[jdev] Admin Address Server requirements

Thu May 4 15:46:06 CDT 2006

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Chris Mullins wrote:
> Trejkaz Wrote:
> 
>>> In general, does this feature really belong 
>>> on a server feature page?
> 
>> Yes.  It is a feature, after all.
> 
> As features go though, it's pretty weak - there are a number of problems
> with it. 
> 
> The main use case which it seems to be addressing is, "a user wants to
> send an IM to the server admin", which is great - but this isn't a
> strong way to do that. None of the users I know, including myself, would
> send a message to "jabber.org" in an attempt to get to Peter.
> 
> Now a good case for "Get a list of server administrators via Disco"
> could be made, especially if it was built into the clients, thereby
> allowing users to actually use it. As it sits now, it's just not too
> effective a server feature.

What if the admins don't want to expose their real addresses? You don't
need to know my email address in order to contact postmaster at jabber.org
or whatever, why should you need my JID in order to contact the admin of
the jabber.org XMPP server?

I agree that you could discover an admin by sending a query to
example.com and asking "hey, is admin_dude at example.com one of your
admins?" In fact this could be done right now using a disco#info request
sent to the bare JID of the relevant admin (though I doubt that any
servers implement such functionality yet):

<iq type='get' from='luser at example.org' to='admin_dude at example.com'>
  <query xmlns='http://jabber.org/protocol/disco#info'/>
</iq>

<iq type='result' from='admin_dude at example.com' to='luser at example.org'>
  <query xmlns='http://jabber.org/protocol/disco#info'>
    <identity category='account' type='admin'/>
  </query>
</iq>

But that's a different use case from trying to contact any random admin.
(And for security reasons it may not be a good idea to allow entities to
request the full list of admins.)

Another use case is checking ownership of a server, for example during
certificate generation. Currently CAcert and probably other certificate
authorities will send an email to root at example.com or some other
canonical address in order to determine that an individual really does
have control over a domain. We can do the same thing for XMPP servers if
we have a canonical JID for contacting the admins. It just so happens
that in the Jabber world that canonical address was inherited from the
jabberd 1.x server series, and it is the domain of the XMPP server
rather than something like admin at example.com.

> I'm going to implement this as it's described (one more item on that
> list to check off, and it's only going to take an hour or two), but I'm
> not comfortably enough with it to leave it enabled by default on
> installation - or even to query during the install process to see if it
> should be enabled. 

Sure, it's up to a deployment if it wants to enable that feature.

> There are a number of other more advanced features implied here as well
> - what if the server has Chinese Walls implemented (as a number of
> commercial servers do), and the user is on one side of the wall and the
> admins are on the other. Should the message be delivered? How is it
> logged for auditing? 

Those are implementation issues IMHO, but if you have thoughts on what
the JEP should recommend, feel free to send them along. :-)

Peter

- --
Peter Saint-Andre
Jabber Software Foundation
http://www.jabber.org/people/stpeter.shtml

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEWmgNNF1RSzyt3NURAoEcAJ0ct8ImWQvdmR7Ikaf/DojZydfBBQCdGwbY
c++J46L8X7bh2704t6P2eEs=
=ibsj
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://www.jabber.org/jdev/attachments/20060504/07e7b84f/attachment-0002.bin>