[Standards] LAST CALL: XEP-0245 (The /me Command)

Dave Cridland dave at cridland.net
Wed Jan 7 21:37:17 UTC 2009


(Well, this one was easy).

On Wed Jan  7 21:29:32 2009, XMPP Extensions Editor wrote:
> 1. Is this specification needed to fill gaps in the XMPP protocol  
> stack or to clarify an existing protocol?

I think it is certainly needed to document an existing practise.


> 2. Does the specification solve the problem stated in the  
> introduction and requirements?

The specification claims to document recommended handling, and I  
believe achieves this.


> 3. Do you plan to implement this specification in your code? If  
> not, why not?

N/A - Server Developer, sorry. I note that the specification is  
widely implemented.


> 4. Do you have any security concerns related to this specification?

The only security issue I can think of is if the presentation could  
be used to spoof a message from another participant, or from the  
service.

Typically, clients display messages on exit such as "dwd has left",  
or "dwd has join the group chat" - it may be useful to alert  
implementors to ensuring that such messages cannot be spoofed by the  
user typing "/me has left", thus - perhaps - avoiding being kicked.  
This is the reason, I believe, behind the recommendation (and typical  
implementation) of prepending the nickname with a "*".


> 5. Is the specification accurate and clearly written?

It seems accurate, and clear.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade



More information about the Standards mailing list