From 8656899927b77aea2704ad3c5e0dbd5553014fa8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Holger=20Wei=C3=9F?= <holger@zedat.fu-berlin.de>
Date: Fri, 7 Jul 2017 13:35:30 +0200
Subject: [PATCH] XEP-0357: Use server JID as 'from' address

---
 xep-0357.xml | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/xep-0357.xml b/xep-0357.xml
index 2303f15e..8771a834 100644
--- a/xep-0357.xml
+++ b/xep-0357.xml
@@ -29,6 +29,12 @@
             <email>lancestout@gmail.com</email>
             <jid>lance@lance.im</jid>
         </author>
+        <revision>
+            <version>0.3</version>
+            <date>2017-07-07</date>
+            <initials>hw</initials>
+            <remark><p>Use server JID as 'from' address for notifications.</p></remark>
+        </revision>
         <revision>
             <version>0.2.1</version>
             <date>2016-02-16</date>
@@ -189,8 +195,8 @@
         </section2>
         <section2 topic='Business Rules'>
             <p>Each PubSub node is a delivery target for the Push Service, which could represent multiple devices for a single user.</p>
-            <p>In order to prevent information leaks, each node SHOULD be configured with a 'whitelist' access model so that only trusted entities are able to view or subscribe to published notifications. Furthermore, the 'publish-only' affiliation SHOULD be used to allow acceptable entities (such as the user's bare JID) to publish to the node to trigger notifications.</p>
-            <p>Care SHOULD  be taken to ensure that publish requests are coming from the user's server and not from other third-party client applications using the full JID of a user. A Push Service MAY opt to only accept or further process publish requests from bare JIDs to ensure that only a user's server is able to publish, but it SHOULD instead use publish options with credentials shared only with the user's server (see <link url='#publish-options'>Enabling Notifications</link>).</p>
+            <p>In order to prevent information leaks, each node SHOULD be configured with a 'whitelist' access model so that only trusted entities are able to view or subscribe to published notifications. Furthermore, the 'publish-only' affiliation SHOULD be used to allow acceptable entities (such as the server JID and the user's bare JID) to publish to the node to trigger notifications.</p>
+            <p>Care SHOULD  be taken to ensure that publish requests are coming from the user's server and not from other third-party client applications using the full JID of a user. A Push Service MAY opt to only accept or further process publish requests from server JIDs and bare user JIDs to ensure that only a user's server is able to publish, but it SHOULD instead use publish options with credentials shared only with the user's server (see <link url='#publish-options'>Enabling Notifications</link>).</p>
         </section2>
     </section1>
 
@@ -324,7 +330,7 @@
         <p>Other elements MAY be included if relevant for the notification.</p>
         <example caption='Server publishes a push notification'><![CDATA[
 <iq type='set'
-    from='user@example.com'
+    from='example.com'
     to='push-5.client.example'
     id='n12'>
   <pubsub xmlns='http://jabber.org/protocol/pubsub'>
@@ -349,7 +355,7 @@
 
         <example caption='Server publishes a push notification with provided publish options'><![CDATA[
 <iq type='set'
-    from='user@example.com'
+    from='example.com'
     to='push-5.client.example'
     id='n12'>
   <pubsub xmlns='http://jabber.org/protocol/pubsub'>