[IOT] OpenADR comment period
j.wielicki at sotecware.net
Thu Jun 20 14:00:02 UTC 2013
On 20.06.2013 05:41, Thomas Nichols wrote:
> I think we have two choices. (1) Tell VTN implementers/ deployments that
> they need to secure the XMPP server to prevent VEN to VEN communication.
> Or (2) we require VENs to maintain a whitelist of VTN JIDs, and drop or
> reject packets that are not from an approved JID. Or maybe both.
In my humble opinion, (2) is the safest, because it does not rely on a
third party (the server) to protect the first party (the VEN).
However, blocking the traffic at the server (as in (1)) has benefits for
the end user, as it is thus impossible to run a denial-of-service attack
on another end user with in-band messages, which is probably desired.
I'm not sure whether there exist solutions for (1) in form of XEP or
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: OpenPGP digital signature
More information about the IOT