On 27 August 2014 01:10, Kurt Zeilenga wrote:
>
> On Aug 26, 2014, at 11:42 AM, Dave Cridland wrote:
>
> Certainly is. But if we're to block all possible jid existence leaks,
> everything breaks anyway.
>
>
> I think we as a community need to either say XMPP broadly allows directory
> havesting
> On Aug 26, 2014, at 11:42 AM, Dave Cridland wrote:
>
> Certainly is. But if we're to block all possible jid existence leaks,
> everything breaks anyway.
>
>
I think we as a community need to either say XMPP broadly allows directory
havesting or that it doesn’t. Right now, for a server im
[...]
These are, in general, desirable effects from a UX standpoint. The downside
is that one can use them to harvest real jids for abuse and other nefarious
purposes. However, it's not specific to Disco, and we should be careful of
being distinctly uneven in our protection here.
As such, my gut
On 26 Aug 2014 16:42, "Kurt Zeilenga" wrote:
>
>
> On Aug 26, 2014, at 7:55 AM, Simon McVittie <
simon.mcvit...@collabora.co.uk> wrote:
>
> > On 26/08/14 15:10, Kevin Smith wrote:
> >> 30 says not to reply with disco to entities not authorised for your
presence.
> >
> > Should the server follow th
On Aug 26, 2014, at 7:55 AM, Simon McVittie
wrote:
> On 26/08/14 15:10, Kevin Smith wrote:
>> 30 says not to reply with disco to entities not authorised for your presence.
>
> Should the server follow this pseudocode for a disco instead?
>
>if target JID is bare:
># any IQ to user
On 26/08/14 15:10, Kevin Smith wrote:
> 30 says not to reply with disco to entities not authorised for your presence.
Should the server follow this pseudocode for a disco instead?
if target JID is bare:
# any IQ to user@host is expected to be replied to by the server
reply to
Hi folks.
30 says not to reply with disco to entities not authorised for your presence.
163 says you need to disco entities if you're not authorised for their presence.
This breaks things somewhat, as it seems quite possible to be willing
to publish things on your personal pubsub service (even i