[Standards] PubSub Security considerations
Brian Cully
bcully at gmail.com
Thu Jun 11 18:20:46 CDT 2009
On Jun 11, 2009, at 11:31, Nicolas Vérité <nicolas.verite at process-one.n
et> wrote:
> Dear all,
>
> In the "Security considerations" section of the PubSub spec, shouldn't
> we warn of the possible presence leaks, since subscribers (possibly
> not in the user's roster) are instantly notified of a user's
> publication?
Agreed. This is a subtle condition and should probably be called out.
More information about the Standards
mailing list