[Standards] Onesocialweb: code release and updated extensions

Laurent Eschenauer laurent at eschenauer.be
Tue Apr 13 09:41:10 UTC 2010


On Mon, Apr 12, 2010 at 4:35 PM, Dave Cridland <dave at cridland.net> wrote:

> On Mon Apr 12 15:04:01 2010, Laurent Eschenauer wrote:
>
>> - switched to PEP for sharing of activity notifications (but using our own
>> flavor of PEP, having added a new kind of node that supports per item
>> privacy)
>>
>
> What does that mean? You mean that each item can override subscribers,
> effectively?
>

Yes. It works like this:
- everyone can subscribe to my PEP microblogging node
- when I post an item, I can add some access restrictions (for viewing, but
also editing). For example: only distribute an item to subscribers which are
also in my roster and in the 'Colleagues' group.

The problem there is that beyond your own flavour of PEP, you're using your
> own flavour of PubSub. That's not impossible, as long as you've extended it
> correctly - I'm hoping you've used a publish-option for this.
>

What we have done so far is to put the access-control extension inside the
atom payload, not to interfere. So, a regular PubSub/PEP engine will just
treat it as usual and will distribute to all subscribers. (The client should
detect capability via disco and not attempt to post item with restricted
privacy on server having only a regular PEP implementation).

Next step would be to make this a generic PEP/PubSub capability. It could be
indeed done via publish-option (but there are per request, not per item). Or
simply as another element, in the <item/> payload. So you would have:

<item>
 <entry ...>
 <acl xmlns='...'>
    <the acl rules for this item>
 </acl>
</item>

In addition to that, we need to define another kind of node, and maybe some
configuration options (e.g. what kind of per item control is allowed) and
the various disco entries. The acl stuff could also be made more generic and
used in other places (e.g. field based access control in vcard, etc...).

What do you think ? I propose to bring this discussion to the PubSub mailing
list and start looking at bringing per item privacy in PubSub and PEP. Does
it make sense ? I need help, being a XMPP newbie :-)

Thanks for the feedback !
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20100413/8732e241/attachment.html>


More information about the Standards mailing list