On Wed Feb 11 15:08:41 2009, Matthew Wild wrote:
On Wed, Feb 11, 2009 at 3:01 PM, Jonathan Schleifer
<[email protected]> wrote:
> Just a reason NOT to require a PW for the owner: Some admin might
have
> changed it and now the owner can't join the room anymore or
change it back.
>
That same admin could simply remove the owner from the owner list
and be done :)
Actually, as far as I can tell, nothing mandates that an owner cannot
change the password without joining the room, since room
configuration doesn't require you to have joined the room either.
Since changing the password therefore doesn't require the old
password, I wonder if the requirement to have the password makes much
sense, on reflection.
This single issue aside however, I do think that the total lack of
any
way to track which services a JID is affiliated with is scary. This
affects transports/gateways, MUCs, etc. Are roster subscriptions
even
cancelled on account removal?
Well, they should be, assuming the server is aware of the removal -
however, the server might well not be - if a user is simply removed
from, say, the LDAP directory it's using, there's no way a server is
likely to know.
Dave.
--
Dave Cridland - mailto:[email protected] - xmpp:[email protected]
- acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
- http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
