On 2017/10/16, Maxime Buquet wrote: > I am going to repeat what I said on xsf@ a bit. > > On 2017/10/16, Florian Schmaus wrote: > > So the case for BMH are things like > > - Bots sending potential large status information, where there's a > > desire to bring some structure into that information by using a markup > > language > > This can be achieved with XHTML-IM already. > > > - Bridges sending textual content which is already formatted using a > > certain markup language to an XMPP client (guess who is currently > > writing on a discourse to XMPP bridge *cough* *cough*) > > This can also be achieved with XHTML-IM. The bridge developer would know > what markup is being used on the other side, and could translate it > directly for each client, thus sparing clients from each having > flawed/vulnerable implementations. > > > It was pointed out that this could also be achieved with XHTML-IM, which > > is, of course, true. > > But not every client implements XHTML-IM. > > Not every client implements $MARKUP. > > > And there are the security implications of XHTML-IM. > > This is being discussed on another thread, though, how does that compare > to vulnerable markdown implementations?
Just to clarify a bit, I can see a point for the XEP, that could indeed help clients identify $markup. Be it markups that are randomly being implemented by other clients lately, or anything that comes from different sources and where the user doesn't convert it for $reasons to its client's markup of choice, (though clients allowing this would have to allow the user to specify what they're using, and not defaulting to one.) I fear though that most would take the easy road and have this become a replacement of XHTML-IM, even if you say these are not the motivations behind. -- Maxime “pep” Buquet
signature.asc
Description: PGP signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
