[Standards] off-server archives with MAM

Stefan Strigler stefan.strigler at gmail.com
Sat Apr 18 08:58:57 UTC 2015


Sounds like a really nice hack. A recombination of presence, disco and MAM
to gain a totally different user experience.

+1 for the idea :)

Not sure where to put this though. How about

XEP-1337 Hacks

:D

2015-04-18 5:24 GMT+02:00 Kurt Zeilenga <kurt.zeilenga at isode.com>:

>
>
> > On Apr 17, 2015, at 7:57 PM, Peter Saint-Andre - &yet <peter at andyet.net>
> wrote:
> >
> > The Message Archive Management spec (XEP-0313) seems to assume that a
> message archive will live on the server where a user has registered an
> account. This raises privacy and security concerns, especially if the
> messages are not encrypted: as a user I might not want all that message
> history on the server in case it gets hacked, and as a server admin I might
> not want the liability of holding all those messages, either. (In fact, as
> someone who runs a very large public IM service, I can assure you that I do
> not want to have all those messages entrusted to me!)
> >
> > Ideally, to me, my message archive would be stored on a trusted device
> that is under my control (say, a limited-access storage medium that I keep
> in my house). This device could authenticate to my account and advertise
> its existence to my other resources. Using Carbons (XEP-0280) it could
> obtain copies of all the messages I send and receive. When one of my
> messaging devices wants to retrieve message history, it would do so by
> querying this trusted storage device, not the server (which only handles
> messages for purposes of realtime delivery).
> >
> > I would really like to see the wording in XEP-0313 adjusted to take this
> scenario into account. I am happy to propose text.
>
> I think MAM should be mostly accessing server maintained archives.   If
> the archives are maintained by some other entity, such as a client under
> the control of a user, some other extension is needed to address the
> particulars of this scenario. For instance, discovery (the advertisement
> you noted above) would be completely different.  I rather not attempt to
> detail this scenario in XEP 313.  I don’t see any particular need to change
> XEP 313 text to enable a client to offer MAM services.  I think that’s
> already allowed.  For instance, Section 7 says “If a server or other entity
> hosts archives and supports MAM queriers…”.
>
> — Kurt
>
> >
> > Peter
> >
> > --
> > Peter Saint-Andre
> > https://andyet.com/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20150418/0a359c3d/attachment.html>


More information about the Standards mailing list