I saw a draft at jabber.org that introduces a completely different group messaging paradigm which seems to address this problem (the server makes a stronger assertion about the identity of the person that is talking in the chatroom). I have no clue if that's work that the IETF jabber group is doing or what. Bill