In general, the proposed changes in v1.2 at http://xmpp.org/extensions/tmp/xep-0175-1.2.html
are sound ones. I do however have some minor points to raise. 1) The current wording states that anonymous users SHOULD NOT be able to establish long term relationships. I believe this is too strong. I think that it will be quite common to use SASL ANONYMOUS clients to do things like pubsub scriptions and creating muc rooms. My team and I have done this in nearly every app we've written. I do however agree that it makes sense to tear these down once the session is over. I propose the following wording instead: Anonymous users MAY establish relationships with services and users if allowed by sever policy such as presence subscriptions, multi-user chat rooms, and pubsub subscriptions. If a server permits these relationships, it MUST cancel such relationships when the user's session ends. I might add another sentence as well: It is not recommended that SASL ANONYMOUS users add human contacts to their rosters, as this may create odd user experiences. 2) The next line states that users SHOULD NOT store things on the server, and that if so the server MUST delete them. This is also overly restrictive. I can see several use cases where one would want to temporarily store something on the server and retrieve it in another session, similar to an HTTP cookie. I think that it should be the server operators perogative to allow or disallow storage and to determine when that storage is undone. Perhaps changing the MUST to MAY is enough. I do think that Peter's previous feedback of there being two different scenarios is spot on. Some of us see this as "what should SASL ANONYMOUS users be able to do on jabber.org" and some of us are not running IM servers, but using SASL ANONYMOUS as a tool in a bigger application. I think the above wording proposals are good enough for both cases, but if people feel strongly otherwise, I think we may have to split this into two sections of recommendations for the different use cases. jack.
