[Standards] XEP-0297 review

Peter Saint-Andre stpeter at stpeter.im
Tue Jul 17 20:24:05 UTC 2012


On 7/17/12 2:39 AM, Kevin Smith wrote:
> On Mon, Jul 16, 2012 at 4:35 PM, Peter Saint-Andre <stpeter at stpeter.im> wrote:
>> I've just reviewed XEP-0297 (Stanza Forwarding) and I think it looks
>> good. One small comment, it would be good to describe briefly the kinds
>> of extensions that might re-use this format, and specifically to cite
>> draft-miller-xmpp-e2e.
>>
>> In Sections 4.1 and 4.2, we use the word "trust", which I find to be
>> void for vagueness and thus impossible to operationalize. IMHO it would
>> be better to phrase this in terms of how the receiving entity needs to
>> behave (e.g., drop the message without showing it to a human).
> 
> "An entity cannot trust that forwards are genuine when receiving them
> unprovoked (i.e. outside the scope of another specification) and
> SHOULD NOT process them automatically."
> 
> ?

That's better. Even more neutrally, we could say something like this:

"An entity SHOULD NOT automatically process unsolicited forwards that it
receives outside the scope of another protocol."

Peter

-- 
Peter Saint-Andre
https://stpeter.im/







More information about the Standards mailing list