Hi, On 18/09/2014 20:19, Lance Stout wrote:
This is a relevant proposal for some stuff I'm working on, so ^5 for writing this.
I'm glad if it seems useful :)
- It doesn't look like there is a defined way to edit or remove permissions once granted (at least for the client case). There is text saying that should be possible, using XEP-0050, which is good. However, a well-defined node where that permissions editing command lives should be provided (similar to how MAM provides the command node "urn:xmpp:mam#configure").
Ok, I'll put one in the next revision
- There is an interesting case here: Could something request permission for the 'urn:xmpp:privilege:0' namespace? That feels like a bad thing to allow. There is text suggesting that namespaces should be filterable or whitelisted, but this case warrants an explicit mention.
Good point, will fix it in the next revision
- What is the intention behind Business Rule #2? If I'm logged in with two clients which support this XEP, one of which also supports XEP-0050 and the other not, and I happen to accept the permission request with the one that does not support XEP-0050, what is supposed to happen?
In this case it's supposed to revoke the permission once you're disconnected. But this need probably a section explaining it more in details. Maybe it would be a good thing to add a field were user explicitly check "I want to keep permissions for this entity".
Thanks for your feedback.
