential influencers meet newly developed tokens, what could possibly go wrong? Well potentially plenty according to the head of the FCA, Charles Randell, who called Ethereum Max (nothing to do with the Ethereum platform) ‘a speculative digital token created a month before by unknown developers’. Read more

One in four UK financial services workers want to work from home full-time

A new survey from Accenture has found 24 per cent of the UK’s 1m financial services workers “would prefer to work entirely from home once a full return to office is possible”. Read more

Klarna joins leading climate change programmes

The Swedish BNPL unicorn is the first FinTech to sign up for The Climate Change Pledge and the Race to Zero campaign . Read more

Erlang Solutions byte size

Did you miss joining our livestream of “What’s Next for Blockchain in Financial Services’ during FinTech Week London? Well, don’t worry you can get exclusive early access to the full video of the panel debate here.

Code BEAM America – Created for developers, by developers, the conference is dedicated to bringing the best minds in the Erlang and Elixir communities together to SHARE. LEARN. INSPIRE. over two days November 4-5

Trifork Group (our parent company) reports revenue growth of 55% in Q2 and 46% in H1 2021. The Q2-2021 Interim Report can be downloaded here. In Q2, Trifork Labs continued its active investment strategy and increased investments in the new Fintech startups Kashet, a new mobile-first challenger bank in Switzerland, as well as in a joint-venture Fintech startup (Money), co-owned by three mid-sized banks. Trifork has entered an integration partnership with Modularbank, a cloud-native core banking as a service solution.

To make sure you don’t miss out on any of our leading FinTech content, events and news, do subscribe for regular updates. We will only send you relevant high-quality content and you can unsubscribe at any time.

Connect with me on LinkedIn

Email: michael.jaiyeola@erlang-solutions.com

The post FinTech Matters newsletter | September 2021 appeared first on Erlang Solutions .

  • chevron_right

    The XMPP Standards Foundation: The XMPP Newsletter August 2021

    news.movim.eu / PlanetJabber · Saturday, 4 September - 22:00 · 8 minutes

Welcome to the XMPP Newsletter covering the month of August 2021.

Many projects and their efforts in the XMPP community are a result of people’s voluntary work. If you are happy with the services and software you may be using, especially throughout the current situation, please consider to say thanks or help these projects!

Read this Newsletter via our RSS Feed !

Interested in supporting the Newsletter team? Read more at the bottom.

Other than that - enjoy reading!

Newsletter translations

Translations of the XMPP Newsletter will be released here (with some delay):

Many thanks to the translators and their work! This is a great help to spread the news! Please join them in their work or start over with another language!

Events

XMPP Office Hours - Also, checkout our new YouTube channel !

Berlin XMPP Meetup (remote) : Monthly Meeting of XMPP Enthusiasts in Berlin - always 2nd Wednesday of the month.

Articles

What is project XPORTA? As announced in the April '21 newsletter , the Data Portability and Services Incubator at NGI is sponsoring the XMPP Account Portability project named XPORTA. This month they host an interview with Matthew Wild about how this project came into existence.

The "have your own TelCo based on XMPP" service jmp.chat has a new blog, with a twist, now based on Libervia so based on XMPP, with all the nice blog features that you want (like RSS) and even subscriptions via XMPP (with compatible clients like Movim or Libervia). The post announcing the new blog also covers the new registration flow and billing system. But the previous post is the real jewel, called Adventures in WebRTC: Making Phone Calls from XMPP . It details the journey through WebRTC debugging, multiple clients, NAT, ICE and all monitored through Wireshark. Get a hot or cold beverage to go with this about 70 minutes long read.

In the previous newsletter we mentioned that Debian Linux 11 will soon be launched with updated XMPP software, as this happened in the meantime, server admins are already updating or even setting up new deployments. Such as Nelson from Luxembourg, who published a blog post about setting up a server with ejabberd on Debian 11 Bullseye .

While the Snikket iOS client app was just released, read more below, the behind the scenes development continues. In the latest blog post, Matthew Wild announces that the expert folk at Simply Secure will be performing a usability audit of the current app , as well as conducting usability testing thanks to funding from the OTF’s Usability Lab. The analysis will help to improve the UX of the iOS app and Snikket as a whole.

Missed in last month's issue, the folks at cometchat have blogged about XMPP's history, working architecture, stanzas and features in general in Everything About XMPP - Extensible Messaging & Presence Protocol . If you want a quick technical overview (or need one to show others what XMPP is all about) this ~15 minutes read can bring one up to speed.

"Spaces" are the new XMPP frontier to be explored, and you'd get a glimpse of them in Gajim client news below, but the work is pretty elaborate and ongoing with many people involved. Renga 's (an XMPP client for Haiku) developer pulkomandy has blogged Some random thoughts about XMPP spaces thinking about use cases (family, business, communities) and user interfaces.

Any Turkish speakers reading the newsletter? We don't have a translation yet, but Ged has just published an in-depth blog post about XMPP titled Hangi "Chat" Programı? . In about 40 minutes it takes the reader through the story of the protocol, tells about apps, servers, comparisons with popular apps and privacy.

The March `21 newsletter brought the news that JSXC (the Javascript XMPP Client) got funding to work on group chat calls. This month they report on the work done and explain the current progress that can even be tested.

Finally, how does FaceTime work? They interestingly use the same port (5223) as XMPP does...

Software news

Clients and applications

Gajim 1.4 Preview: Workspaces . The Gajim team has been hard at work in the past months to prepare the next v1.4 release. The upcoming version brings a major interface redesign. In this post, they explain how the new interface works and what remains to be decided or implemented before the release.

Gajim Workspaces (preview)

Libervia progress note 2021-W31 is out with information about Docker integration, the translation portal and the first 0.8.0 beta. It also has plenty of details about the work done on the ActivityPub Gateway project (grant announced in the April '21 newsletter ) with SQL, DBus, PubSub and with new and updated XEPs.

Communiqué is a new XMPP client from the Mellium Co-op team. It was announced this month and presented at the XMPP Office Hours (unfortunately recording did not work out). The source code can be found in the repository .

Communiqué

Monal 5.0.1 is now available for both iOS and macOS bringing mostly corrections and more polish over the previously major release.

JSXC Openfire plugin gets a 4.3.1-1 release , with mostly bug fixes and improvements from the JSXC project.

After so many months of waiting the Snikket iOS app is now publicly released . Snikket server admins can add the app to the invitations pages to have Apple users easily find it. If you are not running Snikket you can still use the app (you can use credentials directly) but do read the blog post to know what you need to add to your Prosody instance (invitations modules) or what limitations you might experience using any other server software.

Snikket on iOS

Servers

Prosody 0.11.10 has been released with a fix for CVE-2021-37601 and some minor changes. Prosody developers recommend server admins to upgrade in order to fix the remote information disclosure issue.

Libraries

The Mellium Dev Communiqué for August includes updates to the Mellium XMPP library as well as the new Communiqué instant messaging client. The biggest updates this month are MAM and ad-hoc commands support! You can read more here.

Extensions and specifications

Developers and other standards experts from around the world collaborate on these extensions, developing new specifications for emerging practices, and refining existing ways of doing things. Proposed by anybody, the particularly successful ones end up as Final or Active - depending on their type - while others are carefully archived as Deferred. This life cycle is described in XEP-0001 , which contains the formal and canonical definitions for the types, states, and processes. Read more about the standards process . Communication around Standards and Extensions happens in the Standards Mailing List ( online archive ).

Proposed

The XEP development process starts by writing up an idea and submitting it to the XMPP Editor. Within two weeks, the Council decides whether to accept this proposal as an Experimental XEP.

  • No XEPs proposed this month.

New

  • Version 0.1.0 of XEP-0460 (Pubsub Caching Hints)
    • Accepted by vote of Council on 2021-07-21. (XEP Editor (jsc))

Deferred

If an experimental XEP is not updated for more than twelve months, it will be moved off Experimental to Deferred. If there is another update, it will put the XEP back onto Experimental.

  • No XEPs deferred this month.

Updated

  • Version 1.21.0 of XEP-0060 (Publish-Subscribe)

    • Revert change from version 1.15.5 which changed meta-data to metadata in wire protocol. That was an unintended breaking change which has now been reverted. (pep)
  • Version 0.3.0 of XEP-0214 (File Repository and Sharing)

    • Revert change from version 0.2.1 which changed meta-data to metadata in wire protocol. That was an unintended breaking change which has now been reverted. (rm)
  • Version 0.3.0 of XEP-0248 (PubSub Collection Nodes)

    • Revert change from version 0.2.1 which changed meta-data to metadata in wire protocol. That was an unintended breaking change which has now been reverted. (rm)
  • Version 0.2.0 of XEP-0283 (Moved)

    • Re-write the flow with a more focused approach. (mw)
  • Version 1.1.0 of XEP-0429 (Special Interests Group End to End Encryption)

    • Add discussion venue after creation by the Infrastructure Team. (mw)
  • Version 1.24.0 of XEP-0001 (XMPP Extension Protocols)

    • Change "Draft" to "Stable". (ssw)

Last Call

Last calls are issued once everyone seems satisfied with the current XEP status. After the Council decides whether the XEP seems ready, the XMPP Editor issues a Last Call for comments. The feedback gathered during the Last Call help improving the XEP before returning it to the Council for advancement to Draft.

  • No Last Call this month.

Stable (formely known as Draft)

Info: The XSF has decided to rename 'Draft' to 'Stable'. Read more about it here.

  • No Stable this month.

Call for Experience

A Call For Experience - like a Last Call, is an explicit call for comments, but in this case it's mostly directed at people who've implemented, and ideally deployed, the specification. The Council then votes to move it to Final.

  • No Call for Experience this month.

Thanks all!

This XMPP Newsletter is produced collaboratively by the XMPP community.

Therefore many thanks to Adrien Bourmault (neox), Anoxinon e.V. community, anubis, Benoît Sibaud, emus, Sam, Licaon_Kter, nicola, seveso, SouL, wurstsalat3000, Ysabeau for their support and help in creation, review and translation!

Spread the news!

Please share the news via other networks:

Find and place job offers in the XMPP job board .

Subscribe to receive the next edition in your inbox

Also check out our RSS Feed !

Help us to build the newsletter

We started drafting in this simple pad in parallel to our efforts in the XSF Github repository . We are always happy to welcome contributors. Do not hesitate to join the discussion in our Comm-Team group chat (MUC) and thereby help us sustain this as a community effort. We really need more support!

You have a project and write about it? Please consider sharing your news or events here, and promote it to a large audience! And even if you can only spend a few minutes of support, these would already be helpful!

Tasks which need to be done on a regular basis are for example:

  • Aggregation of news in the XMPP universe
  • Short formulation of news and events
  • Summary of the monthly communication on extensions (XEP)
  • Review of the newsletter draft
  • Preparation for media images
  • Translations: especially German and Spanish

License

This newsletter is published under CC BY-SA license .

  • chevron_right

    Snikket: Snikket iOS app now publicly released

    news.movim.eu / PlanetJabber · Tuesday, 31 August - 14:00 · 4 minutes

This is the announcement many people have been waiting for since the projectbegan!

Opinions are often strong about which is the best mobile operating system.However, while it varies by region and demographic, wherever you are it’s verylikely that you have Apple users in your life, even if you don’t use oneyourself. We want to ensure that the platform you use (by choice or otherwise)is not a barrier to secure and decentralized communication with the importantpeople in your life.

The lack of a suitable client for iOS was an obstacle to many groups adoptingSnikket and XMPP. For this reason, today’s release of a Snikket app for Apple’siPhone and iPad devices is a significant milestone for the project.

A community effort

It’s a journey that began late last year with the announcement that we wouldbe sponsoring support for group chat encryption in Siskin IM, the open-source iOS XMPP client developed by Tigase .

The Tigase folk have been very supportive of our project, and I’d like toespecially thank Andrzej for his assistance and patience with all my newbieiOS development questions!

There are many other folk who have also helped unlock this achievement. Thisincludes everyone who helped to fund the development work - especially WaqasHussain, the kind folk at jmp.chat and of course absolutelyeveryone who has donated to the project. The majority of donations areanonymous so it’s impossible to thank everyone individually, but the amount ofsupport we’ve received as a project is amazing, and really gives us confidencein achieving even more ambitious milestones in the future.

Funding aside, we couldn’t have refined the app without help from our diligentbeta testers - with particular thanks to Michael DiStefano, Martin Dosch, mimi8999and Nils Thiele for their bug-catching and comprehensive feedback. Everyoneparticipating in the beta programme has helped shape the app we’re releasingtoday.

What happens now?

We’ll be rolling out a Snikket server update shortly that will add a link tothe iOS app from Snikket invitation pages. If you’re eager to make the appavailable to your users before then, you can add the following line to yoursnikket.conf:

SNIKKET_WEB_APPLE_STORE_URL=https://apps.apple.com/us/app/snikket/id1545164189

After saving the file, apply the change with the command docker-compose up -d .

If you are using the Snikket hosting service, you will get anemail soon that explains how to enable the app store link for your instances.

We’re not done yet

This is a big milestone, without a doubt. But we’re not completely done. Theapp is not perfect (yet!) and we’re still working on many things. But webelieve this is no reason not to share it with the world as early as we can.

Push notification compatibility

The first thing to note (especially as many non-Snikket users will also beexcited about a new iOS XMPP client on the scene) is that our primary focushas been on the app working seamlessly with Snikket servers. We’re committedto XMPP interoperability, but time and resources mean we can’t develop andtest every change in pace with every XMPP server.

Although we expect it to generally work, there are some known compatibilityissues currently. Specifically, due to the strict “no background networkconnections” policy for iOS apps, we have needed to adapt push notificationhandling slightly differently to what is supported on most XMPP servers today.The extensions we use are openly published by Tigase ,and we have made available community modules for Prosody ( mod_cloud_notify_encrypted , mod_cloud_notify_priority_tag and mod_cloud_notify_filters ),and discussion has begun onmoving these extensions over to the XMPP Standards Foundation standardsprocess. We welcome help and contributions towards evolving XMPP’s currentpush notification support. If you’re interested, reach out!

Until then, although some backwards-compatibility considerationsare in the app, this means it’s very possible you may experience issues withnotifications on some non-Snikket servers when the app is closed (thoughTigase servers and Prosody servers with the community modules enabled shouldbe fine).

Language support

The app is currently only available in English, which is an unfortunatecontrast from all other Snikket projects which are available in many languagesalready.

Updating the app to support translation of the interface is high on our prioritylist. After this is implemented, we will also be looking for help from translators,so stay tuned for further announcements.

Other work in progress

Other known issues that we are working on:

  • Notifications for OMEMO-encrypted messages show a potentially-confusingmessage about the app lacking OMEMO support. This will be fixed by the sameserver update that adds the app to the Snikket invitation page.
  • Group chat notifications are not yet working. This will also be rolledout as a future server update.

Of course, we will also soon be incorporating feedback from the usabilityaudit and testing sessions when that work iscompleted.


I want to say a final thanks to our entire community for supporting theproject. Snikket has ambitious goals , and the progress we’remaking couldn’t be achieved without all the help and support we’ve received.

Drop us feedback about the app if you try it out, file bug reports and featurerequests to help us withplanning and, if you can, donate to help sustain the developmentof the entire project.

We look forward to welcoming more users to the XMPP network than ever before!

  • chevron_right

    Gajim: Gajim 1.4 Preview: Workspaces

    news.movim.eu / PlanetJabber · Friday, 27 August - 00:00 · 8 minutes

The Gajim team has been hard at work in the past months to prepare the next v1.4 release. The upcoming version brings a major interface redesign. In this post, we explain how the new interface works and what remains to be decided or implemented before the release.

Of course, your feedback is important ! No interface can please everyone, so please react to this post with how this change would impact you positively and negatively, and ideas you have to make it even better before the release.

This blog post is in part based on the Gajim 1.4 UI/UX Preview given by lovetox, a current maintainer of Gajim. So if you prefer the video format, click on that Youtube link or use your favorite Invidious instance to view it with a lightweight, privacy-friendly client. That presentation was given as part of the XMPP Office Hours programme, where you can find other interesting presentations about the Jabber/XMPP ecosystem, or propose your own!

Single-window application

The main change in Gajim’s new release is that, in the current implementation, it becomes a single-window application. We’ve been used for over a decade to have separate windows for the contact list ( roster ) and for chats. This user interface pattern was common with early 2000’s messengers such as MSN and ICQ .

In the upcoming release, we make Gajim a single-window application, where all features are always within your reach. This change is inspired by more recent messengers such as Element , Discord or Mattermost (among others). This is what it looks like so far:

Gajim’s new main window

Gajim’s new main window

Some people feel left out by this new feature and the removal of the multi-window mode, however we hope to reconcile our users’ needs as part of the Gajim project, as explained in the Areas for improvement section of this blog post.

Workspaces

Gajim v1.4 will introduce a new concept: workspaces . Previously, all tabs were considered equal as a flat list within a window. We understand the need to organize some activities into a specific context, but without multiple windows, we organize these activities by workspace.

A workspace is a collection of group chats and private chats, organized client-side. For the moment, this is a non-standard, Gajim-specific feature, but standardization efforts are explained in the Areas for improvement section.

We introduced a new sidebar on the left of the window which allows to navigate your workspaces and accounts. After clicking any workspace, the chat list will be displayed in the sidebar. This chat list, to the right of the workspace list , provides navigation for chats (both group chats and private chats) within the current workspace. The currently focused workspace has a colored bar indicating it’s the current context.

Below the workspace list, the sidebar lists your accounts. Clicking an account will display a page containing the contact list , your avatar, a status selector, and a list of pending notifications. Contacts in the contact list are organized by roster groups, as was already the case in previous versions.

Account context

Each account is attributed a specific color, in addition to its avatar. This color is reused in the chat list , alongside the tab’s avatar so you can see instantly which account of yours is used in a specific chat. When a given chat/account doesn’t have an avatar defined, one is generated from the first character of its displayed name.

Gajim with multiple accounts

Gajim with multiple accounts

When a notification is received within a certain workspace, an indicator with the number of unread messages will be shown on the workspace icon and on the chat.

Organizing your interface

Workspaces can be reordered manually within the sidebar by drag-and-drop. However, these two different types of context are kept separate: the workspaces appear on top of the list, while accounts are listed on the bottom. When there’s too many entries to display, the workspace/chat list becomes scrollable.

Chats can also be moved from one workspace to another, though not via drag and drop: simply right-click a chat and from there the “Move to” menu will move the selected chat to the requested workspace. However, it isn’t possible currently to copy a chat to another workspace; moving an entry to a new workspace will remove it from its previous workspace.

Within a given workspace, chats can be pinned . These stay in place at the top of the workspace’s chat list . Chats which are not pinned are ordered by latest activity. This way you never have to scroll endlessly to find the chat that matters to you. For the moment, pinned tabs cannot be reordered like workspaces, but we plan to implement it.

Try it out and let us know

There’s a lot of upcoming major changes in the next Gajim v1.4 release, so stay tuned to the blog for further information. In the meantime, you can test the new interface by running Gajim from sources using just a few commands. This feature is not published in nightly releases yet because it’s still unstable, so do not use it as a daily-driver yet.

Important: Note that you have to start Gajim with a test profile using gajim -s -p testprofile or launch.py -s -p testprofile in order to preserve your current profile. Migrating back is not possible.

  • git clone https://dev.gajim.org/gajim/gajim && cd gajim to download Gajim’s source into a gajim folder and moving there
  • git checkout mainwindow to browse the development branch with the new UI
  • pip install . to install Gajim’s development version and all dependencies to your python environment, then gajim -s -p testprofile to start
  • alternatively, ./launch.py -s -p testprofile to start Gajim without installing it, in which case dependencies should be manually setup first (for example On Ubuntu )

Feedback is welcome in any form, whether on our issue tracker , in our community chat gajim@conference.gajim.org , or as a blog post on your own website. The main tracking issue for this new user interface is #10628 .

Areas for improvement

In this section, we explain the shortcomings of the current implementation of the workspaces feature, and what could be done to improve it. We are actively looking for ideas on these areas, so if you can afford it, please spend some time to gather your thoughts and help us improve Gajim.

Accessibility

Account context relies on user-supplied colors. However, for accessibility concerns (color-blindness), we would be interested to support other graphical patterns instead of colors. For example, dots and dashes and other visual patterns that are common in graphs and tables. However, unless we get more contributions, it’s unlikely this feature will be released in v1.4.

Internationalization

The main window redesign does not support right-to-left (RTL) languages in a special way yet. The navigation sidebar will be displayed on the left-side of the screen in all cases.

UI customization

Some users have already expressed their anxiousness at the idea of dropping support for multiple windows in Gajim. However, there is technically no barrier preventing us from reimplementing is with our new User Interface. It’s “just” a lot of hard work.

For example, maybe we could have a mode where each account gets its own window that could move around separately? Or focus a space from the main window into its own window? That would be useful when using virtual desktops (sometimes called workspaces, what a coincidence) in your favorite desktop environment.

In addition, we could explore to support multiple sidebars on multiple axis, so that you could decide where to place your accounts list , and divide your workspace list into a top and bottom sidebar.

Only your imagination and contributions to the Gajim project are the limit for the kind of experience we can provide, but it’s very unlikely deeper UI customization will be implemented in time for the v1.4 release. We are a volunteer-run project and cannot afford to spend time to accommodate every single need there is, although contributions are always welcome.

More workspace organization

Currently, pinned tabs in the chat list cannot be reordered in the way that workspaces can be in the workspace list . Would this be useful for you?

Moreover, Gajim’s new workspaces UI currently features a 2-level representation like Mattermost, where any chat only has a single ancestor workspace. The account roster is an exception, because it features a 3rd-level nesting in order to fit roster groups, where each entry is part of a group, which is part of the account workspace context. Maybe workspaces could benefit from this approach in order to represent 3-level hierarchies akin Discord/Element interface.

Also, a chat can currently only be featured in a single workspace, for the sake of simplicity. That’s a fine assumption as long as workspaces are managed by a single user for their needs, but would not play well with sharing workspaces with other users, in which case a chat may appear more than once in the workspace tree.

Standardization and interoperability

As mentioned briefly, we’re considering how our new workspaces feature can be represented server side, so that it can be used by other clients, and maybe even shared across users.

Sharing a workspace with several users, similar to Matrix “spaces” or Discord “servers” could prove very useful for online communities administering a bunch of channels, for example to set space-wide permissions. It could also enable to subscribe to a public workspace maintained by a contact of yours, featuring a bunch of 3rd party group chats on a specific topic.

While there is not yet a specification for such hierarchical organization of chats in the XMPP ecosystem, there was an XMPP Online Sprint last winter studying Discord’s user experience in order to benefit the Jabber/XMPP ecosystem.

More recently, some people have started to gather thoughts that should lead to a specification. There is a work-in-progress document (a pad ) which anyone can edit with feedback, and a spaces@joinjabber.org group chat has been setup to discuss this issue in a cross-project manner. Your ideas and contributions are more than welcome, even if you’re not familiar with the Jabber/XMPP ecosystem. Feedback on how a new specification could be made interoperable with other decentralized networks is very welcome.

Gajim