One Small Voice: The Journal of Peter Saint-Andre

RFC 7649: The Jabber Scribe Role at IETF Meetings


During its thrice-yearly meetings, the Internet Engineering Task Force makes fairly heavy use of chatrooms powered by Jabber/XMPP technologies (which only makes sense because XMPP was standardized by the IETF). These chatrooms are used mainly as a way for remote participants to send comments to the physical meeting room. Thus arises the need for what we call "Jabber scribes" - folks at the meeting who volunteer to relay comments from the chatroom at the microphone and otherwise help to improve the experience for remote participants. Those who volunteer for this role often wonder if there are some guidelines they can follow, so Dan York and I have helpfully obliged by writing RFC 7649. Happy scribing!

Economic Autarky at Walden Pond


Readers of Thoreau's Walden might be forgiven for thinking that his experiment in living was one of economic autarky. The way he describes things in the section on "Economy" certainly give that impression. For instance, after detailing his expenses, he states that "my whole income from the farm was $23.44".

Yet in a journal entry from October 4, 1857, he notes that "while I lived in the woods I did various jobs about the town - some fence-building, painting, gardening, carpentering, etc., etc." He then describes some of these odd jobs and says that he charged only a dollar a day (earning at least $9 just from the two masonry and fence-building jobs he happens to mention in this journal entry - apparently there many more). Thus Thoreau was perhaps more of a freelancer than the hermit he's commonly made out to be, even during the mere two years that he lived at Walden Pond in relative isolation.

RFC 7622: Updated i18n for Jabber IDs


As previously mentioned, the internationalization odyssey I completed with RFC 7564 got its start innocently enough through the need to modernize the handling of Jabber IDs (as I recall, Alexey Melnikov, applications area director at the time, made me promise that I'd correct the internationalization of JIDs at the IETF before he would sign off on RFC 6120, the core spec for XMPP). Now, all these years later, those corrections are finally done in the form of RFC 7622. Well, that only took a bit over 5 years!.

RFC 7613: Internationalized Usernames and Passwords


A few months ago I posted about the internationalization odyssey that was the Framework for Preparation, Enforcement, and Comparison of Internationalized Strings in Application Protocols, a.k.a. RFC 7564. This work has significant implications for security, as exemplified by the PRECIS profiles for usernames and passwords, just published as RFC 7613. The old approach to internationalization of usernames and passwords (RFC 4013) was locked into Unicode version 3.2 (it's now up to version 7, with version 8 coming soon) and also used an identical algorithm for both usernames and passwords, even though the security characteristics of these two constructs are quite different (for passwords we want to maximize entropy by allowing just about every possible Unicode character, whereas for usernames we want a more controlled subset of Unicode characters mostly limited to letters and numbers). With RFC 7613, Alexey Melnikov and I took a more modern and careful approach: among other things it's version-agile with respect to Unicode and it defines separate profiles - actually one for passwords (called "OpaqueString") and two for usernames, depending on whether uppercase characters are preserved or mapped to lowercase. It will take awhile for this new approach to trickle into application protocols (XMPP identifiers and chatroom nicknames are the first two) and then into running code, but eventually this new approach will provide a stronger and more sustainable foundation for handling internationalized usernames and passwords over the Internet.

RFC 7590: TLS in XMPP


Following on the work that Yaron Sheffer, Ralph Holz, and I did on best practices for SSL/TLS in application protocols, Thijs Alkemade and I have now applied those recommendations to XMPP in the form of RFC 7590 (published today). This document explicitly updates the security considerations of the core XMPP spec and thus helps us further strengthen the security properties of the Jabber/XMPP network. Naturally there is still much to be done, but this is another step in the right direction...

Two More Nietzschean Poems


Although my philosophical focus right now is on Thoreau, I'm also thinking once in a while about Songs of Zarathustra (a cycle of poems providing a positive interpretation of Nietzsche's ethics). Here are drafts of two more poems that might make the cut. As can be seen, these are related to my previous poem Eternal Recurrence.

Amor Fati

Whatever might unfold for me
Is not spun out by scheming Fates;
Instead it's simple destiny,
A line of life that time creates.

It's natural that I love this line,
Despite its pains and hurried pace;
Because the steps I make are mine,
I take pride in their style and grace.

I wrote the first stanza of that one a month or two ago. As I was waking up this morning, the following poem (Spiral) came to me quite quickly, and then I went back and worked out a second stanza to Amor Fati. As always, these are provisional and might not survive the editor's pen.


Eternal recurrence of the same
Sounds like a circle I can't escape,
The endless march of a lowly ant
On a moebius strip of grinding fate.

And yet the notion spurs me on
To fly and soar while I have the chance,
To make my life a thing of gold
That shines out over time and space.

For older entries, check the archive. To track changes, follow the feed.

Peter Saint-Andre > Journal