[Standards-JIG] Pre-Proto XEP - Karma
Pedro Melo
melo at co.sapo.pt
Fri Jan 5 07:59:47 CST 2007
HI again,
On Jan 4, 2007, at 11:23 PM, Chris Mullins wrote:
> I was looking to see what exists today for standards around Karma,
> and I didn’t see anything. I know many servers today implement rate
> limiting, but as far as I can tell, each does it differently.
>
> This seems like it would make a great XEP, and allow for a richer
> model of communication within the entire federated XMPP network.
>
> Some of the things that come to mind are:
On top of the other two I've already sent, there are also limits at
the XML parser that should be considered:
- max node name size: sending <screeeeeeeeeee(insert enourmus
amounts of e's here)eeam> is probably going to kill you XML parser;
- max number of node attributes;
- max attribute name and attribute value sizes;
- max size for char sequences between elements.
this ones should make sure that you at least receive a SAX event
before exausting your memory.
FYI, I don't know any XML parser that implements this. I would love
to know one. It crossed my mind several times that a simple xml
parser, with just enough features to support XMPP, and having a focus
on denial-of-service attacks would be a wonderfull Google Summer of
Code project.
Best regards,
--
HIId: Pedro Melo
SMTP: melo at co.sapo.pt
XMPP: pedro.melo at sapo.pt
More information about the Standards
mailing list