On 2025/01/18 14:38, Dave Cridland
wrote:
On 2024/12/24 12:52, Dave Cridland wrote:
4. Do you have any security concerns related to
this specification?
Always! I think in this case the Security
Considerations are quite light. In particular,
there is no discussion of how a message might be
deliberately retracted as a form of abuse - this
is perhaps worst in cases where the tombstone
support is implemented.
What kind of abuse are you thinking of here, and what
exactly do you think needs to be written down?
You mean like someone trying to fill a chat history with
useless tombstones? This doesn't seem to me like a
XEP-0424-specific concern. You don't need retractions or
tombstones to spam a chat with useless messages.
If an abusive message is retracted, and the service
actually excises the message entirely from the archive,
replacing it with a tombstone, then there's no record of the
abusive message (but it's been seen by its target, and so
has done its jobCh
Ok, so rephrase into XEPanese:
If message retraction results in the complete removal of any record
of the original message's body, for example to be replaced by a
tombstone, then this could be used to hide messages that moderators
might want to be notified of.