[Standards-JIG] MUC (JEP-45) privacy & control
sneakin at semanticgap.com
Sun Apr 16 06:30:32 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Lukáš 'Spike' Polívka wrote:
> To ensure privacy of both sides, I propose to generate a hash (SHA1?)
> of every user's real JID, which would be sent with his MUC presence
> stanza (or with every message stanza?).
That would work and would be pretty easy to do. Jer has actually blogged
about something like this, MicroIDs if I remember. SHA-1 should probably
be avoided, though the actual hash could be whatever the MUC service
wants to use. It only needs to be a unique identifier on that service,
unless we want an opaque identifier on the whole Jabber network.
And these would be a perfect fit for MUC's presence stanzas.
> Now we have unique identifier for every user. We could extend Privacy
> lists (or whatever) to handle these hashes.
That's possible or the client can just block these...
> 2) room moderators cannot block IP addresses.
> As in the previous case, a hash (of IP address in thi case) is used.
> It must be computed on the every user's own server, because
> (conf.)netlab.cz can't know IP addresses of users from montague.net.
> Now room moderators could ban according to these hashes (as it's very
> easy to create new identity/real JID).
In theory you can ban entire domains from joining a room. I would not
rely on IP addresses, especially with wonderful servers like ejabberd
that support clustering. They should also not be counted on for end
points either, ie: Jingle, file xfer, and NATs.
> There should be some backwards-compatible way to extend JEP-45, as
> it's Draft Standard already. :/
It's called XMPP for a reason.
- - Nolan
SemanticGap: To act as one (TM) -- http://www.semanticgap.com/
Instant awareness & messaging * Online presence design
Cross platform and agile development
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 219 bytes
Desc: not available
More information about the Standards