[Standards] XEP-0115, 1.3pre2

[Joe Hildebrand]

On Apr 3, 2007, at 2:47 AM, Richard Dobson wrote:

> Im not sure if hashes are really required, surely the server can  
> just compare the results from several different sources and use the  
> most common one as the real one.

Agree, except that if you detect one that doesn't match, there should  
be a warning dialog popped up, since it's either:
a) an attack or
b) a client bug (probably a version number wasn't updated that should  
have been).