On 25.06.2015 17:09, Thijs Alkemade wrote: >> On 25 jun. 2015, at 10:27, Kevin Smith <kevin.sm...@isode.com> wrote: >> >> Thinking a bit about the MUC2 stuff. MUC1 had Anon/semianon/nonanon. We’ve >> pretty much killed off fully anonymous rooms in MUC1. >> >> Can people share their thoughts on usecases for semi-anon, please? It’s not >> entirely clear to me what these are (users who want anonymity seem to >> already be using throw-away JIDs to achieve that, instead of relying on MUC >> configuration). > > 1. Privacy. > 2. To not turn public MUCs into treasure troves for spam bots. All of these > JIDs have an active client signed in, so they are great targets.
To hide your contact data should never and can't be the answer against SPAM. I stopped obfuscating my Mail address a few years ago. It's available in a few dozen places over the net. Yet I don't have an issue with SPAM. That same should be true for my JID. > 3. Best practices currently dictate that resources should be random, as they > are privacy-sensitive. That’s almost opposite of revealing it to everyone in > a room. Ack. MUC2 (or similar protocols) should be designed to only show the bare JID of the participants. - Florian
signature.asc
Description: OpenPGP digital signature
