On Thu, Jun 25, 2015 at 3:27 AM, Kevin Smith <[email protected]> wrote:
> Can people share their thoughts on usecases for semi-anon, please? It’s not > entirely clear to me what these are (users who want anonymity seem to already > be using throw-away JIDs to achieve that, instead of relying on MUC > configuration). It's not clear to me that there are *any* use cases. Maintaining two methods of having 1:1 conversations (normal 1:1's, and the anon-MUC version of 1:1's) just makes everything more complicated for no real benefit. > There seems to be some significant merit in having MUCs always be > non-anonymous in MUC2, to solve some of the addressing messes we’ve found > ourselves in. Agreed; MUC2 should absolutely remove the semi-anon capabilities. This will ensure that the MUC2 specification is kept clean and simple. If a user wants to keep their JID private (for some reason), joining an "anonymous" MUC is not the way to do it anyways (since admins can still see it, and/or the server admin could always make the MUC public and you probably wouldn't even notice), so (as you said) people are going to end up using burner JID's anyways. Having them always be non-private also serves the added benefit of providing some sort of assurance that you're actually talking to the same person two days in a row (eg. Alice talks to Bob on day 1, the next day she talks to Bob but it's someone else who claimed the same nick... now she can verify that the JID is the same, so it's at least someone with access to Bob's account). Of course, this can already be better achieved with PGP, but let's be honest, that never works (going slightly OT with that line of reasoning though). I'm very much hoping that MUC2 will be one of the hot topics at the North American Summit this October. —Sam -- Sam Whited pub 4096R/54083AE104EA7AD3 https://blog.samwhited.com
