[Standards-JIG] UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)

Matthias Wimmer m at tthias.net
Wed Mar 17 22:47:37 UTC 2004


Hi Jacek!

Jacek Konieczny schrieb am 2004-03-17 09:49:24:
> I wonder if we can trust presence anyway. Only "available" presence may
> be reliably signed. If the client connection is lost, then the server
> sends "unavailable" presence, without user's signature. The server may
> send the same "unavailable" presence when user is still online or not
> send it when he goes offline. So we cane never be sure that the user is
> online, we only know that he was online at the moment when he had sent
> his signed "available" presence. What is the use of such information,
> other than announcing user's keyid (which could be solved by different
> means)?

I guess a client should send the unavailable presence before logging
out. This will be a sort of a closure of the session like it is there in
SSLv3 and TLSv1 as well.


Tot kijk
    Matthias

-- 
Fon: +49-(0)70 0770 07770       http://matthias.wimmer.name/
HAM: DB1MW                      xmpp:mawis at charente.de



More information about the Standards mailing list