This machine was in the european union and the GDPR enforcement begins at 2018-05-25.
Republishing and conveyance of content obtained from sources other than the same user-agent accessing this computer, whether that be via http or gopher, autonomously, also fits some definitions of an Electronic Communication Service that is expected to attract regulation in future, like the Online Safety Act, thus in the shutdown state it serves only my own server data that is in my editorial control.
Also, I cannot determine if the crawled and then served data infringes privacy, so safest option is to remove everything except my own server from results for now. At the time of writing the lists and other search engines can continue to be used to find xmpp servers, as that information may not be volunteered to this service.
This site is being left running to locate the alternate services, hyperlinking sites may choose to replace their links to a successor.
search.jabber.network published a statement on GDPR compliance, thus in many respects can be deemed a successor to MUCSearch, though its privacy approach may be different. Fortunately we had no involvment in it so therefore hopefully cannot be responsible for it.
There are also lists of active servers maintained by others:
The risks have increased over time:
That origin server operators could exercise an entitlement on the computer misuse act to cease probing, especially via an automated process such as a crawler.
Fortunately, no requests of this nature had been ever seen, as technical means of any blocking is widely preferred.
Data collected and redistributed could be "illegal", such as copyright infringement, or personal data, although as with web search engines, especially if the complainant is not the operator of the origin providing the content and therefore could not implement blocking. There is the danger that this system operator may have to assess any complaint regarding this rather than recommend content removed from an origin.
Also, providing any communications service between third parties may make one legally a Communications Provider and entail various extra obligations. In this case between collected disco results and users of this website.
The GPDR added the authority for data subject to recall data, whilst morally this looks like for the good, at the same time data copied off MUCsearch is out of my control, even to correct inaccuracies, so an impossible situation and therefore has not to be entered.
Fortunately, I did not observe output complaints either, and voluntarily scrubbed the database so it stays that way as far as possible.
A fully compliant replacement would need to find a way that means user content never transits the server, thus retaining immunity from requirements to edit content, and use XMPP call functions in browser.
This means that users use their own JID to index servers and provide their own masterlist. For the ultimate in privacy, each user should probably index all servers for itself thus not revealing to others interest in particular search strings except to a computer under its own control.
The remainder of this page may be historical:
MUCSearch was intended to provide the most complete index of federated XMPP services with details for conferences. This exists to show the existence of users choosing open communication
Access is possible via http and with https. To verify the certificate, use DNSSEC with DANE/TLSA in domain issued certificate mode, otherwise you may get a certificate warning.
Example! EX Example conference text
The Description for this entry appears here. Please read to see if there are comments on use.
chat@chat.my.example d 0000-00-00 00:00:00
In occupants mode below the entry we present the list of features declared, the list of occupants if available at the time of indexing and a graphic from the domain vCard photo element if that is provided.
We really do want to have the most complete index, but need to consider any legal information restrictions, and intend to put the server welfare before that…
For equanimity, I plan to include the federated systems I can find here, though I do prefer to see evidence the systems owner wishes itself be known, such as interaction with another server or the owner publishes a web page in english revealing its existence.
If you require SSL/TLS note we are DNSSEC signed only at present.
Many services do forget to add SRV records for their components and are bothersome to index if it is possible at all, or return errors when accessed via disco, if that is you do consider fixing it ☺ On the other side,
this does not make servers private, luckily there is nothing like robots.txt for XMPP,
and it would be rather nicest to see sucessful disco results that are empty or have some entries omitted if an operator does wish to hide some or all rooms or services from our results,
instead of errors. I do not consider this to be cloaking but please treat our domain jids alike.
Also output on some pages is influenced by IP address, we warn User-Agents of this by including the http header Vary: *
These features were accessed:
Permission to link is still not needed though now recommend newer replacments to this system.
If using Google Chrome and cannot examine newer stylesheets, the user interface did not provide a way then place the following in the address bar while viewing this page to choose:
javascript:cn=document.querySelectorAll("[rel=stylesheet]")[0];cn.setAttribute('href',window.prompt("Select Stylesheet",cn.getAttribute("href")));
If your server and components do not already offer the option to configure vCards for the domains they serve, many XMPP servers use an SQL database as the backend and may have a table that stores vCard data for the users.
For example, on my server I can set a user temporarily with the vCard data desired, then using the SQL console, copy this record to new entries for the domains served without the local-part, this may work even without editing the server source code slightly.
Even operating an open MUC would make this server a public communication service, so withdrawn.
This is because operating a communication service of any sort in UK is to become subject matter of online harms bill, as well of contradictory objectives in GDPR of requrement to log for investigations and forbidden logging for privacy purposes.
At this time can still send in an administrative message, or see alternative details in this server disco response.
This system can still be indexed by other servers.
I would like to move this site to a persistent domain although bound by geographic location rather than time!