[Standards] XEP-0115 is harmful and should be deferred

Robin Redeker elmex at x-paste.de
Thu Jul 5 22:29:09 UTC 2007


Hi!

On Thu, Jul 05, 2007 at 11:34:10PM +0200, Tomasz Sterna wrote:
> Dnia 04-07-2007, śro o godzinie 21:03 -0600, Peter Saint-Andre
> napisał(a):
> > > base64(sha1(dave-formatted id/features))
> > Seems reasonable to me. 
> 
> I've picked this random post to reply but it does not concern this
> particular post but the whole thread...
> ...which I did not follow really, because I find this whole XEP and
> concept of entity capabilities distributed with presence packed unneeded
> and harmful.
> 
> This XEP came out to solve a problem of jabber:iq:version storming on
> the Psi client launch, which other clients blindly copied just to
> show-off the remote client version at the fancy tooltip.
> 
> So instead of pull-based mechanizm there was a push-based mechanizm
> deployed.
> 
> But I do see some inconsistency here.
> We don't allow vCard hashes to be pushed with the presence. We do not
> allow moods and "now-playing" to be pushed on us with the presence
> packet, but we gladly allow unrequested capabilities to be pushed with
> the presence?? More then, we're going to REQUIRE them?

w.r.t. to vcard, this is just a small snipped from a recent debug log:

2007-06-30 13:12:30 +0200 |   <presence from="xxxx" to="yyyy">
2007-06-30 13:12:30 +0200 |     <status>i'm here</status>
2007-06-30 13:12:30 +0200 |     <priority>1</priority>
2007-06-30 13:12:30 +0200 |     <c node="http://gaim.sf.net/caps" ver="2.0.0beta5" xmlns="http://jabber.org/protocol/caps"/>
2007-06-30 13:12:30 +0200 |     <x xmlns="vcard-temp:x:update"/>
2007-06-30 13:12:30 +0200 |   </presence>

Quite some noise I get there with the presence, I completly agree with you on
the following:

> Excuse me. I've subscribed your PRESENCE information. I didn't ask for
> your mood, tune, avatar nor capabilities. If I would need them, I will
> ask and you may allow me to have them.
> There's nothing special about the caps, that these would require special
> privileges.

I think this is a good point and well spotted :-) !

> And what's more - we invented a way for me to subscribe for all this
> kinds of additional information. Using everyone's favorite PubSub.
> Why don't we reuse it somehow?
> 
> We didn't have PEP/PubSub deployed at all when we invented XEP-0115, but
> we do have now and for sure can do better now.

I, as client developer, would really like if PEP/PubSub became more
widely-used. Recently when reading this list I became the feeling that
PEP is being avoided. Eg. by the common "ironic joke": 'lets use PEP for this'.

PEP/PubSub has many good applications IMO. And if you ask me, PEP is IMO
essential enough to go into XEP-0073 (Basic IM Protocol Suite). (Well, it
will have to go in there anyway if it becomes neccessary to promote
client capabilities.)
And I think announcing capabilities seems to be a great application
of PEP/PubSub. I can already imagine the client setting:
     [X] Allow others to subscribe to your client's capabilities.
or:
     [X] Don't publish this client's capabilities.

Just my 1.9999999... Cents

Greetings,
   Robin



More information about the Standards mailing list