[Standards] Veto on "Privileged Entity"
goffi at goffi.org
Wed Dec 17 18:21:36 UTC 2014
On 17/12/2014 18:10, Kurt Zeilenga wrote:
> I’m glad this thread seems now to be focused more Dave’s concerns with the ProtoXEP itself and how the authors might cure these concerns than discussions of general XMPP access control issues. I’m going to try focus all my comments on the ProtoXEP itself, your specific concerns of it, and what you are asking authors to do. And I’m also going to try to look at all of this “anew”.
>> It'd be simpler if the protocol was just limited to the immediate requirement.
> Maybe that’s suggests a path forward… maybe if the authors would add an narrowly worded applicability statement to the ProtoXEP to the immediate requirement possibly with a note that upon further experimentation and operational experience the scope might be broaden subsequently.
> — Kurt
Yes, it seems things are moving in the good way, we'll see if we can
have a satisfying solution, thank you for your interventions.
So to be clear on the exact problem we have:
- we (developers of "Salut à Toi", http://www.salut-a-toi.org) an a few
other projects (namely Movim http://movim.eu, Jappix
http://www.jappix.org) or developers (notabily Sergey Dobrov is working
on these issues too) are working on an XMPP based decentralized
(micro)blogging platforms. Buddycloud is doing something similar, but
seems to stick less on standard XMPP in favor of proprietary extensions
(Dave I know you're working on Buddycloud, correct me if I'm wrong)
- the current state of PubSub/PEP implementation is not currently
satisfying for us, as I mentioned in other messages.
- basically we have 2 options to solve this quickly (we need to have
things working fast): focus on a server and collaborate with dev team,
that's what Movim and Jappix are doing with Metronome (they work more or
less with other servers), or build your own PubSub/PEP Component, that
what we have choosed for "Salut à Toi" with our (friendly) Idavoll
(https://idavoll.ik.nu/) fork: http://repos.goffi.org/sat_pubsub (we are
in contact with Ralph Meijer to merge upstream our code and have a
generic full-featured PubSub Server, usable by everyone)
- So far we were using a dirty hack of Prosody (a modification of
remote-roster plugin) and with a simulation of PEP (by associating one
node per entity): it's dirty and not standard, so we can't communicate
with Movim or Jappix.
- We took time to try to make things clean and standard, so we decided
to submit protoXEP which would allow to use our external component as a
replacement of any server internal PEP service, and by side effect,
avoid to be stucked by a server implementation (or lack of
implementation !) in the future
- we need a quick development cycle, and we are trying a lot of
experimental things (like the mentioned equivalent of Google circles or
Diaspora aspect, I described it there:
Because of that, we can't rely on server implementations (and we don't
want to be stucked on one particular server, we want something generic)
So that's where we are. Once we can have a working and standard solution
for PEP, we'll want to standardize the group permissions (but that's an
other debate, we have other options with e.g. collections).
I hope things are more clear now :)
More information about the Standards