RFC Errata
Found 2 records.
Status: Rejected (2)
RFC 8280, "Research into Human Rights Protocol Considerations", October 2017
Note: This RFC has been updated by RFC 9620
Source of RFC: IRTF
Errata ID: 5306
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: Florian Schmaus
Date Reported: 2018-03-26
Rejected by: Allison Mankin (IRTF Chair)
Date Rejected: 2018-08-20
Section 5.2.3.4.1. says:
Likewise, user invisibility so that communication can occur while users don't notify all buddies and other servers of their availability is not part of the formal protocol and has only been added as an extension within the XML stream rather than enforced by the protocol.
Notes:
The sentence is not correct and thus misleading. XMPP imposes no restriction on communication depending on your own presence status. It is perfectly fine to communicate with someone *without* notifying "all buddies and other servers" of your availability.
--VERIFIER NOTES--
The RFC's editors concluded that accepting the erratum would not add value. IRTF Chair agrees.
Errata ID: 5307
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: Florian Schmaus
Date Reported: 2018-03-26
Rejected by: Allison Mankin (IRTF Chair)
Date Rejected: 2018-08-20
Section 5.2.3.4.1. says:
While the protocol does not specify that the resource must be exposed by the client's server to remote users, in practice this has become the default behavior.
Notes:
The sentence is incorrect. The resource is exposed to the remote user in standard 1:1 chats, since servers are required to stamp the 'from' value with the full JID as per RFC 6120 § 8.1.2.1 (stanza-attribute-from-stamp conformance requirement).
Note that the situation is different in groupchats: The resource is not required to be exposed, but when MUC is used, the presence in the channel also reveals the overall presence of the user. This is however, likely to change with future MUC replacement protocols.
I'd also like to point out that RFC 6120 § 13.10.2. and RFC 6121 § 11. discuss the security considerations and provide guidance in order to prevent those leaks
--VERIFIER NOTES--
The RFC's editors concluded that accepting the erratum would not add value. IRTF Chair agrees.