Hi! During the work on my GSoC project I stumbled across an issue with PubSub and Service Discovery.
My server announces support for the PubSub access model 'open'. Configuring a PubSub node with this access model, I expect users who are not in my contact list to be able to fetch the contents of the node without presence subscription. However, prior to fetching a PubSub node, Smack will do a disco query on the node in order to get some information about it like whether it is a LeafNode or a CollectionNode etc. My server will respond to those queries with an error, stating that subscription is required. |16:08:18 SENT (0): <iq to='[email protected]' id='VEKYj-203' type='get'><query xmlns='http://jabber.org/protocol/disco#info' node='urn:xmpp:openpgp:0:public-keys'></query></iq> 16:08:18 RECV (0): <iq xml:lang='en' to='[email protected]/one-txydb' from='[email protected]' type='error' id='VEKYj-203'><query node='urn:xmpp:openpgp:0:public-keys' xmlns='http://jabber.org/protocol/disco#info'/><error code='407' type='auth'><subscription-required xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/><text xml:lang='en' xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>Not subscribed</text></error></iq> ||| Talking to the server developers I was told that the error is returned in order to prevent jid harvesting. That is determining whether the account exists or not. However, I would argue that even if the server keeps returning the error, jid harvesting would still be possible by fetching the pubsub node directly without first doing the disco query. My question now is: What is the expected behaviour of the server in this case? There should be one specified 'correct' behaviour, right? XEP-0060 §3 states, that implementations are required to respond to a disco#info, while RFC-6120 §13.11 says that a server "might not return any error at all in response to certain kinds of received stanzas, so that a non-existent user appears to behave like a user that has no interest in conversing with the sender". In my case I will probably just use a small hack to directly query the pubsub node without sending a disco#info as a workaround/fallback. Happy Hacking Paul _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
