RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Held for Document Update (2)

RFC 6121, "Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence", March 2011

Source of RFC: xmpp (rai)

Errata ID: 5058
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT

Reported By: Florian Schmaus
Date Reported: 2017-07-02
Held for Document Update by: Ben Campbell
Date Held: 2017-07-10

Section 2.1.6 says:

   2.  A receiving client MUST ignore the stanza unless it has no 'from'
       attribute (i.e., implicitly from the bare JID of the user's
       account) or it has a 'from' attribute whose value matches the
       user's bare JID <user@domainpart>.

It should say:

   2.  A receiving client MUST ignore the stanza unless it has no 'from'
       attribute (i.e., implicitly from the bare JID of the user's
       account) or it has a 'from' attribute whose value matches either
       the user's bare JID <user@domainpart> or the address of an entity
       authorized performing roster pushes.

Notes:

RFC 6121 § 2.1.6 2. specifies that roster pushes have to origin from the "user's account", i.e., no 'from' attribute or 'from' attribute matching the user's bare JID. However the Security Warning in the same section states that

... this specification allows entities other than the user's server to
maintain roster information, which means that a roster push might
include a 'from' address other than the bare JID of the user's
account. Therefore, the client MUST check the 'from' address to
verify that the sender of the roster push is authorized to update
the roster.

which contradicts what is specified in § 2.1.6 2.

Verifier note: This seems more than editorial, and probably needs some discussion about third party authorizations. I will set the status to "Held for Document Update"

Errata ID: 3391
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT

Reported By: Todd Lucas
Date Reported: 2012-10-21
Held for Document Update by: Robert Sparks

Section 4.3.2.1. says:

   Juliet's server replies with an unavailable notification, mirroring
   the 'id' of Rome's presence probe because there is no 'id' to
   preserve from an available notification that her client has sent.

It should say:

   Juliet's server replies with an unavailable notification, mirroring
   the 'id' of Romeo's presence probe because there is no 'id' to
   preserve from an available notification that her client has sent.

Notes:

Minor typo: "Rome's" should be "Romeo's"

Report New Errata



Advanced Search