[Council] process

Mike Lin mikelin at MIT.EDU
Tue Apr 16 01:15:14 CDT 2002


Here are a couple starts. I use the term "we" loosely here; for the most
part, I really mean "I". I know I can't speak for everyone. I hope I am
not mischaracterizing anyone too badly; of course feel free to disagree:

JEP-0011: Jabber Browsing

jabber:iq:browse is a reality of the Jabber protocol today. After
resolving a number of specific technical and wording concerns with the
JEP, we are cautiously in favor of establishing this as a standard, with
the maxim that this is only the core definition of a protocol that is
designed for extensibility and adaptability for new purposes, which are
left largely undefined.

JEP-0018: Presence

It is important to exactly and exhaustively define presence semantics,
especially with new server implementations reaching viability. Thus we
would like to see this JEP fleshed out with clear wording and protocol
examples.

JEP-0020: Client Feature Negotiation Protocol

We are generally in favor of establishing a consistent syntax for
feature negotiation, which this JEP provides. However, it is important
to acknowledge that the semantics of feature negotiation in different
contexts varies widely, and it is difficult to forsee whether any
particular syntax is sufficient for complex negotiation semantics that
have yet to be defined for Jabber (e.g., cryptosystems). We would like
to see the JEP include discussion of these particular points, as well as
how the protocol may be extended in the future if it proves that more
detailed metadata is required than a linear set of options.

JEP-0025: Jabber HTTP Polling

We have aesthetics reservations and serious security concerns with the
protocol, which appears highly vulnerable to a client spoofing attack.
JEP authors pointed out technical need for particular aesthetics and
acknowledged security concerns, but expressed the opinion that the
security of the protocol is sufficient for its purposes. We proposed a
specific technical solution to resolve the most serious security
problems, but are unaware of any specific effort to revise the protocol
or JEP.

JEP-0027: Current Jabber OpenPGP Usage

We expressed concerns with vagueness and ambiguity in the wording of the
JEP. Author revised JEP and we voted in favor of it as documentation of
a temporary technique in lieu of a more robust solution based on XML
Signature and XML Encryption.

-Mike

On Mon, 2002-04-15 at 13:40, Peter Saint-Andre wrote:
> Well, I haven't seen any position papers yet from the Council. Is it
> valuable to promise them or shall we just go with the old process of
> discussion on the standards-jig list with regular poking of Council
> members to make sure we get their feedback?
> 
> Peter
> 
> --
> Peter Saint-Andre
> email+jabber: stpeter at jabber.org
> weblog: http://www.saint-andre.com/blog/
> 
> _______________________________________________
> Council mailing list
> Council at jabber.org
> http://mailman.jabber.org/listinfo/council





More information about the Council mailing list