[JDEV] Exchanging roasters between Jabber Servers

Fri Sep 8 22:09:18 CDT 2000

On Fri, 8 Sep 2000, Sellaro wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hi ther folks
> 
> I'm quite excited with new horizonts Jabber has brought. One of the best
> jabber feature is its distributed nature. Another one is server-side
> roaster storage.
> 
> About the later, I was thinking about if already there is a form of
> server-to-server communication for exchanging rostter of a user.
> 
> Suppose I am using jabber.org server while I set up my own jabber
> server. I build up my roster, get subscription permit from lots of
> people. OK, my roster is OK at jabber.org. But when my jabber server is up
> and running, will I have to rebuild my roster? 
> 
> That would be a very nice research and implementation matter ;)

This has come up several times, but there are also several issues with
implementing something like this:

- Security permissions. While at first glance this may seem like an
innocent feature, the fact is your users have
approved you at jabberserver to be on their roster. you at otherjabberserver.com
is a completely different person, and the permissions (i.e subscriptions)
cannot simply be transferred over. Imagine someone spoofing your account
to be able to see someone else's online status or get around their message
filter ("no messages from people not on my roster").

Also, since you are on their roster as well as you at jabberserver, there
would be a translation to the new address (not a forwarding, more like a
supplemental phonebook). This *cannot* be automatic, or you will have a
security nightmare. Imagine someone hacking your machine and, to have a
bit of fun, upgrading all the contacts on everyone's list to point to a
new, fake server. Or even blank space.

- Transport users (i.e. ICQ or AIM users on your roster) will usually have
JIDs of the type usernumber at icq.jabber.org or aollogin at aim.jabber.com.
These are *not* real users, and the way that it maps a message from
you at jabberserver to a AIM or ICQ account is via the transport, which has a
virtual user in your roster which receives your presence and maps
accordingly to the other server's space.

Move these to another server and they won't work.  You will need some way
of mapping these into users on the local server. One way that I have
thought of doing this was a TID, or transport user identifier. For
instance, via a special query to the transport machine, you can ask for a
translation from a JID (UIN at icq.jabber.org) to a transport ID
(icq-transport:UIN). This would be done for transferring rosters and also
for things like invitations, which have this same problem with virtualized
users not being the same across servers. One important thing to note is
that this would not be icq:UIN, as we are not Mirabilis/AOL, and can't
quite standardize a URI without them ;-)

Besides these two issues, it is definately possible and an extremely
desirable feature. There is a definate need for someone to step in and
develop a spec (and even better, an implementation) to solve these
problems.

-David Waite

 > 
> - --
> Sellaro
> 
> Network Administrator
> Federal University of Ceará (UFC)
> Computer Science Dept.
> Laboratório do Mestrado em Ciência da Computação (MCC)
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.1 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
> 
> iD8DBQE5uUKKVStqf8DLnN0RAoGhAKCykwYkbY782HWQI4EmKV6BG2BO7gCfd4Sf
> Fd5TQqIaQkMzDQgnzozpHK8=
> =Dx2P
> -----END PGP SIGNATURE-----
> 
> 
> 
> _______________________________________________
> jdev mailing list
> jdev at jabber.org
> http://mailman.jabber.org/listinfo/jdev
> 