-
Wojtek
hi, I have a question about forwarding IQ in semi-anonymous rooms. As per https://xmpp.org/extensions/xep-0045.html#bizrules-iq "If an occupant wants to send an IQ stanza to another user in a semi-anonymous room, the sender can direct the stanza to the recipient's occupant JID and the service SHOULD forward the stanza to the recipient's real JID. However, the MUC service MUST NOT reveal the sender's real JID to the recipient at any time, nor reveal the recipient's real JID to the sender." such IQ should be forwarded to FullJID or BareJID? (DMs for example stipulate FullJID)
-
jonas’
hahahaha
-
jonas’
it depends™
-
jonas’
and it’s written down nowhere what the right thing is
-
Wojtek
I know ]:->
-
jonas’
Wojtek, for example, you’d want to route PEP and vCard requests (if you let them pass through) to the bare JID, but disco#info and ping should go to the full JID.
-
jonas’
of course, the fun really starts when there’s more than one full JID behind the same nickname
-
Wojtek
yup, and I was driving at that because we forward everything to FullJID, which obviously breaks vCard...
-
Wojtek
and a followup question - should server handle vcard requests send only to BareJID or also to FullJID? 0045/00153 mentions "send to BareJID" but there is no MUST nor mention that sending to FullJID is invalid
-
MattJ
Wojtek, we forward everything to the full JID unless it looks like a protocol we understand to require the bare JID
-
MattJ
It should only handle vCard requests to the bare JID
-
jonas’
Wojtek, I’m pretty sure that a server handling IQ requests to the full JID would violate RFC 6120
-
MattJ
Sending to the full JID is not invalid, but per the RFC that stanza must be routed to the client
-
pep.
and forwarding jids also has implications re privacy✎ -
pep.
and forwarding IQs also has implications re privacy ✏
-
MattJ
ejabberd also got this the wrong way around in some ancient versions
-
pep.
As a server dev I'm not sure I'd want to forward any IQs tbh, in semi-anon rooms
-
MattJ
It's up to clients if they choose to respond
-
MattJ
(and how)
-
jonas’
also you need to somehow keep routing info in the stanza so that you know where to route the response to. do server’s do that (in the @id?), or is that based on luck?
-
MattJ
id
-
pep.
is it really up to me the client if you query pep?
-
Wojtek
@MattJ "unless it looks like a protocol we understand to require the bare JID" that does feel kinda inflexible
-
pep.
someday I'll write that script to deanonymize contacts :p
-
jonas’
if you want the correct flexible solution, invest in MIX ;)
-
pep.
does mix fix this in any way?
-
jonas’
pep., it’s supposed to by making resources addressable, removing the ambiguity
-
Zash
It fixes it by not fixing it?
-
pep.
"realjids everywhere anyway"?
-
Zash
↑
-
jonas’
pep., oh, I wasn’t talking about the privacy thing
-
pep.
jonas’: ah
-
jonas’
I was talking about the flexibility thing
-
MattJ
Wojtek, I totally agree, but it has worked this way for 20 years, and here we are :)
-
jonas’
pep., build that script and donate it to sjn so that we finally get accurate user counts ;)
-
MattJ
The amount of flexibility that has been required is quite low
-
pep.
jonas’: haha, and you deal with privacy laws? :p
-
Zash
Didn't ejabberd "solve" that by handling vcard requests sent to full JIDs?
-
MattJ
Zash, yes, in the olden days
-
jonas’
pep., something about infomration manifestly made public and me not storing it, just counting
-
Zash
And Prosody currently redirects vcard, vcard4 and PEP requests to the bare JID
-
Wojtek
@jonas’ MIX - it's basically ready, with MIX-MUC ;-)