Peter Saint-Andre wrote:
On 12/1/09 10:09 PM, Jason Eacott wrote:
The case I would like to have used collection nodes for is to help
application federation. I could have services subscribed to collection
nodes and configure where the data is pushed from as it suits. Alas this
is not possible because pubsub collection nodes as they stand only work
on the local domain.
1. We haven't finalized the definition of collection nodes.
I understand.
2. How do you envision the management of permissions, security, and
long-term relationships / affiliations across trust domains?
not sure yet, but I have been thinking about this in a broader sense.
going a bit off topic here so feel free to ignore what follows, but I'd
really like other peoples views on this because I have found my
experience thus far quite frustrating.
It seems that XMPP right now is totally client centric, and I would
like to see this addressed. I want build services and I want to use xmpp
as my transport of choice for 3 main reasons.
1) the transport is always on, federated, and bi directional.
2) user authentication is done for me.
3) there are a plethora of already written services and functionality I
can leverage.
but wait - now I start building my service and I discover that I cannot
actually reuse most of the services I wanted access to. I'd like my
service to use private XML storage for example, to store service
specific data just as the spec states its intended, but its not possible
unless my service has the login credentials of its users - thats not a
good idea, so my only option is to create my service as an xmpp client
and distribute it. This is now starting to feel very old school, but it
seems thats how the xmpp world works.
Its possible to workaround this a little bit with pubsub, because it
defines its own authorisation model, but not enough.
I think a user should be able to visit any service with their usual,
jid, and if the service needs to access other functionality (pubsub,
private storage, whatever) on the users behalf then there should be a
mechanism for doing that. I'm not sure what that mechanism is yet, but I
have some ideas. I also think that if this problem is solved then the
auth issues with my collection nodes usecase will also be solved.
Cheers
Jason.
Peter
