[Standards-JIG] Re: password-protected room with no password (MUC)

[Tomasz Sterna]

Every single password protected system I've meat treats empty password
(zero characters string) like any other valid password (of course most
of them would bark on you, that the password is not long enough).
I think this is a normal and expected behavior.

Another thing is when the room passwordprotection is on and there is
no password configured (even empty one). I would treat this as room
missconfiguration and do not allow users in.

As for the client support, the usual way is trying to enter the room
without password and displaying password dialog on wrong password
error.
IRC clients work like this, HTTP browsers work like this...

--
smk