[Standards] Veto on "Privileged Entity"

Goffi goffi at goffi.org
Wed Dec 17 18:21:36 UTC 2014

On 17/12/2014 18:10, Kurt Zeilenga wrote:
> I’m glad this thread seems now to be focused more Dave’s concerns with the ProtoXEP itself and how the authors might cure these concerns than discussions of general XMPP access control issues.  I’m going to try focus all my comments on the ProtoXEP itself, your specific concerns of it, and what you are asking authors to do.  And I’m also going to try to look at all of this “anew”.
>> It'd be simpler if the protocol was just limited to the immediate requirement.
> Maybe that’s suggests a path forward… maybe if the authors would add an narrowly worded applicability statement to the ProtoXEP to the immediate requirement possibly with a note that upon further experimentation and operational experience the scope might be broaden subsequently.
> — Kurt

Yes, it seems things are moving in the good way, we'll see if we can 
have a satisfying solution, thank you for your interventions.

So to be clear on the exact problem we have:

- we (developers of "Salut à Toi", http://www.salut-a-toi.org) an a few 
other projects (namely Movim http://movim.eu, Jappix 
http://www.jappix.org) or developers (notabily Sergey Dobrov is working 
on these issues too) are working on an XMPP based decentralized 
(micro)blogging platforms. Buddycloud is doing something similar, but 
seems to stick less on standard XMPP in favor of proprietary extensions 
(Dave I know you're working on Buddycloud, correct me if I'm wrong)

- the current state of PubSub/PEP implementation is not currently 
satisfying for us, as I mentioned in other messages.

- basically we have 2 options to solve this quickly (we need to have 
things working fast): focus on a server and collaborate with dev team, 
that's what Movim and Jappix are doing with Metronome (they work more or 
less with other servers), or build your own PubSub/PEP Component, that 
what we have choosed for "Salut à Toi" with our (friendly) Idavoll 
(https://idavoll.ik.nu/) fork: http://repos.goffi.org/sat_pubsub (we are 
in contact with Ralph Meijer to merge upstream our code and have a 
generic full-featured PubSub Server, usable by everyone)

- So far we were using a dirty hack of Prosody (a modification of 
remote-roster plugin) and with a simulation of PEP (by associating one 
node per entity): it's dirty and not standard, so we can't communicate 
with Movim or Jappix.

- We took time to try to make things clean and standard, so we decided 
to submit protoXEP which would allow to use our external component as a 
replacement of any server internal PEP service, and by side effect, 
avoid to be stucked by a server implementation (or lack of 
implementation !) in the future

- we need a quick development cycle, and we are trying a lot of 
experimental things (like the mentioned equivalent of Google circles or 
Diaspora aspect, I described it there: 
http://www.goffi.org/post/2012/06/24/Fine-access-tuning-for-PubSub ). 
Because of that, we can't rely on server implementations (and we don't 
want to be stucked on one particular server, we want something generic)

So that's where we are. Once we can have a working and standard solution 
for PEP, we'll want to standardize the group permissions (but that's an 
other debate, we have other options with e.g. collections).

I hope things are more clear now :)


More information about the Standards mailing list