[Standards] private storage revisited

Peter Saint-Andre stpeter at jabber.org
Thu Jul 5 22:09:06 UTC 2007


We still need to figure out private storage via pubsub. Joe Hildebrand
proposed that we tack "+private" on the end of the namespace (NodeID):

http://mail.jabber.org/pipermail/standards/2007-March/014758.html

Rephrasing and generalizing his email based on subsequent list
discussion, I would present it as follows:

***

Whenever a client publishes the first item to a node that ends in
"+[accessmodel]", the pubsub service MUST create the node with a default
access model equal to the specified model (that is "open" or "presence"
or "roster" or "authorize" or "whitelist"). [1] For such a node, the
access model MUST remain fixed and a pubsub service MUST return an error
if the node owner tries to change it.

***

Yes this hardcodes NodeIDs. But it has the benefit of being simple,
explicit, and secure (the access model can't be changed, which is
especially important for private storage).

Thoughts?

/psa

[1] In fact "roster" doesn't make sense here since you need to specify
the roster group. And BTW the list for "whitelist" must start out empty,
i.e., only the node owner can publish or subscribe.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7354 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070705/36ac40a2/attachment.bin>


More information about the Standards mailing list