[jdev] Owner Status to a federated user.
Dave Cridland
dave at cridland.net
Fri Aug 23 06:45:31 UTC 2013
On 23 Aug 2013 00:33, "Pravin Sinha" <pks_chennai at yahoo.com> wrote:
>
> Hi,
>
> I understand that some(could be all) of these are more implementation
specific, but was wondering if there is a related guidelines/xep.
>
> - Should an xmpp server allow a federated user(via Server to server
federation) create a chat room on local chat room server? At the least, I
see the possibility of attacks where the federated users may create
uncontrollable number of chat rooms and even though some policy could be
enforced, but what is the normal trend?
>
I'm not sure what the normal trend is, but some servers at least allow
restriction of room creation to either local users or a white list. There
are certainly abuse cases that need this.
> - Suppose the room is created by a local user and he tries to change the
affiliation of federated server's user as owner, should that be allowed?
What are the possible problems(if any)?
>
I think all servers allow this unconditionally. There's a concern that a
remote server can spoof its own users, but that applies to most cases of
federated users, so I don't think that's a social case here.
> Thanks,
> Pravin
>
>
> _______________________________________________
> JDev mailing list
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.jabber.org/jdev/attachments/20130823/5f63c1d7/attachment.html>
More information about the JDev
mailing list