Faced similar kind of problem with Jaxl IM thread conversation privacy control where a user can become a member of an existing thread, but new user should not see history or archive of messages while he was not a part of the conversation. We currently hacked MUC implementation to manage such privacy controls internally.
-- Abhinav Singh, Founder, Jaxl Inc. Bangalore, India http://abhinavsingh.com/blog ________________________________ From: Bruce Campbell <[email protected]> To: Multi-User Chat over XMPP <[email protected]> Sent: Thu, September 30, 2010 9:38:26 PM Subject: Re: [MUC] MUC history vs privacy/security On Thu, 30 Sep 2010, Kim Alvefur wrote: > Ohai > > Imagine that you're running a MUC service. The users complain about that > they miss things that's said while they are gone, and that the default > ~20 lines of history is insufficient. So you turn it up to 11 (read 2k). > > Now, I suspect there might be some concerns for people discussing > sensitive things in closed members-only rooms, as new members would have > equal access to the history. People might want to be confident that what > they say is only sent to current members. > > So, do you limit history to what's sent after they become members? How > do you balance the usefulness of some discussion context with privacy > and confidentiality? You could (assuming that your MUC service supports this) only supply history to 'fill in the gaps' between when a given user drops off, and their reconnection to the MUC a short (<10 min) time later. Somewhat like the difference between initially arriving at a social event, and stepping away from said social event for a few minutes. -- Bruce.
