[Standards] Depreciating XEP-0146: Remote Controlling Clients

Emmanuel Gil Peyrot linkmauve at linkmauve.fr
Sat Aug 27 12:27:26 UTC 2016


I’d like to propose deprecating XEP-0146, on the basis that some of its
features are a security hazard, some overlap with better solutions
available now, and some are just kind of useless.

XEP-0146 defines five use-cases:
1. Change status
2. Forward unread messages residing at the remote client to the local
3. Change run-time options
4. Accept pending file transfer requests
5. Leave groupchats

Of those, 2. is the biggest problem, at least some implementations will
happily send a plain-text version of their logs to any other resource
requesting it.  It is also a use-case solved in a much nicer way by

The main reason for 4., poor routing of iq-based file transfers, is
already solved by XEP-0353 (alongside XEP-0280 in some situations).  It
might make sense to keep this feature for other reasons, like if you
are on a bandwidth-limited mobile network but want to accept a big file
transfer on your home server so you can have the file once you come
home, I don’t feel strongly about deprecating this part of XEP-0146.

The rest of the use-cases can possibly be security issues as well
(especially 3. depending on what gets exposed), but are mostly not
really useful, especially with the direction XMPP is moving to (like
MIX using PAM to handle groupchat join-ness, or multiple resources
being more hidden in modern UIs).

So I propose deprecating this XEP, or at least the bad parts of it, or
at least improving the Security Considerations, let’s discuss!


Emmanuel Gil Peyrot

More information about the Standards mailing list