[standards-jig] Serious Issues with JEP 0024

DJ Adams dj.adams at pobox.com
Fri Jul 19 19:13:55 UTC 2002


On Fri, Jul 19, 2002 at 12:28:58AM -0400, Adam Theo wrote:

> > to decide what the clients would receive. But how do you decide what to
> > put in a <message/>? 
> 
> Well, I'm not sure what you mean here. The content of messages would be 
> chat/normal-like messages, mostly for purposes of easy creation of chat 
> rooms (like jdev at conference.jabber.org) or mailing lists (like this 

Well, what I mean was, how would you (as the pubsub component) convert an
incoming IQ packet carrying an iq:pubsub qualified attachment into a 
<message/> packet? I.e. how do you decide which bits of the data carried 
in the pubsub payload go where in a message?


> OK, I understand now, thanks. I'm not particularly fond of this access 
> controlo solution, but will bother bringing this up later, both when 

That's ok, 'cos I'm fond of it :-)

> [...]

> By allowing this you allow a spammer to get a list of JIDs that very 
> likely have humans behind them one way or another. The spammer simply 
> needs to request publisher-agnostic subscriptions to a specific 
> [...]
> requested, and even more publishers are put on the spammer's whitelist 
> (all of them, in fact). It would be a spammer's heaven.

The same goes in the other direction too (where the publishers are the 
spammers). I have to be clear and say I don't want the 'spammer' angle
to overshadow everything, and what you're proposing seems to me a sledge
hammer to crack a nut that may not exist, or may exist anyway in other
incarnations.

How about making the ability to subscribe to a namespace published from 
all publishers optionally deniable on the pubsub component side?

> [...]

> If you are referring to your spec's proxy subscriber idea, then yes, I 

Effectively (for the sake of argument) yes.


dj



More information about the Standards mailing list