Or:
- company policy forbids p2p file transfer
- server-side virus checking desired/required before download
It is difficult to define consistent requirements for consumer-oriented
services on the open internet and employee-oriented services within
enterprise deployments.
Virus scanning could be done with a slightly modified XEP-65 proxy, the
proxy could receive the entire stream before passing it on and virus
scanning it before they do, there are also virus scanners that can
detect viruses in the stream (without having to have received the whole
stream) and terminate it before it finishes if it detects one, there are
many different ways that we can slice this one.
But yes its difficult to create a one size fits all solution here, the
best option we have is to produce a selection to standards (that
hopefully don't have too much overlap and can inter operate) that
address all the requirements and developers can then pick and choose
which is best for them.
Richard
