[standards-jig] NEW: Malicious Stanzas in Jabber (JEP-0076)
Robert Norris
rob at cataclysm.cx
Tue Apr 1 16:54:43 CST 2003
> Following on the publication of RFC 3514 [1] by the IETF, I have
> written a JEP that enables Jabber applications to flag any XML
> stanza type (message, presence, or iq) as malicious. The protocol
> is defined in JEP-0076:
Excellent work, Peter. Since I beleive this is an important security
enhancement, I've gone ahead and implemented for jabberd 1.4. It's
available here:
http://cataclysm.cx/dist/jabber/mod_evil.c
I encourage server administrators to download and install this module
ASAP.
Rob.
--
Robert Norris GPG: 1024D/FC18E6C2
Email+Jabber: rob at cataclysm.cx Web: http://cataclysm.cx/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/standards/attachments/20030402/42964d07/attachment.pgp
More information about the Standards-JIG
mailing list