[jdev] Presence leak test suite

Peter Saint-Andre stpeter at stpeter.im
Wed Jul 9 11:33:32 CDT 2008


Justin Karneges wrote:
> On Wednesday 09 July 2008 07:55:58 Kevin Smith wrote:
>> On Wed, Jul 9, 2008 at 3:46 PM, Peter Saint-Andre <stpeter at stpeter.im> 
> wrote:
>>>>> you also test presence leaks using guessed well-known resources like
>>>>> client names (Psi, Gajim, Miranda, QIP, Adium etc.) or places (Home,
>>>>> Work, School etc.)? I think it could push client authors to use
>>>>> random-generated resource names.
>>>> I don't understand why this would be something we'd want to push for.
>>> Because some people are paranoid?
>> Paranoid people can use as random a resource as they want to - it
>> doesn't mean the rest of us need to :)
> 
> And a random resource isn't necessary anyway, just good privacy control on the 
> server.  (/me still wants a server that will bounce all iqs from people who 
> don't have his presence.)

Including directed presence?

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20080709/c1a9f134/attachment-0002.bin>


More information about the JDev mailing list