[Operators] server reputation

Peter Saint-Andre stpeter at stpeter.im
Fri Apr 18 13:54:40 CDT 2008


Pedro Melo wrote:
> Hi,
> 
> On Apr 17, 2008, at 8:16 PM, Peter Saint-Andre wrote:
> 
>> Last year I posted a blog entry about server reputation:
>>
>> https://stpeter.im/?p=1988
>>
>> I think it would be helpful for this group to define some parameters for
>> measuring server reputation.
>>
>> I'm not yet sure how we would use this information. I don't like the
>> idea of a centralized reputation service since that provides a single
>> point of failure for attacks against the network. At the last XMPP
>> Summit in Brussels, we talked a bit about the idea of a server buddy
>> list -- i.e., your server has a list of trusted other servers that it
>> consults. So at jabber.org we might ask amessage.de and sapo.pt (or
>> whatever) about new servers on the network.
>>
>> If we do this in an automated fasion, it requires better tracking and
>> monitoring in existing xmppp server codebases.
>>
>> We could also do this in a more human-intensive way, e.g. a voting site
>> (or sites) where admins can vote +1 or -1 on various domains.
>>
>> Thoughts?
> 
> My problem with the whole server reputation thing is I don't see the
> next step.
> 
> Suppose that we get a reasonable system for measuring server reputation.
> What then? Are you going to start blocking s2s based on reputation, or
> have different shaping rules? Do future XEPs for certain protocols (like
> pubsub proxying for example) take in account a "trust level"?
> 
> WIthout know what the goals are, what the usage of this database will
> be, I don't see how we can design it.

Good questions. I don't have the answers yet but I'll continue to noodle
on it...

Peter

-- 
Peter Saint-Andre
https://stpeter.im/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/operators/attachments/20080418/5d2c881e/attachment.bin 


More information about the Operators mailing list