[jdev] XEP-0060 Subscription Authorization

Peter Saint-Andre stpeter at stpeter.im
Tue Dec 4 20:26:53 CST 2007


Ralph Meijer wrote:
> On Mon, 2007-11-19 at 13:05 -0700, Peter Saint-Andre wrote:
>> Lindsay Oproman wrote:
>>> [..]
>> If the node is configured for an access model of "authorize" then each
>> subscription request will need to be approved by the node owner, unless
>> the implementation includes some logic to pre-approve subscription
>> requests from all resources based on the bare JID (node at domain.tld).
>> (Sounds like a good feature request.)
> 
> I think that XEP-0060 was designed to do access control on bare JIDs,
> although we never made that explicit, apparently. You can see this in
> various parts of the specification. For example, any resource can
> manipulate the subscriptions and affiliations that are associated with
> any resource of the bare JID and the bare JID itself.

Good point.

> I don't think making it explicit that all access control is done on the
> bare JID should pose any issues. The only area that might be a concern
> is doing publish-subscribe from within a MUC room, but this is a special
> use case that we haven't given much attention anyway. I do have some
> thoughts on it, were it necessary to pull that into this thread.

Yes, that is "MEP".

> For what it is worth, Idavoll assigns affiliations to, and does access
> control based on, bare JIDs.

I think that is right.

If someone would like to propose some text, that would be great.
Otherwise I'll work something up soon.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20071204/4f99de54/attachment-0002.bin>


More information about the JDev mailing list