"Jean Louis Seguineau" <[EMAIL PROTECTED]> wrote:
>
[snip]
> What I meant was to use
> something like:
>
> <iq type="set" id="2">
> <query xmlns="jabber:iq:privacy">
> <item jid="[EMAIL PROTECTED]" type="deny"/>
> <item jid="[EMAIL PROTECTED]" type="deny">
> <message/>
> <iq/>
> </item>
> <item jid="[EMAIL PROTECTED]" type="allow">
> <presence/>
> </item>
> </query>
> </iq>
[snip]
Forgive me if my comments are nonsense. I'm relatively new at Jabber
and XML.
It seems to me the above doesn't work. How would a combined deny/allow
list work in practice? Specifically: what should the server do in the
presence of both, but the absence of a particular JID on either list?
Allow? Deny? And in the above scenario, what should the server do?
First JID match wins or last JID match over-rides?
Here are my thoughts, such as they are and keeping the caveat I
mentioned above in mind.
First of all: I believe "whitelisting" support needs to happen at the
start. Particularly if the goal is to provide support similar to that
of AIM. What I'm mainly working on is Jabber support in Gaim, so both
"blacklisting" and "whitelisting" capability would make things
considerably easier for consistency's sake.
I'm wondering if something more like this wouldn't work better
(warning: possibly completely brain-dead XML follows):
<iq type="result" id="1">
<query xmlns="jabber:iq:privacy" type="deny">
<item jid="[EMAIL PROTECTED]"/>
<item jid="[EMAIL PROTECTED]">
<message/>
</item>
</query>
</iq>
Which would provide for:
<iq type="result" id="1">
<query xmlns="jabber:iq:privacy" type="permit">
<item jid="[EMAIL PROTECTED]"/>
<item jid="[EMAIL PROTECTED]"/>
</query>
</iq>
Then an empty "deny" list would be "permit everybody" and an empty
"permit" list would be a "deny everybody".
Admittedly: I'm not sure how this would work in conjunction with
"Client Requests to Filter a Specific IQ Namespace" (in the proposal).
I'm wondering what the thoughts are wrt interaction between "privacy,"
subscription requests, presence and the new "invisible" stuff in 1.4.2?
Would privacy "trump" these? In other words: if a JID was denied (or
not allowed--same thing): would/should the server automatically not
propagate subscription requests from the denied JID to the client?
And/or should it not propagate presence info back to the denied JID?
Regards,
Jim
--
Jim Seymour | PGP Public Key available at:
[EMAIL PROTECTED] | http://www.uk.pgp.net/pgpnet/pks-commands.html
http://jimsun.LinxNet.com |
_______________________________________________
jdev mailing list
[EMAIL PROTECTED]
http://mailman.jabber.org/listinfo/jdev
