[standards-jig] Discussion on JEP-0016: Server-Based Privacy Rules

Jacek Konieczny jajcus at bnet.pl
Sun Jan 20 11:19:58 UTC 2002

On Sat, Jan 19, 2002 at 09:13:39PM -0800, Shawn Wilton wrote:
> If I were to choose the blacklisting style, I would say leave it up
> to the client.  The server does enough work already.
IMHO blacklist may be sometimes very usefull. Especcially if it would be
able to block by server (not everyone would start his own server to send
unsolicited message to you), but blocking just some nasty jid, maybe
temporarily, would be cool too.

> To me, this is the better choice.  
Yes, in most cases.

> There's no need for a blacklist
> when I have to give you permission to send me a packet.
But what about an admin who should always be able to receive messages
about abuses? He may don't want to receive anything from some known
persons, but he must be able to get messages from unknown people, who
may have problems because of admin's system.

> Overhead
> considerations aside, this is the better choice.  So I propose 
> this style solution be the one persued so we can get to optimizing.

IMHO blacklist/whitelist should be made one generic mechanism. Like 
hosts.allow and hosts.deny in UNIX systems. The administrator of server
could disable one or both of these, and user could choose one or both,
but both should be included in Jabber standard. 

If only whitelist will be defined now, and some day blacklist will be
needed another extension would have to be made.


More information about the Standards mailing list