[Standards-JIG] MUC Invitations, Jingle Relays, and Big Problems

Robert B Quattlebaum, Jr. darco at deepdarc.com
Fri Nov 3 18:50:19 UTC 2006


On Nov 3, 2006, at 2:13 AM, Kevin Smith wrote:

> On 3 Nov 2006, at 00:48, Robert B Quattlebaum, Jr. wrote:
>> I don't see this problem getting better—it is going to get worse.  
>> Filtering communications from unknown JID's is a perfectly  
>> reasonable thing to do, and I think that we should start making  
>> our protocols aware of this situation and stop punishing users for  
>> it.
>>
>> Any ideas on how to handle this?
>
> Frankly, I think we should strongly encourage servers to not do this.

My biggest problem is that google talk makes this mandatory.

> As you note, many use cases involve unknown contacts, and I can  
> only see the use cases increasing rather than decreasing. I can  
> only admire server admins which take a proactive approach to  
> preventing unwanted messaging, but this seems to be a sub-optimal  
> way to do it. Imagine if GMail only allowed you to receive mails  
> from people in your address book, you'd never get notifications  
> for  many things such as online purchases.

Email is a bit different than instant messaging as you know, so this  
comparison doesn't quite hold up. Sending unwanted and unsolicited  
instant messages to someone immediately wastes their time and attention.

I'm not really sure what the best solution is.

> As there are an increasing number of protocols which mandatory  
> blocking renders impotent (0070 is another that springs to mind),  
> we need to find another approach (I do appreciate that waiting for  
> a user to be spammed before starting blocking is also sub-optimal).

Good example. Perhaps we should start building a list of XEP's that  
break with paranoid filtering.

XEP-0045
XEP-0070
XEP-0060
XEP-0065 (for mediated connections)

What else?

XEP-0070 is a good example of a hard protocol to fix, because it is  
highly likely that there is nothing on the user's roster that could  
be traced back to the authenticating server. At least with a group  
chat invitation you would theoretically verify that the inviting user  
is on the invitee's roster. In this case you couldn't even do that.

__________________
Robert Quattlebaum
Jabber: darco at deepdarc.com
eMail:  darco at deepdarc.com
www:    http://www.deepdarc.com/





More information about the Standards mailing list