[Psi-devel] Re: Re: Re: Re: Re: Nick name

[Daniel Díaz]

Hello.


On Tue, 2004-08-17 at 10:51, Trejkaz Xaoza wrote:
> On Wed, 18 Aug 2004 01:46, Remko Troncon wrote:
> > > How does the Jabber server trust the transport?  What if the two
> > > aren't on the same computer?  This is what I'm talking about.  If a
> > > remote transport can auto-authorise contacts, why can't a remote
> > > server?
> >
> > How does a Jabber server trust a transport now ?
> 
> It doesn't.  So we seem to be in agreeance.  You can't trust a transport, 
> therefore the transport has to have its "virtual" users request presence in 
> the same way as every other entity on the network.  To do otherwise would 
> mean that any entity could subscribe itself to your presence without 
> authorisation.
> 
> > him.  Having to re-authorize them seems absurd. So, the server/transport
> > should make it look as if there was no authorization required at all;
> > how things happen internally, i do not care.
> 
> But I'm not re-authorising them.  I'm authorising them _once_, when I add 
> them.  Is that absurd?  Why do we need to cater for the case where the user 
> moves servers frequently enough to see this problem?  When they move to a new 
> server, the transport should do nothing more than send them a jabber:x:roster 
> packet, to make the authorisation go ahead faster.  It shouldn't be trying to 
> invoke demons in order to make the authorisation go away.
> 
> TX


Wow, I am so an end user here: I still don't see why Psi doesn't
autoauthorize my contacts.

How about a checkbox for the reckless of us?

Greetings.

Daniel Díaz
yosoy at danieldiaz.org