[Standards-JIG] UPDATED: JEP-0147 (XMPP IRI/URI Query Components)

Peter Saint-Andre stpeter at jabber.org
Thu Nov 3 20:55:17 UTC 2005


JD Conley wrote:
>> Ralph Meijer wrote:
>>> On Tue, Sep 06, 2005 at 10:27:08AM -0700, JD Conley wrote:
>>>>>> Changelog: Updated to reflect draft-saintandre-xmpp-iri-01; added
>>>>>> file querytype for file transfer. (psa)
>>>> I would love to be able to use this for receiving files as well.
> What
>> if
>>>> we added something like this:
>>>>
>>>> xmpp:sender at jabber.org?file;sid=a0
>>>>
>>>> And then in 0096/0095 we could add a pull model for known stream
> ID's
>>>> during stream initiation.
>>> Interesting use case indeed.
>>>
>>>> Receiver:
>>>> <iq type="get" to="sender at jabber.org/resource" id="pull-1">
>>>>     <si xmlns='http://jabber.org/protocol/si'
>>>>       id='a0'
>>>>       profile='http://jabber.org/protocol/si/profile/file-transfer'
> />
>>>> </iq>
>>> One remark. How do you actually get at the resource identifier? I
> assume
>>> the sender is not in my roster.
>> Hey JD, any suggestions? Send a probe first? Without the resource I
>> don't see how this is going to work...
> 
> Couldn't you just put the resource identifier in the IRI that drives the
> si get request? In particular I was thinking of this in the context of
> OOB "File Attachments" during an active IM conversation. A message could
> include an attachment element or even just the IRI pointing to the
> attachment (which, might not necessarily be from the sender).

Don't we already have JEP-0137 for this? It's used by iChat for example 
and seems to work quite well without all the IRI madness.

> I was also hoping this would be useful for XMPP based file
> sharing/browsing applications. You could post XMPP IRI hyperlinks on a
> web page to a common file on a server computer identified by
> "fileserver at mydomain.com/always_the_same_resource".

Sure, that's more of a possibility. Another possible context is a 
browser-based client, which dynamically updates its interface with URIs 
like that.

In general, however, just posting a static XMPP URI on your website that 
says "send me a file and here's my usual resource" seems to open you up 
to (1) leaking your presence (transfer fails, you know I'm offline even 
if you're not in my roster) and (2) receiving virus-laden files from 
random entities out there on the net.

Peter

-- 
Peter Saint-Andre
Jabber Software Foundation
http://www.jabber.org/people/stpeter.shtml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20051103/f51a555c/attachment.bin>


More information about the Standards mailing list