when i was in group chat and someone questioned my identity, i suggested hta hand me a nonce in a p2p pgp secure session, and i would then replay the nonce on group chat. as smb pointed out, this left us open mitm between (hta|me) and the group chat. in this case, both hta and i had ssl to the server on which the group chat was being hosted. but how could you know that? i have not read the jabber drafts, but i have to ask. given the remarks on the need for identity in the rather educational, at least to me, paper scott brimm pointed us to, <http://www.shirky.com/writings/group_enemy.html>, and the discussion we had before chartering the jabber wg (which was going to complete last december, right hrn crocker and rose?), does the ietf jabber work address this problem well? randy