On 7/11/12 10:39 AM, Kurt Zeilenga wrote: > A quick comment: > > Security Considerations say "Because decloaking is a presence leak (albeit > intentional), an XMPP client that implements the receiving side of this > specification MUST disable sharing of session presence by default and MUST > enable the feature only as a result of explicit user configuration." > > I suggest changing "explicit user configuration" with "explicit user > confirmation" and then adding another sentence that the user confirmation can > be per request, per first request per requestor, or by setting some "always > decloak" configuration option, or other suitable means so long as decloaking > doesn't occur by default. That is, the first MUST is the key security > requirement, how to override the default is necessary detail for implementors > to address how they see fit.
Good point, and consistent with what we've said in other specs IIRC. Will fix in the next version. Peter -- Peter Saint-Andre https://stpeter.im/
