[Standards-JIG] proto-JEP: Smart Presence Distribution
fippo at goodadvice.pages.de
Thu May 18 06:29:13 UTC 2006
Richard Dobson wrote:
> Where did we assume the server was evil?,
Assuming the server is not evil is not interesting.
> and why does it matter if the
> server knows that you dont want a particular user to receive something
> you are wanting it to multicast?,
You're actively exposing your privacy list to the remote server.
If I had been proposing that...
> if you dont trust the server then you
> would block the whole server by adding it to your privacy list.
Yes. Communicating with a someone from remote domain expresses a high
level of trust.
>> On the other hand, the evil capulets can already guess that Romeo
>> has blocked Gregory if they see successive presence stanzas to
>> Juliet, Nurse, Peter, Sampson, Anthony and Potpan but not Gregory.
> Your point being??
That you are disclosing the privacy list to the remote server each time
you are doing a presence broadcast.
The assumption that your privacy list is something secret is not valid.
More information about the Standards