[Standards] request for reviews: XEP-0045 v1.25rc5

Alexander Holler holler at ahsoftware.de
Thu Sep 29 16:18:47 UTC 2011


Am 27.09.2011 23:40, schrieb Peter Saint-Andre:
> On 9/27/11 3:28 PM, Alexander Holler wrote:
>> Am 27.09.2011 15:29, schrieb Waqas Hussain:
>>
>>>>> 11. Full-to-bare JID rewriting to support vCards
>>>>>
>>>>> All(?) implementations are doing it, but it's not specified anywhere.
>>>>> Should it be?
>>>>
>>>> Yes, it should. Proposed text would be appreciated.
>>>>
>>>
>>> Err... a quick attempt, probably not too good:
>>>
>>> [Section 16.4: IQ]
>>>
>>> 6. If an occupant sends an IQ get to another occupant with the child
>>> element<vCard xmlns='vcard-temp'/>, the room SHOULD route the stanza
>>> to the target occupant's bare real JID. The room should also rewrite
>>> the 'from' attribute of the IQ result response to the initial target
>>> occupant's full in-room JID. The room can store any state required in
>>> 'id' or 'from' attributes of the IQ get stanza it sends.
>>
>> Hmm, doesn't forwarding IQs be a problem for semianonymous rooms?
>
> That's already covered by the third bullet point in Section 16.4:
>
> If an occupant wants to send an IQ stanza to another user in a
> semi-anonymous room, the sender can direct the stanza to the recipient's
> room JID and the service SHOULD forward the stanza to the recipient's
> real JID. However, the MUC service MUST NOT reveal the sender's real JID
> to the recipient at any time, nor reveal the recipient's real JID to the
> sender.
>
>> Especially for things like vcard?
>
> Why are vCards special in this regard?

Because the answer would reveal the identity.

In general I don't think forwarding IQs should be done in semi-anonymous 
rooms.

Regards,

Alexander



More information about the Standards mailing list