[jitsi-dev] transmission of display names during conference call


#1

I've noticed that during a conference call the display name assigned to
each contact by the organizer of the call is transmitted and displayed
to each of the participants.

This seems to me to be a security problem, particularly for groups where
individuals operate with pseudonyms. Shouldn't the conference call
display either the original username, or the display name assigned by
the participant?

In other words, if maryalice@jit.si is assigned the display name 'Ann
Smith' by the organizer this is not information that should be
transmitted in a conference call.

Best,

Joseph


#2

This is an interesting issue since usability might be clashing with
security.

Could you please open an issue?

···

On 18.05.13, 23:16, Joseph Santolan wrote:

I've noticed that during a conference call the display name assigned to
each contact by the organizer of the call is transmitted and displayed
to each of the participants.

This seems to me to be a security problem, particularly for groups where
individuals operate with pseudonyms. Shouldn't the conference call
display either the original username, or the display name assigned by
the participant?

In other words, if maryalice@jit.si is assigned the display name 'Ann
Smith' by the organizer this is not information that should be
transmitted in a conference call.

Best,

Joseph

_______________________________________________
dev mailing list
dev@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/dev

--
https://jitsi.org


#3

I do clearly favour security here

- --
Yannik V�lker

···

On 19.05.2013 19:36, Emil Ivov wrote:

This is an interesting issue since usability might be clashing
with security.


#4

Actually security is not really at stake here. It's about some privacy
and the fact that the people that you are talking to, are going to see
your display name in addition to your address (or potentially the
display name that the organiser set for you).

I could see how this could potentially be an issue in some situations
but it's not like we are leaking audio data.

···

On 20.05.13, 01:07, Yannik Völker wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 19.05.2013 19:36, Emil Ivov wrote:

This is an interesting issue since usability might be clashing
with security.

I do clearly favour security here

- --
Yannik Völker
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJRmU03AAoJEDqk81AiCyXKPSwP/1EeyAFDSpOvmeub1mVxdHIj
33ldlpY7TUjhW+317b9qgFxcnwk3YbXBgttJ+aXQnl4sWk6HvgyBPtam0YITPIKV
7Ez/4Pj8eSigHPKRDj31SPk6/NwtJ8Ijk/k33ZD3ppP17/Tmlt/6Ef0Hi83nONqd
zJKshWTNGRk6GSxhQlakB7KWF12qN4B6/Al5o5vK/7PtU+L4zQxY6REPn2rrbj3C
HoXdLXtfMWumvmsXm1LVykFYqYXgmA6oV3vHRWVMr6SpdH9qpKq1HgsYLiu8hN7h
osZwg6+fs5uJ42DOAJHJT0yn6f8Jovl1tQOIYIeq6Gebs5RycTDaqJVebKmPZD16
pqJgnXrCPeoee5iCPXglJAQrEksuT9uNL176SpDFBoYxkYLGG4vcs5u0nSBbVcOV
NuInTBHSmhhJ4wxuMegkay3gfH4Y0z2WYpclVnFrdfBRW8dGYXnzlecrt7s3hnsw
8wnLubAmh/8k9tqyDL8WE+3Ktzx76Y5m+CKtQgcJ4PZWBeccGIrv103fHdPW6AYL
BcBx3JFrfDLrWX+D5v1nCXEVCsKjsATnca6ixNun6u7S16ojcbtwAE4QkOy6zhTc
KTofJqQk60FhjfUGOkbZ2C0GhF4YLJfF4IiauIDWqE9IxtQZ0X55FHFwE77WSrRl
a1S+YkC5zDL8GoOsQ+wD
=aZWZ
-----END PGP SIGNATURE-----

_______________________________________________
dev mailing list
dev@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/dev

--
https://jitsi.org