From a colleague who’s just had this posted on xmpp.org and is working with realtime pubsub.

XEP-0314: Security Labels in PubSub.

Abstract:

This specification defines an extension to XEP-0258 (Security Labels) to allow for the use of security labels in XEP-0060 (Publish-Subscribe). This document describes how security label metadata can be applied to the various elements within Publish-Subscribe, including nodes and items.

Author:

Ashley Ward

1. Introduction

The use of security labels within XMPP is currently defined in Security Labels in XMPP [1]. This, however, does not cover the use of security labels within Publish-Subscribe [2]. This XEP defines a method to include security labels into publish-subscribe.

This allows content publishers to limit visibility of any sensitive published items to only those users with appropriate clearance to view them.

This document does not deal with the semantics of a Security Label or how the security policy is applied to decisions regarding Security Labels and Clearances.

This document should be read in conjunction with Publish-Subscribe [3] and Security Labels in XMPP [4].

[…]

…I am quite amazed to see quite how big a feature set is embedded in XMPP.