[Standards] Proposed XMPP Extension: Terms of Services

Ivan Vučica ivan at vucica.net
Wed May 23 14:38:08 UTC 2018


Thanks -- I think this is a much needed xep.

Few comments; I hope they make sense:
---
4.2.1.1 Protocol support required

If the client did not include a <tos-support/> element in the initiating
request and the server requires support for the Terms of Service protocol,
it replies with an error:
---
On first reading, it's unclear what is the "initiating request" that
4.2.1.1 addresses. Is this intended to be a response for
jabber:iq:registration-related requests? When does the user get the
opportunity to respond with or without <tos-support/>?

For that matter -- why is <tos-support/> in the adhoc command required in
the first place? The point is to show the adhoc command dialog for TOS to
the user upon request.

Next up:
---

      Your client does not support the Terms of Service protocol.
      Please review the Terms of Service online at
      https://service.example/tos.

---
If the protocol is not supported, how does the user indicate acceptance
before IBR? Or in general -- if the user reviews the TOS, how do we know
they accepted them? Should we standardize a chat session where the user is
displayed the same messages, and required to enter "agree/disagree" _in
addition_ to providing better UX through adhoc commands?

Next up:
---
4.4.1 Reject bind attempt before agreement

If a client attempts to bind a resource before agreeing to the Terms of
Service, the server rejects the request with a <policy-violation/> type
'cancel' error including an application defined condition of
<agreement-required> in the namespace of this protocol.
---

In 4.4.1, should a mention of in-band registration be made? How is IBR
affected? Is it affected at all?

Finally:

Why does the client care about version of the documents -- is this so it
can avoid bothering the user to agree? The server is the one that remembers
whether the user agreed to TOS (it should do so, so it can be proven that
the user has indeed agreed to a revision of TOS); does the client need to
remember the last agreed version of the TOS? The server could simply send
an adhoc form that says "your acceptance is not required" if the user has
already agreed. And TOS could be fetched in a different way if the user
explicitly asks for it.

Here I'm thinking about web clients in particular, which may not have a way
to remember the last agreed version of TOS.


On Tue, May 22, 2018 at 9:14 PM Sam Whited <sam at samwhited.com> wrote:

> This link appears to be wrong.
> The correct one is: https://xmpp.org/extensions/inbox/tos.html
>
> On Tue, May 22, 2018, at 15:02, Jonas Wielicki wrote:
> > The XMPP Extensions Editor has received a proposal for a new XEP.
> >
> > Title: Terms of Services
> > Abstract:
> > This specification provides an in-band, unauthenticated way to request
> > the Terms of Service of an XMPP service.
> >
> > URL: https://xmpp.org/extensions/inbox/tos-old.html
> >
> > The Council will decide in the next two weeks whether to accept this
> > proposal as an official XEP.
> > _______________________________________________
> > Standards mailing list
> > Info: https://mail.jabber.org/mailman/listinfo/standards
> > Unsubscribe: Standards-unsubscribe at xmpp.org
> > _______________________________________________
>
>
> --
> Sam Whited
> sam at samwhited.com
> _______________________________________________
> Standards mailing list
> Info: https://mail.jabber.org/mailman/listinfo/standards
> Unsubscribe: Standards-unsubscribe at xmpp.org
> _______________________________________________
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20180523/fa9da9f1/attachment.html>


More information about the Standards mailing list