[Standards] Question about MUC invites

Rachel Blackman rcb at ceruleanstudios.com
Tue May 15 17:49:52 UTC 2007

>> To play devil's advocate here... arguably, if we're not in each  
>> other's rosters, and I desperately want to conceal my presence  
>> data from you, I have
>> no business inviting you to a MUC room in the first place.  Doing  
>> so reveals I'm online, which is in my experience the main  
>> 'presence leak' people want to avoid. ;)
> But its an intentional leak on the part of the invitor that doesn't  
> persist once the invitor has left the MUC room.  I'm not sure that  
> it counts as an ongoing presence leak.

Sure, but I fail to see why including the resource is really a more  
egregious presence leak than using the bare JID.

To me, the 'right' solution seems to be that for invites in a fully  
anonymous room, you use the room JID of the user sending the invite,  
and for non-anonymous rooms, you use the full normal JID of the  
person inviting.

There's no reason to jump through hoops and require invites to be  
tracked by the MUC server solely to conceal the resource in the name  
of privacy.  With an anonymous room it's already supposed to use the  
room JID, and with a non-anonymous room they'll get the full jid of  
all the participants upon joining ANYWAY.

I fail to see that using the bare JID is somehow less of a presence  
leak, considering.  And as was pointed out, it complicates the  
situation if the person is in the room from two separate resources  
(such as from home and work). :)

Rachel Blackman <rcb at ceruleanstudios.com>
Trillian Messenger - http://www.trillianastra.com/

More information about the Standards mailing list