[standards-jig] Version 0.3 of JEP-0046 / DTCP
jer at jabber.org
Mon Sep 23 15:08:45 CDT 2002
I'm wondering, since what I understand to be the more-important subset
of DTCP is simply a standard way to express the multiple potential IP's
associated with an endpoint (multiple interfaces, SOCKS, fw's, NATs,
PASS-like gateways, etc) is instead using a variant of
jabber:iq:negotiate (jep-20) for that purpose alone.
Right now iq:negotiate works in the opposite direction of what is
needed, so instead would it be wrong to do a get with no options, and
the recipient return the list of options (ip's in this case)? For
<iq type="get" id="1" to="jack at jabber.org/client">
<iq type="result" id="1" to="jill at jabber.org/pda">
Then, when any app using any namespace need to know a list of IP's that
might represent some other entity, there is one common way of asking
and serving such information.
Is this pushing iq:negotiate beyond it's intent too far?
On Monday, September 23, 2002, at 03:58 AM, Ben Schumacher wrote:
>> It is quite possible I don't understand all of the implications here.
>> I am
>> not a security expert..
> I don't claim to be either, but I can still see a potential weakness in
> your protocol in the current proposal.
> Standards-JIG mailing list
> Standards-JIG at jabber.org
More information about the Standards-JIG