In this way, basic GDPR compliance can be achieved. Since Prosody server is accessible independently from Jisti-meet, the solution is ask users to change their password through an external XMPP client, like Pidgin. On the other hand, configuring Prosody to allow users to register independently their own account is not even an option, as anyone out there would be able to use your Jisti. Unfortunately, this is not GDPR-compliant, because “enabling users to set their password without the admin knowing it” is a basic and unavoidable security measure. In Jitsi official documentation, the suggested way to set user passwords is using prosodyctl command, that can only be run by the sysadmin. has a simple built-in authentication system (with passwords stored in plain text or hashed, depending on the module used) many other authentication services can be implemented through dedicated modules. The problem solved here, not (yet) covered by official documentation ¶Īs already said in platform introduction, user authentication may be added in various ways authentication control belongs into the XMPP server on which Jitsi relies/depends (). Thus to minimize privacy and security issues while keeping the system practical and easy to use for everybody. More precisely, while hosts need to have an account to create rooms, guests do not need to have one, but should be required to provide a room-specific password to enter. The proposed Jitsi implementation requires authentication for the host, but not for guests. It is just a WIP proposal, open to discussion, on how a Jitsi server can be quickly (and legally) deployed in order to host one’s own private videomeetings, based on authors’ practical experiences. DISCLAIMER: this is not legal nor technical advice.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |