[Standards] General Stance toward Security Threats in XMPP

Peter Saint-Andre stpeter at stpeter.im
Wed Aug 27 15:48:20 UTC 2014


Good idea!

On 8/27/14, 6:22 AM, Dave Cridland wrote:
> Folks,
>
> Kurt Zeilenga made the excellent point that we, as a community, need to
> take a stance on jid harvesting - the same applies to various other
> threats that are common to many XMPP extensions.
>
> Therefore I've started to pen a XEP which can catalogue these threats
> and give guidance to extension authors on what threats need
> consideration and/or mitigation. I'm suggesting this as a Standards
> Track XEP.
>
> Other options would be a registry or an Informational XEP, however I
> feel that because of its nature, we want something we can normatively
> reference from other XEPs, and hence a Standards Track document seems
> the best solution.
>
> I'll submit the basic document (with just two threats) this afternoon to
> the editors.
>
> Dave.




More information about the Standards mailing list