On 23 Aug 2013 00:33, "Pravin Sinha" <<a href="mailto:pks_chennai@yahoo.com">pks_chennai@yahoo.com</a>> wrote: > > Hi, > > I understand that some(could be all) of these are more implementation specific, but was wondering if there is a related guidelines/xep. > > - Should an xmpp server allow a federated user(via Server to server federation) create a chat room on local chat room server? At the least, I see the possibility of attacks where the federated users may create uncontrollable number of chat rooms and even though some policy could be enforced, but what is the normal trend? > I'm not sure what the normal trend is, but some servers at least allow restriction of room creation to either local users or a white list. There are certainly abuse cases that need this. > - Suppose the room is created by a local user and he tries to change the affiliation of federated server's user as owner, should that be allowed? What are the possible problems(if any)? > I think all servers allow this unconditionally. There's a concern that a remote server can spoof its own users, but that applies to most cases of federated users, so I don't think that's a social case here. > Thanks, > Pravin > > > _______________________________________________ > JDev mailing list > Info: <a href="http://mail.jabber.org/mailman/listinfo/jdev">http://mail.jabber.org/mailman/listinfo/jdev</a> > Unsubscribe: <a href="mailto:JDev-unsubscribe@jabber.org">JDev-unsubscribe@jabber.org</a> > _______________________________________________ >