On 23 Aug 2013 00:33, "Pravin Sinha" <[email protected]> wrote: > > Hi, > > I understand that some(could be all) of these are more implementation specific, but was wondering if there is a related guidelines/xep. > > - Should an xmpp server allow a federated user(via Server to server federation) create a chat room on local chat room server? At the least, I see the possibility of attacks where the federated users may create uncontrollable number of chat rooms and even though some policy could be enforced, but what is the normal trend? >
I'm not sure what the normal trend is, but some servers at least allow restriction of room creation to either local users or a white list. There are certainly abuse cases that need this. > - Suppose the room is created by a local user and he tries to change the affiliation of federated server's user as owner, should that be allowed? What are the possible problems(if any)? > I think all servers allow this unconditionally. There's a concern that a remote server can spoof its own users, but that applies to most cases of federated users, so I don't think that's a social case here. > Thanks, > Pravin > > > _______________________________________________ > JDev mailing list > Info: http://mail.jabber.org/mailman/listinfo/jdev > Unsubscribe: [email protected] > _______________________________________________ >
_______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
