1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-12-21 23:28:51 -05:00

Modified to include feedback received during the previous last call. Added sections for privacy lists and incoming subscriptions, and text on XInclude security.

git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@3540 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
Unknown User 2009-10-14 19:10:31 +00:00
parent 82b1633806
commit 9a71c4f1a0

View File

@ -222,11 +222,65 @@
</server-data> ]]>
</example>
</section2>
<section2 topic='Privacy Lists' anchor='privacy-lists'>
<p>Privacy lists, as specified in &xep0016;, are represented in this format by including a &lt;query/&gt; element qualified by the 'jabber:iq:privacy' namespace as a child of the &lt;user/&gt; element. This element should contain all privacy lists associated with the user. A default privacy list, if set, is specified by including a &lt;default/&gt; element as a child of the &lt;query/&gt; element.</p>
<example caption='Privacy lists'><![CDATA[
<?xml version='1.0' encoding='UTF-8'?>
<server-data xmlns='http://www.xmpp.org/extensions/xep-0227.html#ns'>
<host jid='capulet.com'>
<user name='juliet' password='s3crEt'>
<query xmlns='jabber:iq:privacy'>
<default name='public'/>
<list name='public'>
<item type='jid'
value='tybalt@example.com'
action='deny'
order='1'/>
<item action='allow' order='2'/>
</list>
<list name='private'>
<item type='subscription'
value='both'
action='allow'
order='10'/>
<item action='deny' order='15'/>
</list>
</query>
</user>
</host>
</server-data> ]]>
</example>
</section2>
<section2 topic='Incoming Subscription Requests' anchor='incoming-subscription-requests'>
<p>Each &lt;user/&gt; element SHOULD contain pending incoming subscription requests associated with the user's account. Incoming subscription requests are represented by including &lt;presence/&gt; elements qualified by the 'jabber:client' namespace with the 'type' attribute set to a value of 'subscribe' as children of the &lt;user/&gt; element.</p>
<example caption='Incoming subscription requests'><![CDATA[
<?xml version='1.0' encoding='UTF-8'?>
<server-data xmlns='http://www.xmpp.org/extensions/xep-0227.html#ns'>
<host jid='capulet.com'>
<user name='juliet' password='s3crEt'>
<presence xmlns='jabber:client'
type='subscribe'
id='xk3h1v69'
from='romeo@montague.net'>
<nick xmlns="http://jabber.org/protocol/nick">Romeo</nick>
</presence>
<presence xmlns='jabber:client'
type='subscribe'
from='mercutio@montague.net'/>
</user>
</host>
</server-data> ]]>
</example>
</section2>
</section1>
<section1 topic='Use of XInclude' anchor='xinclude'>
<p>At any point in the file, an exporting server may put an XInclude &lt;include/&gt; element, to split the data into several files. An importing server MUST support &lt;include/&gt; elements having an 'href' attribute containing a relative URI, having no 'parse' attribute, and having no 'xpointer' attribute; it MAY support other kinds of &lt;include/&gt; elements.</p>
<p>An exporting server may split the data in several files by using the XInclude &lt;include/&gt; element. An importing server MUST support &lt;include/&gt; elements having an 'href' attribute containing a relative URI, having no 'parse' attribute, and having no 'xpointer' attribute; it MAY support other kinds of &lt;include/&gt; elements. An exporting server SHOULD NOT include and an importing server SHOULD NOT process &lt;include/&gt; elements which are decendents, but not children of the &lt;user/&gt; element (since these may be part of user data).</p>
<section2 topic='File and Directory Layout' anchor='xinclude-layout'>
<p>If an exporting server chooses to split the data into several files, it SHOULD use the following scheme:</p>
@ -296,7 +350,8 @@
</section1>
<section1 topic='Security Considerations' anchor='security'>
<p>Exported data files are to be handled with care, since they contain data that users expect to be protected, in particular passwords. An exporting server SHOULD make sure that the generated file is not accessible to unauthorized persons, e.g. by enforcing strict file permissions.</p>
<p>Exported data files are to be handled with care, since they contain data that users expect to be protected, in particular passwords. An exporting server SHOULD make sure that the generated file is not accessible to unauthorized persons, e.g. by enforcing strict file permissions.</p>
<p>XInclude &lt;include/&gt; elements which are indirect descendents of the &lt;user/&gt; element SHOULD be treated as opaque user data, and SHOULD NOT be processed.</p>
</section1>
<section1 topic='IANA Considerations' anchor='iana'>