[jdev] Owner Status to a federated user.

Dave Cridland dave at cridland.net
Fri Aug 23 06:45:31 UTC 2013


On 23 Aug 2013 00:33, "Pravin Sinha" <pks_chennai at yahoo.com> wrote:
>
> Hi,
>
> I understand that some(could be all) of these are  more implementation
specific, but was wondering if there is a related guidelines/xep.
>
> - Should  an xmpp server allow a federated user(via Server to server
federation) create a chat room on local chat room server? At the least, I
see the possibility of attacks where the federated users may create
uncontrollable number of chat rooms and even though some policy could be
enforced, but what is the normal trend?
>

I'm not sure what the normal trend is, but some servers at least allow
restriction of room creation to either local users or a white list. There
are certainly abuse cases that need this.

> - Suppose the room is created by a local user and he tries to change the
affiliation of federated server's user as owner, should that be allowed?
What are the possible problems(if any)?
>

I think all servers allow this unconditionally. There's a concern that a
remote server can spoof its own users, but that applies to most cases of
federated users, so I don't think that's a social case here.

> Thanks,
> Pravin
>
>
> _______________________________________________
> JDev mailing list
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20130823/5f63c1d7/attachment.html>


More information about the JDev mailing list