> > Except that how do you know someone is not trying to poison your
> > roster?
> > We talk about this in both RFC 3921 and rfc3921bis. For example you
> > can
>
> Well, the remote transport gw.remote.dom will send roster pushes to
> [EMAIL PROTECTED] So my server gets those.
>
> It would then check my roster to see if I have an item for
> gw.remote.dom. If yes, then it would rewrite the roster push from as
> local.dom.
I'm doing something like:
<iq from='[EMAIL PROTECTED]' id='rost01' type='get'>
<query xmlns='jabber:iq:roster'/>
</iq>
<iq from='server' id='rost01' type='result'>
<query xmlns='jabber:iq:roster'>
...as usual...
</query>
</iq>
<iq from='server' to='transport' type='get' id='deleg01'>
<query xmlns='roster-delegation'>
<owner jid='[EMAIL PROTECTED]'/>
</query>
</iq>
...transport logs to legacy service...
<iq from='transport' to='server' type='result' id='deleg01'>
<query xmlns='roster-delegation'>
<owner jid='[EMAIL PROTECTED]'/>
<query xmlns='jabber:iq:roster'>
<item jid='[EMAIL PROTECTED]'/>
<item jid='[EMAIL PROTECTED]'/>
</query>
</query>
</iq>
<iq from='server' to='[EMAIL PROTECTED]' type='set' id='push01'>
<query xmlns='jabber:iq:roster'>
<item jid='[EMAIL PROTECTED]'/>
</query>
</iq>
<iq from='[EMAIL PROTECTED]' to='server' type='result' id='push01'/>
<iq from='server' to='[EMAIL PROTECTED]' type='set' id='push02'>
<query xmlns='jabber:iq:roster'>
<item jid='[EMAIL PROTECTED]'/>
</query>
</iq>
<iq from='[EMAIL PROTECTED]' to='server' type='result' id='push02'/>
Wrapping the roster from the transport rather than overloading its
usual function looked attractive, but maybe there are gotchas with one
<query> inside another (even if namespaced).
Massimiliano
--
Massimiliano Mirra
http://sameplace.cc
http://hyperstruct.net
