Add security consideration regarding spoofability and reference example
The <referenced-stanza/> element can be used to reference another stanza. The <referenced-stanza/> element MUST be qualified by the 'urn:xmpp:sid:0' namespace and MUST have an 'id' attribute and SHOULD have a 'by' attribute. The values of the attributes are the values of the referenced stanza's <stanza-id/> element.
+An entity that follows the business rules, especially the rule on overriding the ID in elements where the by atttribute matches the 'by' attribute they would otherwise set, SHOULD announce the 'urn:xmpp:sid:0' namespace in its disco features allowing other entities to verify that those business rules are properly enforced.
The value of origin-id is spoofable and hence SHOULD not be used when referencing other stanzas. The value tuple of 'id' and 'by' of the stanza-id element is unspoofable iff all involved implementations follow the requirements of this specification.
The value of the 'id' attribute should not provide any further information besides the opaque ID itself. Entities observing the value MUST NOT be able to infer any information from it, e.g. the size of the message archive. The value of 'id' MUST be considered a non-secret value.
Before processing the stanza ID of a message and using it for deduplication purposes or for MAM catchup, the receiving entity SHOULD ensure that the stanza ID could not have been faked, by verifying that the entity referenced in the by attribute does annouce the 'urn:xmpp:sid:0' namespace in its disco features.
Thanks to Thijs Alkemade and Georg Lukas for providing feedback.
+Thanks to Thijs Alkemade, Georg Lukas, and Maxime Buquet for providing feedback.