On 20/02/2023 11.05, JC Brand wrote:
On 20.02.23 10:32, Florian Schmaus wrote:
On 13/02/2023 16.57, Daniel Gultsch wrote:
I’m currently looking at implementing 'Message Retraction' and I think
it should get rid of Fastening.
I mentioned it during Summit and while it wasn’t discussed much
further my comment also didn’t get much protest: I think Fastening is
dead.
A general purpose approach doesn’t seem to work for MAM.
Luckily I think removing it from Retraction is fairly simple.
We can just stick the ID into the retract element and send something
<retract xmlns='urn:xmpp:message-retract:1' id="origin-id-1"/>
Since origin-id is spoofable, one should not use it when referencing
other stanzas. Instead always use the 'id' *and* 'by' value of
xep359's <stanza-id> element.
So the example above should become something like
<retract xmlns='urn:xmpp:message-retract:1'>
<referenced-stanza id='xep359-stanza-id' by='muc.example.org'/>
</retract>
While one could argue that the 'by' attribute could potentially be
omitted and made implicit, e.g., it has the value of the MUC service
that hosts the MUC in which a message got retracted, I believe this
could lead far too easily to insecure implementations that only
compare the id value, making the technically unspoofable xep359
stanza-id spoofable again [1]. Therefore I would strongly consider
making it mandatory and explicit.
Fair enough. I searched in the XEPs repo to see if some other XEP uses
<referenced-stanza> and no-one does, even though there are other XEPs
that do similar things, like XEP-0444 reactions
That is probably because I just made that example up. But I am a long
time advocate that referencing other stanzas must always use the 'id'
*and* 'by' tuple.
That recent discussion motivated me to prepare
https://github.com/xsf/xeps/pull/1272
- Flow
_______________________________________________
Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: standards-unsubscr...@xmpp.org
_______________________________________________
