On 2024/12/24 12:52, Dave Cridland wrote:

4. Do you have any security concerns related to this specification?

Always! I think in this case the Security Considerations are quite light. In particular, there is no discussion of how a message might be deliberately retracted as a form of abuse - this is perhaps worst in cases where the tombstone support is implemented.

What kind of abuse are you thinking of here, and what exactly do you think needs to be written down?
You mean like someone trying to fill a chat history with useless tombstones? This doesn't seem to me like a XEP-0424-specific concern. You don't need retractions or tombstones to spam a chat with useless messages.