Hi, When an entity injects stanza-ids (for example to communicate) the MAM archive id those IDs need to be verified by the receiving entity. Meaning when I receive a stanza-id and later use that id to query my MAM archive I need to make sure the id is valid and wasn't faked by the original sender of the message. The Stanza-ID XEP has a business rule explaining how stanza-ids are cleaned. However as a client I have no way of knowing whether or not the injecting entity did so. Verification can only happen via a disco feature of the injecting entity. The only question is whether this should happen with the namespace of the XEP that uses stanza-ids (MAM in that case) or with the original stanza-id namespace. My argument is to use the stanza-id namespace because using MAM would require a namespace bump in MAM and namespace bumps are always tricky.
Also in the interest of moving forward quickly I could for example make the prosody MAM module (which is stuck on mam:0) use stanza ids without upgrading the module to a possible mam:2) I created a PR for the stanza-id XEP. https://github.com/xsf/xeps/pull/270 Author kinda seems to be on board but we wanted to run this by the list very quickly for some additional feedback. The need to verify seems out of the question by now (If anything I didn't describe the situation well enough) so the only real question is whether we verify by checking the mam namespace or the stanza-id namespace. cheers Daniel _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
