[Pidgin] #857: Secure Pidgin

Pidgin trac at pidgin.im
Thu May 10 07:13:06 EDT 2007 

#857: Secure Pidgin
--------------------------+-------------------------------------------------
 Reporter:  amdias        |       Type:  enhancement
   Status:  new           |   Priority:  minor      
Component:  pidgin (gtk)  |    Version:  2.0        
 Keywords:  security      |    Pending:  0          
--------------------------+-------------------------------------------------
 Imagine that:
  * there is a server program that is a IM proxy
    * it allows to define accounts centrally, and its properties (such as
 alias, picture, etc)
    * it allows to create "shared buddy lists"
    * it has configurable security capabilities:
      * which external buddies is it allowed to send files to: (EVERYONE,
 GROUP #1, NO ONE [DEFAULT=NO ONE])
      * configurable time frame in which is possible to contact some
 groups/buddies [default=24*7]
      * users can change account properties and settings [default=YES]
      *  users can use personal accounts using the I proxy? [default=NO]
      * users can enable/disable/configure local plugins? [default=NO]
      * program in the destop/laptop (pidgin) can be used while offline: no
 connectio to the proxy [default=NO]
    * logging level (FULL/NONE [default=NONE]) of every IM / chat (note
 that countries' regulatory restrictions may apply)
    * backup/restore configuration (accounts and buddy lists)
    * etc (lots of new features)

  * on the desktop (user side) pidgin:
    * gets account information from the server (IM proxy).
    * depending on server defined policies, allow to change picture of
 account
    * depending on server defined policies, allow to change personal alias
    * depending on server defined policies, allow to use any other account
 that is not      configured in the proxy (e.g. Personal account)
    * gets shared buddy list from the server (IM proxy)
    * allows to submit a new request for adding a new buddy in a shared
 list
    * allows user to create private buddies, that will be considered as
 belonging to a Private group in the server: security rules defined on the
 server will be automatically applied to this buddies (on the server)


 In this way I would use pidgin for all users in my company. Right now all
 IM protocols are blocked in firewall and I would like to change that.
 IM programs are focusing on functionality only. Some security concerns
 would help a lot to spread usage.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/857>
Pidgin <http://pidgin.im>
Pidgin

More information about the Tracker mailing list