Hi Robert!
Robert Norris schrieb am 2003-09-24 11:52:12:
> - Suitable access controls are required. Obviously, it won't do to
> allow anyone to change anyone elses roster. One thought we had is to
> restrict operations based on the transport JID (domain) - ie, the
> transport can only set roster items of its own users, and when a
> roster is retrieved, it only receives items for its own users.
> This may not be a good idea, however, as not all servers are
> transports - do I really want a remote (Jabber) server to be able to
> modify the contacts on my roster for its own users?
I agree that transports should get (restricted) access to the roster
items of a user. This may help make better support for other IM systems
and syncronizing the roster on the foreign IM system server and the
Jabber server.
What I don't like is the "domain-only item" hack you subscribed. I think
there should be an extension maybe something based somehow on an
extended version of jabber:x:roster!? Maybe we could build this in a way
that we get basic support for it with existing clients that already
support this namespace and full support for clients that fully implement
the extensions.
I transport would interact with the client and not with the server to
query the roster. This would allow to make it the clients decission with
something is Opt-In or Opt-Out and if the transports behave like Jabber
users or more like native ICQ-/AIM-/MSN-/Yahoo-users.
Tot kijk
Matthias
_______________________________________________
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev
