[Standards] XEP-0258 and XEP-0060

Dave Cridland dave at cridland.net
Thu Nov 17 21:18:14 UTC 2011


On Thu Nov 17 19:55:09 2011, Ashley Ward wrote:
> >In general, I think this would be mostly identical to the  
> Multi-User
> >Chat use case in section 5.2.
> 
> That's pretty much exactly what I was thinking!
> 
> 
FWIW, that's how it works in M-Link - except we haven't put in the  
protocol controls for it.

> Yeah. I think it would make most sense for the label to be contained
> within the <item> element, and I believe XEP-0060 already allows the
> <item> element to contain a sequence of any xml elements, so  
> implementing
> this in XEP-0258 shouldn't require any change to XEP-0060.

That's awkward, because it means reading through the item a lot more.

In addition, if the server has a clearance for a seperate pubsub  
service, it's going to need to decide what to do if different items  
do and do not pass the ACDF. This is tricky, because the model only  
allows for all-pass or all-fail.

> This would also allow multiple items published at the same time to  
> have
> different security labels.

Yeah, that. :-)

> Exactly the same I think - both muc rooms and pub sub nodes are  
> configured
> with the forms, so it's really up to the server implementation to  
> decide
> how they are configured, how it handles default labels, allowable  
> labels,
> etc (just the same as it is with muc config).

Indeed, this bit is easy.

> There would also be some corner cases to think about, especially  
> around
> discovery of nodes - e.g. should a user who isn't entitled to  
> access a
> node know that it exists, and if not then what happens if they try  
> to
> create a node with a conflicting id (as an error reveals  
> information about
> the node's existence). Perhaps this sort of detail should be up to  
> the
> server implementation?

Ew. That's yet another problem I'd not seen.

If a user tries to join a chatroom that they don't have clearance  
for, we hand back an error. I think you have to for nodes, too,  
that's the only logical thing to do.

For items, though, this gets substantially nastier, since the model  
assumes that overwrite is normal, and indeed desirable, and the  
intent. So if someone writes an item with a clearance you can't see,  
how on earth is this meant to be handled?

Finally, I'd point (back) to my Last Call comments - from back when  
the specification *did* have a PubSub section - where I pointed out  
that the catalogue work needs work to cover not only jid, but  
jid+node. Not a major change, but a change nonetheless.

Dave.
-- 
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade



More information about the Standards mailing list