[Security] [jdev] Spoofing of iq ids and misbehaving servers

[Philipp Hancke]

> It wasn't a complain, I've just explained why servers do behave different 
> than the current RFC says. I had the impression several people seem to not 
> know that there was a quiet different RFC before 6120 and most servers were 
> created long time ago.

Sure. But RFC 3920 has been obsoleted by RFC 6120, so if you still want to 
call yourself an XMPP server you'd better implement 6120.

But yeah, that's one of the reasons we should update the compliance 
suites. We actually have XEP-0302 doing that, but it never moved to draft 
for some reason.