I have just skimmed through the XEP. I won't give any technical consideration right now because I have not read this with enough attention (it's late where I am! And probably I am not the most specialist of such things). Anyway if my opinion has any value: this is a nice idea!
For me the only point really important will be anyway the security, because XMPP can probably be very secure, and I will already trust far more the Jabber network than any of the other IM networks which are for most of them not at all secure (and even more than Skype which is the one said very secure). But the current implementation and uses of XMPP are still not sufficient for me for such sensible uses. Anyway you are apparently studying the security consideration very fairly in your XEP already. I would add also one security layer yet: some commands should be makable only locally (for instance on the machine itself). For instance, imagine you can control the heater, the aeration system or anything like this. You should set some limits locally that even the "owner" of the devices cannot change through one's account (but one can do it locally if one has physical access to the device for instance, or other access very secure). Or maybe this owner's account could run any command, but for critical one, they would be a second layer of security (like another password to give every time you make such a command, etc.). I am considering the fact that often the main security breach is the human being. So what if someone can use your account: if you set a poorly secure password like most people; or if your Jabber client connects automatically on your main computer and gave access to this to someone; or simply when you leave your desktop 5 minutes without unconnecting from Jabber (forgetting this account is so sensible), etc. Many security attacks rely on the human flaws (unless you are paranoid). But given all this to be considered deeply, this can be funny, though not very good for our poor earth with all machines in our houses always on... :-/ And now all we are missing is our machines being able to "speak" XMPP and connect to the network. So now, if you'll excuse me, I have to "tell" my coffee machine to prepare some (coffee) for me, I see it is on my roster (pfff, again chatting with the washing machine I guess! They are all the same lazy machines, and after they don't do good work!). :p Jehan -- Jehan ------------------------------------------------------------------------ Jehan's Profile: http://www.jabberforum.org/member.php?userid=16911 View this thread: http://www.jabberforum.org/showthread.php?t=108
