Summer of code 2010 ideas

Mark Doliner mark at kingant.net
Mon Mar 29 00:09:18 EDT 2010


It looks like XEP-0214 was deferred because of lack of activity.  So
implementing it wouldn't be terrible.

Mentioning security topics that you're familiar with probably isn't a bad idea.

--Mark

On Wed, Mar 24, 2010 at 9:08 PM, ashish shubham <ashubham at gmail.com> wrote:
> Hi Mark,
>
> Thanks for the reply.
>
> In reference to your concerns:
>
> XMPP XEP-0214 standard deals with file repository and sharing. But this
> protocol has been deferred by the standards foundation. And has not been
> superseeded by any. Can we still implement this protocol ?
>
> Also, I have done courses on Cryptography, Network security and Information
> & System security at my university, will mentioning these reflect upon my
> knowledge of cautious network programming ?
>
> Thanks in advance
> Ashish Shubham.
>
> On Mon, Mar 15, 2010 at 11:00 AM, Mark Doliner <mark at kingant.net> wrote:
>>
>> On Wed, Mar 10, 2010 at 4:16 AM, ashish shubham <ashubham at gmail.com>
>> wrote:
>> > Hello,
>> >
>> > I am a student in India and I intend to apply for a google summer of
>> > code
>> > 2010 project with Pidgin. I wanted to share an idea of windows like file
>> > share integrated with the pidgin IM client for the Gtalk protocol.
>> >
>> > I have made a webpage detailing my proposal (as the limit here was 40KB
>> > :(
>> > ), please give ideas and suggestions to help me formalize as a good
>> > summer
>> > project.
>> >
>> > the link is :
>> > http://cse.iitkgp.ac.in/~ashishs/test.html
>> >
>> > Thanks
>> > Ashish Shubham
>>
>> Hi Ashish.  I think that's a cool idea.  Older AIM clients used to
>> have something similar, right?  Called "get file" or something?  Newer
>> clients might have it, too.
>>
>> A few concerns:
>>
>> * "The file share information can be shared via the use of special
>> format text recognized by the pidgin client."
>>
>> I haven't spoken to other developers, but I suspect we would want this
>> functionality to use a more formal XMPP XEP (they may be one already)
>> rather than a specially formatted IM.  The XML nature of Jabber allows
>> for a lot of flexibility and custom add-ons--it probably doesn't make
>> sense to overload the meaning of IMs.
>>
>> * "Security may be built by putting a password for viewing the file
>> share."
>>
>> Maybe also restrict based on JID?
>>
>> * This code for this type of functionality has the potential to
>> contain REALLY horrible bugs.  For example, a buffer overflow that
>> allows an attacker skip authentication or access any file on your
>> system.  If you do submit a proposal for this, you may want to include
>> information about your knowledge of cautious network programming.
>>
>> --Mark
>
>




More information about the Devel mailing list