[Standards] Namespace delegation and privileged component

Dave Cridland dave at cridland.net
Thu May 8 09:45:02 UTC 2014


On 8 May 2014 10:09, Goffi <goffi at goffi.org> wrote:

> Here is the main issue: components are really limited today, they're more
> something like server side clients, with very limited access (they can
> access
> entity roster for example, so a pubsub component can't manage roster access
> model).
>
>
Right - components are really just servers that have delegated S2S to
another system.


> We are thinking about two new XEPs to solve this issue:
>
> - namespace delegation: a server delegate a full namespace to a component,
> e.g.  a component say "I want to manage 'vcard-temp'"
>
>
Trapping namespaces on IQ seems relatively easy to implement. Trapping
namespaces on messages and presence, though, seems harder, because you need
to decide if the stanza is forked or if the component processes exclusively.


> - privileged component: a component access everything a client can, in the
> name of the client. That's mean it can access an entity full roster without
> limitation, it's private storage, etc.
>
>
That much is different. As of RFC 6121, remote access to rosters is a
permissions thing, so doesn't need a XEP as such. This is the same as '49,
etc. The question is how one might make this more granular, and possibly
under the control of users.

But yeah, count me in, and please do submit a protoXep.

Dave.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20140508/938686c9/attachment.html>


More information about the Standards mailing list