[Standards] comments on XEP-0289

Curtis King cking at mumbo.ca
Mon Feb 13 23:14:26 UTC 2012


On 2012-02-13, at 1:51 PM, Peter Saint-Andre wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 2/7/12 10:56 PM, Curtis King wrote:
>> 
>> On 2012-02-07, at 6:10 PM, Peter Saint-Andre wrote:
>> 
>>> At the XMPP Summit, I finally had a chance to chat with Kevin
>>> Smith about XEP-0289, and on the plane back from Brussels I've
>>> reviewed that spec in more detail. Herewith some feedback, which
>>> is terse because I'm running out of battery power and my plane
>>> going to land soon.
>>> 
>>> First, I like the XEP-0289 approach and in general I prefer it to
>>> what I wrote up in XEP-0281 (especially the more natural use of
>>> presence from one room to join the other room, instead of the
>>> IQ-ish approach in 281).
>>> 
>>> However, much is left unspecified in XEP-0289 and I have a lot
>>> of questions. :)
>> 
>> I have implemented a modified version of 289 which supports both
>> master to master and slave to master. I was hoping we would have an
>> updated XEP before the summit but that didn't happen.
>> 
>>> 
>>> First, terminology. I like "MUC mirroring" instead of "federated
>>> MUC" (because there's confusion with server federation -- you
>>> could argue that our current model already is federated MUC). I
>>> would change things as follows (you can figure out particular
>>> terminology I use below from the parts of the JIDs):
>>> 
>>> source at home.near.tld (the source room) 
>>> source\40home.near.tld at mirror.far.tld (the mirror room)
>> 
>> I got rid of all jid escaping to avoid any client changes.
> 
> In one sense, I like the JID\20Escaping stuff, because it shows the
> relationship between the source room and the mirror room.

You can do that without escaping the JID and requiring special client or end user knowledge. The customers we have talked to, say they want zero changes to the clients, client configuration, or what the end user sees.

> 
>>> Questions:
>>> 
>>> - from the perspective of a far user, is the mirror room just a
>>> standard MUC room? if not, why not (and exactly how)?
>> 
>> Looks just like a standard MUC room.
>> 
>>> 
>>> - do mirror rooms support all the usual MUC features (history,
>>> room administration etc.)? if not, why not?
>> 
>> All still supported.
>> 
>>> 
>>> - in particular, can the mirror room be administered? if not, why
>>> not?
>> 
>> Yes - there might be some limitations for slaves to have central
>> control of kicks, bans, etc.
> 
> Right, that's what I was worried about -- synchronization of room
> configurations could get messy (you'll notice that's just the point in
> XEP-0281 where I left off...).

Yes, this is the area which will require the most thought.

> 
>>> - does / can the mirror room retrieve history on joining the
>>> source room?
>> 
>> Yes, a must.
> 
> Well, that might depend on deployment scenarios, no? If this is truly
> to be used in highly constrained environments, then history retrieval
> might be optional.

It's a must that an implementation supports it, it doesn't have to-be used.

> 
>>> - are there distinct disco identities for source rooms and mirror
>>> rooms?
>> 
>> yes - but the client wouldn't know it. The goal is to have XEP-289
>> server only as much as possible.
> 
> I think there might be value in knowing that a given room is a mirror.

But, if it's never used if it worth adding? A simple as possible server only XEP would be very nice.

> 
>>> - does the source room config indicate that the room is (can be)
>>> mirrored?
>> 
>> not currently.
>> 
>>> 
>>> - does the mirror room config indicate what the source room is?
>> 
>> not currently.
> 
> Again, there might be value here.
> 
>>> - can mirror rooms themselves be mirrored? (ick)
>> 
>> No. A room is either a slave or master. Slaves can not have
>> multiple masters nor other slaves.
> 
> Sounds like a good idea.
> 
>>> - do / can mirror rooms / services communicate with each other?
>> 
>> I don't follow the question.
> 
> Let's say that mirror1 and mirror2 lost connectivity to the source
> room (perhaps the source server goes offline). There might be value in
> allowing those mirror rooms to share their view of the room while the
> source room is offline.

Then they aren't slaves but masters. See below.

> 
>>> - does the mirror room wait for presence fan-out from the source
>>> room before sending presence to far users?
>> 
>> Depends. Masters no, slaves yes. But all mirrors are caching
>> presence, history, etc.
> 
> I think you misunderstood my question.

I understood the question, but I wasn't clear enough on the design.

From customer requirements there are two distinct operational modes they want.

1) Bandwidth reduction with the current model of central administration of the room, and always the same order of messages for all users.
- Really just want bandwidth reduction.
- MUC's same order of messages is seen as a big XMPP advantage.
- Ok, with if the master room goes down then mirrors are also offline. The idea being the master room would be some cluster.

This is a Master / Slave configuration. Slaves always send presence and local origin messages first through the master then get the response back from the master which the slaves then fan out to the local users.

2) Bandwidth and survivability. The local rooms keep going no matter what happens with the other remote rooms.
- Will live with different order messages. We will need to make it a predictable order.

This is a Master / Master configuration. The masters fan out to local users and remote rooms all at the same time.

To keep the XEP from becoming overly complex there should be no forwarding of message between masters. I'm sure there will be a few more restrictions we will need to put in place.


> 
> Far user joins mirror room. Mirror sends presence update to source
> room. Does mirror room wait to send that user's presence to everyone
> in the mirror room (pending receipt of presence from the source room)?
> 
>>> - does or should the mirror room include delayed delivery info in
>>> the messages that it sends to far users?
>> 
>> No, it behaves as a normal MUC room.
> 
> I'll have to think about that some more.
> 
>>> - can the source service explicitly request that the mirror
>>> service shall mirror a particular room (as in XEP-0281)? probably
>>> not needed, but good to make it clear
>>> 
>>> - what happens if a near user tries to join a mirror room? is
>>> that user redirected from the mirror room to the source room?
>> 
>> How would you know where the user is? So, no.
> 
> You would know based on the domainpart of the joining user's full JID.

Which is their IM domain. There is no way of knowing if a MUC domain is near or far from an user's IM domain.

> 
>> The updated xep will make this clearer.
> 
> Great.
> 
>>> - can a far user join the source room directly?
>> 
>> Sure, why not?
> 
> Because, based on policy, the mirror might want all of the users in
> its administrative domain to join the mirror instead of the source.

We need to-be careful with the scope of standard or it will become difficult to implement, so I prefer such policy to-be an implementation detail.

> 
>>> can the source room redirect a far user to the mirror room (as in
>>> XEP-0281)?
>> 
>> No.
> 
> Here again, policy might dictate joining the room that's closest to
> you. I would not want to forbid this behavior, but I don't think it
> needs to be part of the base spec.

I agree.

> 
>>> - we need to show examples of room joins from far users other
>>> than the first one -- in particular, I would assume that the
>>> source room sends only one presence notification to the mirror
>>> room, which is then fanned out to all of the far users
>>> 
>>> - can / should the mirror room assume the equivalent of
>>> "nomirror" for the presence of near and far users? that would
>>> save quite a bit of bandwidth
>>> 
>>> - I'm not really convinced about nomirror for messages, but I am
>>> open to being convinced
>>> 
>>> - example 2 seems strange, because the 'from' address is the room
>>> JID of the mirror room, not the occupant JID of the far user --
>>> note that in example 5 the source room seems to know the occupant
>>> JID of the far user in the mirror room, but currently there's no
>>> way for it to know that!
>>> 
>>> - must the far user's roomnick be the same in the source room and
>>> the mirror room?
>>> 
>>> - what error would the source room return to the mirror room on
>>> join if the mirroring service is not trusted? (a rogue mirroring
>>> service could simply include the MUC namespace and thus join as a
>>> normal occupant, instead of including the special mirroring
>>> extension -- that's something for the security considerations)
>> 
>> There should be protocol to mirror rooms to set roles, master or
>> slave. A master could decline a mirror request. This is when
>> existing presence and history would be exchanged the two rooms.
> 
> OK, looking forward to seeing that spec'd out.

me too ;-)

> 
>>> - what error or status notification would the mirror room return
>>> to the far user if s2s is down? would it return any status at
>>> all?
>> 
>> master - no error slave - fail to join.
>> 
>>> 
>>> - I don't mind the JID\20Escaping stuff for room names, but I
>>> suppose others might consider it ugly
>> 
>> It is ugly :-)
> 
> I never said it was beautiful, but we're not working on this protocol
> for aesthetic reasons. :)

Always good to avoid ugly when you can :-)

ck


More information about the Standards mailing list