[Standards-JIG] Re: MUC (JEP-45) privacy & control

Peter Saint-Andre stpeter at jabber.org
Tue Apr 18 16:06:04 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ralph Meijer wrote:
> On Tue, Apr 18, 2006 at 04:13:11PM +0200, Luk???? 'Spike' Pol??vka wrote:
>> [..]
>>
>> Hi,
>> the problem is that even anonymous (or at least semi-anonymous) rooms
>> are not anonymous at all -- everyone can see your vCard, your Avatar
>> and find your JID using these pieces of information.
>>
>> So to be completely anonymous, you have to have separate JID for MUC.
>> Which kind of sucks. :/
> 
> This is not a protocol issue. MUC implementations can choose to let
> every iq query be passed on to the actual users. Basically, current
> implementations are one big open relay.
> 
> Another area where this becomes icky is pubsub. Currently, you can
> simply subscribe another occupant of a room you are in to any node you
> desire.
> 

Well, MUC rooms are supposed to deny delivery from entities that are not
occupants, so I don't see how that would happen (unless the pubsub
service or node is an occupant).

Peter

- --
Peter Saint-Andre
Jabber Software Foundation
http://www.jabber.org/people/stpeter.shtml

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFERQ5sNF1RSzyt3NURArQqAJsEwoYU9LFQMJbL00SFHCatfkPWqwCdEfMp
rLctqBCkg75fZeWeTS/UAYM=
=zXnK
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20060418/4a19b603/attachment.bin>


More information about the Standards mailing list