On 10/01/2017 15:23, Sam Whited wrote:
2. While burner JIDs may be helpful to provide a user with complete
anonymity in a channel, I think that channel administration
needs access to the real JIDs. It would not be acceptable to manage a
public MUC and just have a stack of anonymous participants. So use of
client provided burner JIDs is not a viable approach to JID hidden channels.
If burner JIDs are allowed on some other server, this happens anyways.
It's not something you can prevent.
Well, kinda, except that burner JIDs have much the same security
properties as SASL ANONYMOUS, so the same considerations apply - these
things shouldn't be allowed to S2S, and servers that do allow them to
S2S can be blocked at the whole server level (as happens already).
/K
_______________________________________________
Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: [email protected]
_______________________________________________
