[Standards] Password protected rooms

Peter Saint-Andre stpeter at stpeter.im
Sun Feb 8 00:30:41 UTC 2009


Matt Ford wrote:
> Hi All,
> 
> Implementation vs standards.
> 
> It seems, at least on jabber.org, that I as an owner of password
> protected room can access it without using a password.

I must admit that I haven't tested password-protected rooms in a long
time. IMHO members-only rooms perform the same function in a more secure
fashion.

> The spec however suggests that I should not be able to

I suppose it is possible that ejabberd exempts the room owner from this
check.

Have you tested by creating a password-protected room and then trying to
join from another account?

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6751 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20090208/da878087/attachment.bin>


More information about the Standards mailing list