https://logs.xmpp.org/council/2021-05-19?p=h#2021-05-19-166dd46a385797cb
1) Roll Call Present: Zash, Jonas, Daniel, Georg Apologies: Dave 2) Agenda Bashing The lack of agenda items is making Jonas feel uneasy - Jonas adds something into AOB to feel a little better. 3) Editor's Update Nada. 4) Items for Voting None. 5) Date of Next 2021-05-26 1500 UTC 6) AOB On PR #1059 (XEP-0373: Public key and metadata nodes: Recommend 'open' access model) [1], Jonas wonders about the security/privacy implications - Zash says concerns were raised before about correlating MUC participants, which might apply, and something about reuse of a 'normal' PGP key leaking information - Jonas thinks this might be worth consulting the all-knowing List. Daniel says a lot of OX usage is open to interpretation, creating widely varied security implications; for example, reusing the same PGP key already used with your email, with an open access model, will leak your identity - but this is unclear; doesn't think there are best practices, and would leave it to the authors to steer it in their chosen direction. Jonas will ask the authors to write a note in the Security Considerations, and maybe point The List at it. 7) Close Thanks everyone. Thanks Jonas. [1] https://github.com/xsf/xeps/pull/1059
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
