Interesting issues - thanks Will reply after examining these issues a bit more - to provide more complete and concise replies. But some are new topics/issues. Thanks for hightlighting them.
Gregg ----------------------- Gregg Vanderheiden Ph.D. Director Trace R&D Center Professor Industrial & Systems Engineering and Biomedical Engineering University of Wisconsin-Madison On Mar 2, 2011, at 7:01 AM, Dave Cridland wrote: > On Wed Mar 2 12:00:42 2011, Gregg Vanderheiden wrote: >> Why real-time text is important >> Real-Time text is an important medium > > Well, that answers that question, then. :-) > > Looking at this protocol and referring back to the SIMPLE discussion that > have been on-going for around 6 years, now, I note that: > > 1) Real-time conversations are, with this design, incompatible with existing > conversations. This strikes me as ill-advised. > > 2) Assuming that compatibility isn't required, it's not clear to me why this > is preferable to RFC 4103 negotiated over Jingle. > > 3) Finally, I note that the security model of XMPP is message based. I have > no idea what interesting security issues may arise from this, but for some > examples: > > a) The current requirements on archival/retention are generally WRT legal > issues - one has to wonder whether a message could be crafted such that it > appeared to discuss one thing, but in fact that text was instantly deleted, > leaving a perfectly innocuous message in its place. Note that the > recommendation in §6 suggests that only <body/> or <html/> should be logged, > which is generally going to be considered illegal, and opens up a whole new > set of subterfuge, allowing as it does for <rtt/> to be used as a > back-channel. > > b) For TTY/T.140 etc, it seems possible to have a system emulate login > screens and other such things. I note that Dean Willis raised this one almost > three years ago. > > c) The implications on secure messaging systems, whether this involves > XEP-0258, signing, or encryption, are not discussed in this XEP. I suspect > this could be quite some discussion. > > Dave. > -- > Dave Cridland - mailto:[email protected] - xmpp:[email protected] > - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ > - http://dave.cridland.net/ > Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
