Tomasz Sterna wrote: > Dnia 2008-02-01, Pt o godzinie 00:17 +0100, Tomasz Sterna pisze: >> I found e serious issue with FC 3921bis Managing Presence Subscriptions. >> [...] > > Shall I take no answers to my post as: > - nobody is really interested in the issue ? > - I already am on all list members KILLFILEs ?
- people are really really really busy? ;-) >> I think we need to resolve this before RFC 3921bis goes "live". >> Let's disallow full JID based subscriptions or fully document it. >> Either way is OK with me, but the current, unclear situation is a no >> go. > > Actually, I take it back... > I do care what we do and it's not the first option. The recommendation to allow only bare JID subscriptions currently is there for clients. There is no recommendation that the server must disallow full JID subscriptions, check the 'to' address, etc. > I do run some services on server resources. > For example, a public server based (not bot or component), web presence > tracker and indicator on: 'chrome.pl/webstatus' > You need to add 'chrome.pl/webstatus' to send your presence updates, to > the service and you may then use http://www.chrome.pl/status/JID url to > show your presence status on the web. > > I also add 'chrome.pl/echo' to all my users rosters on user creation. > It resembles them the Skype echo service contact, and they all love it - > they have a way of testing theirs newly created jabber account right > away, without searching for real people. Yes we used to run a service like that on jabber.org. :) > So I actually need full JID based subscriptions. Right. The problem is that we can't tell what an entity is just by looking at its JID. Just because a JID is [EMAIL PROTECTED]/resource does not mean it is a full JID (i.e., a connected resource of a registered account). Just because a JID is [EMAIL PROTECTED] does not mean it is a bare JID (i.e., a registered account). This is why we have service discovery. :) So in general I think it makes sense to counsel client developers that adding full JIDs is a bad idea, but you can't assume that a JID of the form [EMAIL PROTECTED]/resource or host/resource is a full JID. /me ponders Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
