[Standards-JIG] MUC (JEP-45) privacy & control

Ian Paterson ian.paterson at clientside.co.uk
Sun Apr 16 12:38:22 UTC 2006


> Lukáš wrote:
> > 1) ordinary users cannot block messages from other MUC 
> > participants (for example, if someone constantly insults me), 
> > because they can't use real JIDs.
> > 
> > To ensure privacy of both sides, I propose to generate a hash 
> > (SHA1?) of every user's real JID, which would be sent with 
> > his MUC presence stanza (or with every message stanza?).
>
Trejkaz wrote:
> If we just used SHA-1 of the user's  
> JID, someone could just build up a giant list of SHA-1 hashes of all  
> known JIDs, which a user could then use to determine the identity of  
> users in anonymous" chats.
> 
> This can easily be fixed by also adding the JID of the conference  
> room into the hash.

Doesn't Section 6.12 "Registering with a Room" of JEP-0045 already
provide a solution to this problem?

"If a user has registered with a room, the room MAY choose to restrict
the user to use of the registered nickname only in that room. ... (this
enables a room to 'lock down' roomnicks for consistent identification of
occupants)."


The following is only a personal opinion, I'm not expecting it to result
in changes to the JEP at this stage, although I am very interested in
other people's opinions (I'm sure I'll learn something):

If someone wants to be anonymous, in most cases* they can simply create
another Jabber account. This provides much better anonymity since even
the room server doesn't know your normal JID.

IMHO anonymous and semi-anonymous rooms create real problems (like the
one Lukáš described above). They also add a lot of complexity to clients
(and servers).

- Ian


*The only cases where anonymous/semi-anonymous rooms make any sense to
me is for members-only rooms where the user would not be able to enter
using a different JID unless invited by an admin. In this case a simple
optional protocol could be developed to allow a user to contact the room
server with their primary JID and ask the server to treat the user's
'anonymous' JID as if it were the primary. Although that would reduce
the level of anonymity for members-only rooms to the level provided by
anonymous rooms today, clients would be much more simple since they
would not have to worry about anonymous and semi-anonymous rooms.




More information about the Standards mailing list