[IOT] OpenADR comment period

Peter Saint-Andre stpeter at stpeter.im
Thu Jun 20 21:32:59 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 6/20/13 8:00 AM, Jonas Wielicki wrote:
> Hi Thomas,
> 
> On 20.06.2013 05:41, Thomas Nichols wrote:
>> I think we have two choices.  (1) Tell VTN implementers/
>> deployments that they need to secure the XMPP server to prevent
>> VEN to VEN communication. Or (2) we require VENs to maintain a
>> whitelist of VTN JIDs, and drop or reject packets that are not
>> from an approved JID.  Or maybe both.
> 
> In my humble opinion, (2) is the safest, because it does not rely
> on a third party (the server) to protect the first party (the
> VEN).
> 
> However, blocking the traffic at the server (as in (1)) has
> benefits for the end user, as it is thus impossible to run a
> denial-of-service attack on another end user with in-band messages,
> which is probably desired.
> 
> I'm not sure whether there exist solutions for (1) in form of XEP
> or code though.

Basically you'd want to use a highly modular codebase that includes a
module for the ability to send messages. Then just disable that
module. (However, I assume that you'd want the VENs to be able to send
messages to the VTN.)

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJRw3ULAAoJEOoGpJErxa2p4TIP/3FbuiDvwGJPDviYaeKOX/Wp
rr+OTDI6M5bKutTFGoltbbU/qghFViW4gkqt0r6be+/PEOUsBsCxNej0CxPGviNB
FM2FueByqG9m5I40Qp5sS1SBBLHXhhaHBGk4jZJ3OZul7eHhOKZ2SvepWpoleB0N
UNdzbIBJmowhDlKQfbSIA7vK3ln/hyZsWgq0RzJG7cyA/1wX0TPrpdp9k1dC5fJY
ODBmgYZTKtuwSRzEiqm45pZawcLM2oQB6kBoajzDheaQb5FPb+q0yAIcX6scCzEj
rhDiiOL9l5fQ3shxCoIkVPSNL0DL+W9mBBdB0RftzH1c2d8JTyYE92obKUamt2TO
3drxByeDVlv/BXcPAvtsKTt78nmlnBmFHt1HK2Voe/6LSYhaZkPUvKoIfHKCUEXg
4vE4UnCo9N6aK2oYlMGHx+vr941qzBw0f9z0t6dsidxauMKpUnE8FVcLOvvOEDXt
O+dg7Nltd34WCKVb+GnJhsxfZBTi+tJK/Vl4gpMg4sdpiUVwbHS9coQSolleW38V
IG64eVjBm3i0bJlushcCjts6npw2R4yot4Q4872ZCyigdn/uxvyIyfD3kacXoJa2
8uUqvk+w6jCCQj0j3vNFBQFG0txqn5NHMstPyXxLWAB99d+ArhLnq0vSIrLrbJco
IPzO1Ulvff/UF1agXvt5
=rCNd
-----END PGP SIGNATURE-----


More information about the IOT mailing list