[Security] rfc3920bis - "from" attribute in the stream header

Peter Saint-Andre stpeter at stpeter.im
Sat Feb 21 15:36:30 CST 2009


A: Because it messes up the order in which people normally read text.

Q: Why is top-posting so bad?

A: Top-posting.

Q: What is the most annoying behavior on email discussion lists?

Jiří Zárevúcký wrote:
> That's all very nice, but you misunderstood me. :)
> I'm talking about the possibility of neighbor sniffing your JabberID.
> Imagine you have for example a private account you don't want anyone
> of your friend to know about. OR that you have forbidden use of IMs in
> work and the IT staff easily sees who you are.

I had not considered that "attack", so I will change the text to SHOULD
or MAY (or remove it entirely). I don't think that any server
implementations depend on the 'from' address of the initial stream
header, so removing this text will not cause any problems.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6751 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20090221/4eb573e3/attachment.bin 


More information about the Security mailing list