[Standards] pubsub whitelists
stpeter at stpeter.im
Thu Aug 23 16:04:53 UTC 2007
Ralph Meijer wrote:
> On Wed, 2007-08-22 at 10:30 -0600, Peter Saint-Andre wrote:
>> Peter Millard originally thought of a pubsub whitelist as the list of
>> entities that are subscribed to a node. However, as Joe Hildebrand and
>> Matt Yacobucci just pointed out to me, that introduces a security hole
>> quite similar to <presence type='subscribed'/> -- that is, the node
>> owner can now add you to the subscriber list without your permission
>> (introducing all sorts of wonderful spam possibilities). Joe and Matt
>> pointed out that the whitelist is more properly a list of entities that
>> are allowed to subscribe (or retrieve items) if they want to, not as the
>> list of subscribers. This could be managed via node configuration (e.g.,
>> a "pubsub#whitelist" node configuration option of type jid-multi). It
>> seems important to fix this before we publish version 1.10 of XEP-0060
>> so I will work on that here soon.
> Oh, I assumed white lists would indeed be that. Your suggestion seems
> perfect. +1
Sorry about the out-of-order messages -- DNS issues should be resolve
most everywhere now.
Looking at this further, I conclude that we need a new affiliation to
handle this properly. I mean, we could do this via node configuration,
but that is functionally equivalent to an affiliation. The new
affiliation would be similar to the "member" affiliation in MUC, in that
the JID is a "member of the club" of entities that can subscribe (like
joining a room) or retrieve items (like getting room history). So I
think we can call the pubsu affiliation "member" too.
It's not clear to me how existing pubsub implementations can be handling
the whitelist access model, since it is so underspecified in the spec
right now. But I will work to clean this up in the next few days.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards