[Standards-JIG] MUC (JEP-45) privacy & control

Lukáš 'Spike' Polívka lukas.polivka at gmail.com
Sun Apr 16 05:22:39 UTC 2006


Hello,
I have some ideas regarding privacy & control in MUC. I find the
current state not very satisfactory.

Two problems which come to my mind are:
1) ordinary users cannot block messages from other MUC participants
(for example, if someone constantly insults me), because they can't
use real JIDs.

The only way now is to block the MUC JID (talk at conf.netlab.cz/Pinky
for example ;)), but then it's very easy for Pinky to change his nick
to e.g. Pinkator and insult me again. The client has to track nick
changes (Gaim does that), but it's not really good. For example, Pinky
can leave the room and join again with different nick. How would the
client know it's still Pinky? It's also important to store these
settings on the server, so I don't have to block Pinky every time. :)

To ensure privacy of both sides, I propose to generate a hash (SHA1?)
of every user's real JID, which would be sent with his MUC presence
stanza (or with every message stanza?).

If we have a user romeo at montague.net which joins conf.netlab.cz then:
a) if montague knows this extension, montague.net server must compute the hash
b) if montague.net doesn't know this extension, (conf.)netlab.cz must
compute the hash.

This way, there's a higher possibility that at least one of the
servers can do the job.

Now we have unique identifier for every user. We could extend Privacy
lists (or whatever) to handle these hashes.

2) room moderators cannot block IP addresses.
As in the previous case, a hash (of IP address in thi case) is used.
It must be computed on the every user's own server, because
(conf.)netlab.cz can't know IP addresses of users from montague.net.
Now room moderators could ban according to these hashes (as it's very
easy to create new identity/real JID).

There should be some backwards-compatible way to extend JEP-45, as
it's Draft Standard already. :/

Well, what do you think?

Lukáš 'Spike' Polívka
--
Jabber ID: spike411 at jabber.cz
ICQ, AIM, MSN: Never ever!


More information about the Standards mailing list