0.2

git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@3227 4b5297f7-1745-476d-ba37-a9c6900126ab

xep-0268.xml

@@ -46,6 +46,12 @@
     <email>mwild1@gmail.com</email>
     <jid>mwild1@jaim.at</jid>
   </author>
+  <revision>
+    <version>0.2</version>
+    <date>2009-06-05</date>
+    <initials>mw/psa</initials>
+    <remark><p>Added more detailed information about the solution element; removed the suggestion element since the solution element can be used by both reporting entities and receiving entities; added notes about processing of incident reports by receiving entities.</p></remark>
+  </revision>
   <revision>
     <version>0.1</version>
     <date>2009-04-30</date>
@@ -101,9 +107,6 @@
       </rels>
       <severity>2</severity>
       <source>
-        <ips>
-          <ip>192.0.2.1</ip>
-        </ips>
         <jids>
           <jid>abuser@abuse.lit</jid>
           <jid>loser@abuse.lit</jid>
@@ -161,7 +164,7 @@
 </section1>
 
 <section1 topic='Incident Solutions' anchor='solutions'>
-  <p>If the reporting entity determines a solution to the problem, it MAY send out a revised incident report containing a &lt;solution/&gt; element.</p>
+  <p>If the reporting entity determines a solution to the problem or a receiving entity has a suggested solution to the problem, it SHOULD send out a revised incident report containing a &lt;solution/&gt; element (or the reporting entity can include a solution in its initial report). The solution element can include any of the elements defined for the &lt;description/&gt; element, such as the &lt;ip/&gt; element (since the XMPP server of a source JID might know the IP address of the connected entity).</p>
   <example caption="An incident solution"><![CDATA[
 <message from='jabber.org' to='im.flosoft.biz'>
   <incident xmlns='urn:xmpp:incident:0'
@@ -170,7 +173,12 @@
       ...
     </description>
     <solution>
-      <text xml:lang='en'>banned the offenders</text>
+      <source>
+        <ips>
+          <ip>192.0.2.1</ip>
+        </ips>
+      </source>
+      <text xml:lang='en'>iptables -A INPUT -s 192.0.2.1 -j DROP</text>
     </solution>
   </incident>
 </message>
@@ -178,19 +186,10 @@
   <p>Further definition of the &lt;solution/&gt; element will be provided in a future version of this specification.</p>
 </section1>
 
-<section1 topic='Incident Suggestions' anchor='suggestions'>
-  <p>If an entity that receives an incident report has a suggested solution to the problem, it MAY send an incident message containing a &lt;suggestion/&gt; element.</p>
-  <example caption="An incident solution"><![CDATA[
-<message from='im.flosoft.biz' to='jabber.org'>
-  <incident xmlns='urn:xmpp:incident:0'
-            id='BA51A035-7710-4558-9BBF-34838A4C5B24'>
-    <suggestion>
-      <text xml:lang='en'>here is how we solved the problem...</text>
-    </suggestion>
-  </incident>
-</message>
-  ]]></example>
-  <p>Further definition of the &lt;suggestion/&gt; element will be provided in a future version of this specification.</p>
+<section1 topic='Processing of Incident Reports' anchor='processing'>
+  <p>Unless explicitly configured to do so, a receiving server SHOULD NOT automatically modify its configuration based on receipt of an incident report, even from a trusted server, but instead SHOULD prompt the human administrator(s) so that they can take appropriate action.</p>
+  <p>A receiving server MAY accept incident reports from peers that are not on its "trust list", but SHOULD treat such reports with caution and provide them to the human administrator(s) of the server.</p>
+  <p>A receiving server MAY forward reports that it receives to other servers it trusts
 </section1>
 
 <section1 topic='Security Considerations' anchor='security'>