[Operators] Remove old unused accounts?

Peter Saint-Andre stpeter at stpeter.im
Thu Dec 10 12:18:37 CST 2009


On 12/10/09 11:17 AM, Kevin Smith wrote:
> On Thu, Dec 10, 2009 at 6:10 PM, Peter Saint-Andre <stpeter at stpeter.im> wrote:
>> That said, there is a minor security concern here. MUC rooms and PubSub
>> nodes could garbage-collect owners and admins/publishers, just as core
>> XMPP services do. This is another reason to put such entities in the
>> user's roster.
> 
> That's the solution I come up with when I think about this. Pair it
> with roster annotations (real annotations, rather than the iq:private
> based ones) saying 'not contact list users' or something and there's
> no reason for this to not be common practice, I think. It also solves
> the 'argh, what pubsub services am I subscribed to?' problem if we
> start putting them in the roster.

Right.

Is this an argument for a new roster protocol? Not that the operators
list is the place to work on that... :)

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6820 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20091210/f9856de9/attachment.bin>


More information about the Operators mailing list