[Standards-JIG] proto-JEP: Best Practices to Prevent PhishingAttacks on the Jabber/XMPP Network

Peter Saint-Andre stpeter at jabber.org
Wed Nov 16 05:05:12 UTC 2005


Ian Paterson wrote:
> I wondered if the title could be Preventing JID and Name Spoofing?

Yes, I've gone back and forth on the title. My research indicates that 
the term "spoofing" covers both address forging (which is very hard in 
Jabber systems) and mimicking (which is relatively easy), so I'd prefer 
something like "Best Practices to Prevent Mimicked JIDs" or somesuch. I 
guess I went with the phishing title because I figured it would get more 
attention. ;-)

> The example in the introduction is not visible on most systems since
> Cherokee fonts are usually not installed outside North America. ;-)

Maybe I should make an image out of it?

> One typo: the nickname is missing from Examples 3 and 5.

Fixed.

Peter


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20051115/0fdb2367/attachment.bin>


More information about the Standards mailing list