[Standards] XEP-0333: Chat Markers overhaul

Jonas Wielicki jonas at wielicki.name
Fri Nov 17 07:19:12 UTC 2017


On Donnerstag, 16. November 2017 22:11:50 CET Philipp Hörist wrote:
> 2017-11-16 21:40 GMT+01:00 Jonas Wielicki <jonas at wielicki.name>:
> > Doesn’t it make more sense to require that senders who mark messages as
> > markable MUST use at least N bits of entropy (where N is the number of
> > bits of
> > entropy in UUID4, since people seem to like that) in the message IDs,
> > stanza
> > IDs and origin IDs?
> 
> if you just add the JID, i can filter out clients who are non-compliant to
> the XEP instantly. And can act accordingly.
> 
> On the other hand if somebody implements this, and just forgets/ignores to
> make sure his algorithm has enough entropy, i will suffer, and i can not
> really do anything about it.

Another reason I didn’t think of is that in a group chat, it would be possible 
for someone to simply send a message with the same ID, since they can observe 
the previous IDs.

So tying the ID to the participant JID (full JID in case of MUC, bare JID in 
case of MIX) of the sender makes sense to me.

> Just one for the Security Considerations, if you are admin of a room, you
> see real-jids, you should not add these by accident to your display tags,
> in anonymous rooms.

Yes.

kind regards,
Jonas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.jabber.org/pipermail/standards/attachments/20171117/62f27be5/attachment-0001.sig>


More information about the Standards mailing list