[Standards] LAST CALL: XEP-0402 (Bookmarks 2 (This Time it's Serious))

Philipp Hörist philipp at hoerist.com
Wed Jan 29 21:09:49 UTC 2020

> 1. Is this specification needed to fill gaps in the XMPP protocol
> stack or to clarify an existing protocol?


> 2. Does the specification solve the problem stated in the introduction
> and requirements?

It solves the problem described and introduces a new problem.
Migration to this standard is not possible without data loss.
It removed the <password> element without any explanation.
Clients who migrate to this standard have no standard way to sync passwords
across devices.
I'm not sure what the thought process was here, the password of the MUC is
known to the server anyway, it does not matter if its stored in a second
place on the same server.

3. Do you plan to implement this specification in your code? If not,
> why not?

I have implemented behind a development flag, but im not sure i want to
really migrate to this standard for reasons described above

> 4. Do you have any security concerns related to this specification?


> 5. Is the specification accurate and clearly written?


> Your feedback is appreciated!
> _______________________________________________
> Standards mailing list
> Info: https://mail.jabber.org/mailman/listinfo/standards
> Unsubscribe: Standards-unsubscribe at xmpp.org
> _______________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20200129/aafb2023/attachment.html>

More information about the Standards mailing list