[Standards] NEW: XEP-0224 (Attention)

Richard Dobson richard at dobson-i.net
Mon Aug 13 14:18:25 UTC 2007


Remko Tronçon wrote:
>> This would likely be either
>>   - explicit statement in all xeps that define a feature that the client
>>     shouldn't trust caps (complex to maintain, simple to implement)
>>   - an extension to caps to say "maybe supported, query disco to know for
>>     sure". (complicates caps, adds complexity, easy to maintain)
>>     
>
> This is all way too complicated. If your client supports the feature
> (either for all or only a few contacts), advertise it in caps. If it
> chooses to ignore 'attention' stanzas from certain contacts, then it
> can do so client-side. This is true for any capability (e.g. i may not
> want xhtml information for contacts that use a certain client known to
> send ugly html, ...)
>   

And also there are security concerns that the client needs to be doing 
the ignoring (or error messages) if the feature is turned off and not 
advertised to someone, i.e. a mallicious client could send an attension 
to you even if you arnt advertising support for it and you shouldnt just 
accept and process that request if the feature is turned off so its not 
like you can reduce any coding by not advertising it to people.

Richard





More information about the Standards mailing list