[Standards-JIG] Trying to understand

Tijl Houtbeckers thoutbeckers at splendo.com
Thu May 18 19:47:59 UTC 2006


On Thu, 18 May 2006 19:36:11 +0200, Matthias Wimmer <m at tthias.eu> wrote:

> One additional note: Letting the originating server include who gets the  
> presence (either distributing presence as now or using JEP-0033 for it)  
> is already the protocol to syncronize rosters we are searching for!

This excludes when user B on server B is subscribed to the presence of  
user A on server A, while on server A this subscription does not exist  
(anymore). Exactly the type of subscription that could cause presence  
leaking with the proposal, and even without that an annoying (but  
unrelated to security) sync bug for user B.

It's also, I would think, one of the most common out of sync states (if  
someone steps on the cable when user A unsubcribes user B, if a backup is  
restored on server B is restored with the subscription is there, when  
server A removes the mapping without ever telling server B, etc.)



More information about the Standards mailing list