[Standards] General Stance toward Security Threats in XMPP
dave at cridland.net
Wed Aug 27 12:22:30 UTC 2014
Kurt Zeilenga made the excellent point that we, as a community, need to
take a stance on jid harvesting - the same applies to various other threats
that are common to many XMPP extensions.
Therefore I've started to pen a XEP which can catalogue these threats and
give guidance to extension authors on what threats need consideration
and/or mitigation. I'm suggesting this as a Standards Track XEP.
Other options would be a registry or an Informational XEP, however I feel
that because of its nature, we want something we can normatively reference
from other XEPs, and hence a Standards Track document seems the best
I'll submit the basic document (with just two threats) this afternoon to
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Standards