Rhonda: > Of course people could be concerned about that forward bot (which > could even take care of replying) be facilitated as sort of a MITM > attack pattern, so it might make sense to have people run such a bot > themself on some host they trust. > > Not so sure about how this would work if it's more than just plain > messages though, like OTR (which could be encapseled somehow) or > other things like voice/video chat.
FWIW, if the user were to be transparently redirected from an unused/unprefered $f...@rtc.debian.org to the DD's prefered contact, this would be a problem. But, given that OTR has a session establishment phase, what could be done is to auto-answer to any incoming message with "DD $foo does not use their RTC account" or "DD $foo prefers contact via their other XMPP account, $f...@otherserver.info"