protoXEP OpenPGP for XMPP Pubsub: version 0.0.4

add a security note to indicate that <shared-secret/> and <revoke/> sender must be checked.

inbox/pubsub-encryption.xml

@@ -30,6 +30,16 @@
     <email>goffi@goffi.org</email>
     <jid>goffi@jabber.fr</jid>
   </author>
+  <revision>
+    <version>0.0.4</version>
+    <date>2022-10-12</date>
+    <initials>jp</initials>
+    <remark>
+      <ul>
+        <li>add a security note to indicate that &lt;shared-secret/&gt; and &lt;revoke/&gt; sender must be checked.</li>
+      </ul>
+    </remark>
+  </revision>
   <revision>
     <version>0.0.3</version>
     <date>2022-10-10</date>
@@ -196,6 +206,7 @@
 
 <section1 topic='Security Considerations' anchor='security'>
   <ul>
+    <li>When receiving a &lt;shared-secret/&gt; or a &lt;revoke/&gt; element, the receiving client MUST ensure that the signing sender is the same as the one for all known shared secrets of this pubsub node. This prevents a malicious actor for misleading the client into using a non-legitimate secret.</li>
     <li>To limit the surface of attack, the access model of an encrypted node should be set to "whitelist" and only people having the shared key should be allowed to retrieve encrypted items.</li>
     <li>If the shared key is compromised, or a user access is revoked, the key MUST be rotated. However, only new items are encrypted with the new key, any previous item should be considered as compromised too.</li>
     <li>Sometimes client may use metadata to construct item ID, this is notably the case for some &xep0277; implementation, as the resulting item ID is used to generate user friendly URLs. To avoid metadata leakage, clients SHOULD NOT derivate the item ID from any data of the item when pubsub encryption is used.</li>