On Jan 15, 2008 3:29 PM, Joe Hildebrand <[EMAIL PROTECTED]> wrote: > <suggestion> > However, a receiving application MAY send a service discovery > information request to a particularly JID+node combination in order to > determine the friendly name, but if it does so then it MUST cache the > result for that JID+node combination. > </suggestion> > > I really wanted to cache just based on the node, but "there's an > attack!" for people poisoning others' client names. I don't think > that's really a concern, but perhaps that is over-practical.
That makes me a bit uneasy (particularly because I know how prone to mistruths some people in the community (not on this list, I'm pretty certain) are with respect their software), it wouldn't surprise me to see people try to do such a thing (or to do it accidentally - there are myriad patched builds of Psi which modify the client name, but probably not the caps node, for example). I'm not going to jump up and down with my pigtails flying if it's just me though :) /K
