[Operators] server reputation
melo at simplicidade.org
Fri Apr 18 06:32:51 CDT 2008
On Apr 17, 2008, at 8:16 PM, Peter Saint-Andre wrote:
> Last year I posted a blog entry about server reputation:
> I think it would be helpful for this group to define some
> parameters for
> measuring server reputation.
> I'm not yet sure how we would use this information. I don't like the
> idea of a centralized reputation service since that provides a single
> point of failure for attacks against the network. At the last XMPP
> Summit in Brussels, we talked a bit about the idea of a server buddy
> list -- i.e., your server has a list of trusted other servers that it
> consults. So at jabber.org we might ask amessage.de and sapo.pt (or
> whatever) about new servers on the network.
> If we do this in an automated fasion, it requires better tracking and
> monitoring in existing xmppp server codebases.
> We could also do this in a more human-intensive way, e.g. a voting
> (or sites) where admins can vote +1 or -1 on various domains.
My problem with the whole server reputation thing is I don't see the
Suppose that we get a reasonable system for measuring server
reputation. What then? Are you going to start blocking s2s based on
reputation, or have different shaping rules? Do future XEPs for
certain protocols (like pubsub proxying for example) take in account
a "trust level"?
WIthout know what the goals are, what the usage of this database will
be, I don't see how we can design it.
XMPP ID: melo at simplicidade.org
More information about the Operators