[Standards] off-server archives with MAM

Stefan Strigler stefan.strigler at gmail.com
Sat Apr 18 08:59:44 UTC 2015


Oh, my list is missing the carbons of course.

2015-04-18 10:58 GMT+02:00 Stefan Strigler <stefan.strigler at gmail.com>:

> Sounds like a really nice hack. A recombination of presence, disco and MAM
> to gain a totally different user experience.
>
> +1 for the idea :)
>
> Not sure where to put this though. How about
>
> XEP-1337 Hacks
>
> :D
>
> 2015-04-18 5:24 GMT+02:00 Kurt Zeilenga <kurt.zeilenga at isode.com>:
>
>>
>>
>> > On Apr 17, 2015, at 7:57 PM, Peter Saint-Andre - &yet <peter at andyet.net>
>> wrote:
>> >
>> > The Message Archive Management spec (XEP-0313) seems to assume that a
>> message archive will live on the server where a user has registered an
>> account. This raises privacy and security concerns, especially if the
>> messages are not encrypted: as a user I might not want all that message
>> history on the server in case it gets hacked, and as a server admin I might
>> not want the liability of holding all those messages, either. (In fact, as
>> someone who runs a very large public IM service, I can assure you that I do
>> not want to have all those messages entrusted to me!)
>> >
>> > Ideally, to me, my message archive would be stored on a trusted device
>> that is under my control (say, a limited-access storage medium that I keep
>> in my house). This device could authenticate to my account and advertise
>> its existence to my other resources. Using Carbons (XEP-0280) it could
>> obtain copies of all the messages I send and receive. When one of my
>> messaging devices wants to retrieve message history, it would do so by
>> querying this trusted storage device, not the server (which only handles
>> messages for purposes of realtime delivery).
>> >
>> > I would really like to see the wording in XEP-0313 adjusted to take
>> this scenario into account. I am happy to propose text.
>>
>> I think MAM should be mostly accessing server maintained archives.   If
>> the archives are maintained by some other entity, such as a client under
>> the control of a user, some other extension is needed to address the
>> particulars of this scenario. For instance, discovery (the advertisement
>> you noted above) would be completely different.  I rather not attempt to
>> detail this scenario in XEP 313.  I don’t see any particular need to change
>> XEP 313 text to enable a client to offer MAM services.  I think that’s
>> already allowed.  For instance, Section 7 says “If a server or other entity
>> hosts archives and supports MAM queriers…”.
>>
>> — Kurt
>>
>> >
>> > Peter
>> >
>> > --
>> > Peter Saint-Andre
>> > https://andyet.com/
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20150418/c88fd185/attachment.html>


More information about the Standards mailing list