On Mar 19, 2009, at 2:28 AM, Kevin Smith wrote:
Having a read of the Security Labels XEP, it seems that it's going to have some interesting interactions with MUC upgrading from 1-1 chats. Particularly, you're going to invite someone with a different catalogue, and then upload past history to the room. Any thoughts?
There are lots of issues in dealing with history uploads.... I would be hard pressed to come up with all of them off the top of my head... but just a few:
1) permission to review a message with a particular label might not imply any right to forward that message, or to assert a different message with that label.
2) default label handling in the 1-1 case might be different from the MUC case.
3) as history is provided without encapsulation, there is ambiguity as two whom asserted the label. That is, the server has no clue as to whether the label was in the original message or added (or modified) by the owner pushing the history. (use of signatures, which usually implies some form of encapsulation, would help here, but without it...)
In our server (if we supported history upload at all), I would reject the upload if XEP 258 was enabled. Simply put, getting it right is too hard (at least in the general case).
-- Kurt
