[Standards] Disco conflict between 30 and 163

Kurt Zeilenga kurt.zeilenga at isode.com
Tue Aug 26 15:40:27 UTC 2014


On Aug 26, 2014, at 7:55 AM, Simon McVittie <simon.mcvittie at collabora.co.uk> wrote:

> On 26/08/14 15:10, Kevin Smith wrote:
>> 30 says not to reply with disco to entities not authorised for your presence.
> 
> Should the server follow this pseudocode for a disco instead?
> 
>    if target JID is bare:
>        # any IQ to user at host is expected to be replied to by the server
>        reply to it on the user's behalf, describing features of the
>        server and the account (but nothing about the logged-in
>        resources on that account, if any)

JID existence leak.

> 
>    else if peer is authorized to see user's presence:
>        # any IQ to user at host/resource is expected to be replied to
>        # by that resource
>        forward message to the named resource so it can respond
> 
>    else:
>        <service-unavailable/>
> 
> Regards,
>    S
> 




More information about the Standards mailing list