Hi Standards, I came across 0337 and I like the idea. Reading the security considerations, it is said in [7.3.2]:
""" [..] even more care should be taken to log only information that can be published openly. If there's risk for sensitive information to be logged, the publish/subscribe pattern should be avoided. """ As PubSub does have access models, I am not sure I understand the risks mentioned in this paragraph. Does anybody have any insight on why this was written this way? [7.3.2]: https://xmpp.org/extensions/xep-0337.html#sect-idm140133614364832 -- Maxime “pep” Buquet
signature.asc
Description: PGP signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________