-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 9/3/09 2:34 PM, Home wrote: > ------- Original message ------- >> From: Kevin Smith <ke...@kismith.co.uk> >> Sent: 3/9/'09, 18:07 >> >> On Wed, Sep 2, 2009 at 9:39 PM, Peter Saint-Andre<stpe...@stpeter.im> >> wrote: >>> In my working version of the spec, I now have: >>> >>> On public servers where the same JID is reused for multiple >>> anonymous sessions, the server MAY ignore the resource >>> identifier provided by the client (if any) and instead assign >>> a resource identifier that it generates on behalf of the client. >>> >>> OK? >> >> Seems consistent with what we agreed tonight, thanks :) > > If I might be a PITA for a sec, it'd seem good to capture the discussion > on why it might be useful sometimes, and why you might not want to others.
Agreed. Here is my take... Most of the discussion about XEP-0175 has assumed that servers are exposed on the public Internet (I know that's how I have looked at it, from my perspective as an admin of the jabber.org IM service). However, server admins might offer a more controlled or private service, such as a for-pay gaming service, a help desk within a corporation, an IM "helpline" at a school, etc. In these situations, the admins might want to open up the options a bit more. This is where Jack Moffitt is coming from with his concerns (Chesspark, Collecta), and perhaps Andy Skelton (Wordpress) as well. I think it's important to capture both perspectives, and I don't think we've quite done so yet in the spec. Perhaps I'll have time to wordsmith it a bit further next week. > Indeed, it might be better to insist that servers can be configured > either way... I think that's mostly implied by saying that the server MAY do X or Y, but in a neutral way. There are plenty of server implementations that might not want to expose hundreds of configuration options but instead have some kind of "safe mode" or "public mode" that tunes down what an anonymous user can do. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkqhMGsACgkQNL8k5A2w/vy1kACgzrunmM1/K4pw3EXwpUXcPGw0 aGwAoM2FG4Dv4CIrQD087TmpBYODzn/+ =9POh -----END PGP SIGNATURE-----
