[xmpp] [Editorial Errata Reported] RFC6121 (5058)
RFC Errata System <rfc-editor@rfc-editor.org> Sun, 02 July 2017 16:52 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: xmpp@ietfa.amsl.com
Delivered-To: xmpp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B960C12EC49 for <xmpp@ietfa.amsl.com>; Sun, 2 Jul 2017 09:52:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.203
X-Spam-Level:
X-Spam-Status: No, score=-4.203 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mloCGB9PFS-c for <xmpp@ietfa.amsl.com>; Sun, 2 Jul 2017 09:52:40 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDE78128DF2 for <xmpp@ietf.org>; Sun, 2 Jul 2017 09:52:39 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 31822B81378; Sun, 2 Jul 2017 09:52:06 -0700 (PDT)
To: ietf@stpeter.im, ben@nostrum.com, aamelnikov@fastmail.fm, adam@nostrum.com, jhildebr@cisco.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: flo@geekplace.eu, xmpp@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20170702165206.31822B81378@rfc-editor.org>
Date: Sun, 02 Jul 2017 09:52:06 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/xmpp/06T2if4P2G32tZBjDy7M5gAAihM>
Subject: [xmpp] [Editorial Errata Reported] RFC6121 (5058)
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/xmpp/>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Jul 2017 16:52:42 -0000
The following errata report has been submitted for RFC6121, "Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata/eid5058 -------------------------------------- Type: Editorial Reported by: Florian Schmaus <flo@geekplace.eu> Section: 2.1.6 Original Text ------------- 2. A receiving client MUST ignore the stanza unless it has no 'from' attribute (i.e., implicitly from the bare JID of the user's account) or it has a 'from' attribute whose value matches the user's bare JID <user@domainpart>. Corrected Text -------------- 2. A receiving client MUST ignore the stanza unless it has no 'from' attribute (i.e., implicitly from the bare JID of the user's account) or it has a 'from' attribute whose value matches either the user's bare JID <user@domainpart> or the address of an entity authorized performing roster pushes. Notes ----- RFC 6121 § 2.1.6 2. specifies that roster pushes have to origin from the "user's account", i.e., no 'from' attribute or 'from' attribute matching the user's bare JID. However the Security Warning in the same section states that ... this specification allows entities other than the user's server to maintain roster information, which means that a roster push might include a 'from' address other than the bare JID of the user's account. Therefore, the client MUST check the 'from' address to verify that the sender of the roster push is authorized to update the roster. which contradicts what is specified in § 2.1.6 2. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC6121 (draft-ietf-xmpp-3921bis-20) -------------------------------------- Title : Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence Publication Date : March 2011 Author(s) : P. Saint-Andre Category : PROPOSED STANDARD Source : Extensible Messaging and Presence Protocol RAI Area : Real-time Applications and Infrastructure Stream : IETF Verifying Party : IESG
- [xmpp] [Editorial Errata Reported] RFC6121 (5058) RFC Errata System