[Standards] XEP-0115, 1.3pre2
Olivier Goffart
ogoffart at kde.org
Thu Apr 5 12:38:12 CDT 2007
Le jeudi 5 avril 2007, Joe Hildebrand a écrit :
> On Apr 3, 2007, at 2:47 AM, Richard Dobson wrote:
> > Im not sure if hashes are really required, surely the server can
> > just compare the results from several different sources and use the
> > most common one as the real one.
>
> Agree, except that if you detect one that doesn't match, there should
> be a warning dialog popped up, since it's either:
> a) an attack or
> b) a client bug (probably a version number wasn't updated that should
> have been).
The problem is that clients will probably not check on several contacts. (It's
much more difficult)
The hash is a lot simpler to check.
Also is the server optimization that I suggested interesting ? (cache the
results of discovery <iq/> and reply to discovery instead of forwarding the
<iq/> to the contact)
If this is done, the client will not be able to popup a dialog (the server
could just send a message to the administrator)
And it will be more and more easy to do an attack. Just connect with a lot of
accounts to the server with an evil client (or fake server)
Note that such attack is still relatively not critical.
Evil Scenario
Google want that everyone use GTalk, so he use his server to remove all
<features/> from discovery <iq /> routed by the server that doesn't come from
google talk client. So all others client will start looking crapy.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/standards/attachments/20070405/6b84cd7a/attachment.pgp
More information about the Standards
mailing list