[Standards-JIG] Re: password-protected room with no password (MUC)

Trejkaz trejkaz at trypticon.org
Mon Sep 19 18:33:11 CDT 2005


> Another way to "resolve" this discussion is to say in the jep that
> password format (including whether or not the password can be blank) is
> a matter of site policy.  In the event that this policy is violated
> while configuring the room, the owner request should fail with an
> appropriate (not-acceptable?  bad-request?  new one?) condition.

That sounds like the best idea so far.  Trivial passwords, if someone
chooses to allow them, should be acceptable.  An empty password is just
the most trivial password possible, but passwords which are dictionary
words might also be rejected, or any password which cracklib deems to be
insecure.

TX





More information about the Standards-JIG mailing list