Cheers, 2009/9/11 Jack Moffitt <[email protected]>: > In general, the proposed changes in v1.2 at > http://xmpp.org/extensions/tmp/xep-0175-1.2.html > > are sound ones. I do however have some minor points to raise. > > 1) The current wording states that anonymous users SHOULD NOT be able > to establish long term relationships. I believe this is too strong. > I think that it will be quite common to use SASL ANONYMOUS clients to > do things like pubsub scriptions and creating muc rooms. My team and > I have done this in nearly every app we've written. I do however > agree that it makes sense to tear these down once the session is over. > > I propose the following wording instead: > > Anonymous users MAY establish relationships with services and users if > allowed by sever policy such as presence subscriptions, multi-user > chat rooms, and pubsub subscriptions. If a server permits these > relationships, it MUST cancel such relationships when the user's > session ends.
I agree. I also often allow SASL ANONYMOUS clients to have time based PubSub subscriptions (or even presence based on my tests). Same for muc rooms based stuff. When user's session ends the cleaning must be done accordingly of course. Good weekend for all, -- tuomas 2009/9/11 Jack Moffitt <[email protected]>: > I might add another sentence as well: > > It is not recommended that SASL ANONYMOUS users add human contacts to > their rosters, as this may create odd user experiences. > > 2) The next line states that users SHOULD NOT store things on the > server, and that if so the server MUST delete them. This is also > overly restrictive. I can see several use cases where one would want > to temporarily store something on the server and retrieve it in > another session, similar to an HTTP cookie. I think that it should be > the server operators perogative to allow or disallow storage and to > determine when that storage is undone. > > Perhaps changing the MUST to MAY is enough. > > > I do think that Peter's previous feedback of there being two different > scenarios is spot on. Some of us see this as "what should SASL > ANONYMOUS users be able to do on jabber.org" and some of us are not > running IM servers, but using SASL ANONYMOUS as a tool in a bigger > application. > > I think the above wording proposals are good enough for both cases, > but if people feel strongly otherwise, I think we may have to split > this into two sections of recommendations for the different use cases. > > jack.
