[Operators] server reputation

Greg Hudson ghudson at MIT.EDU
Tue Apr 22 09:24:01 CDT 2008


On Mon, 2008-04-21 at 18:05 -0600, Robert Larson wrote:
> In regards to reputation has anyone given any thought to how it might
> work when an untrusted, or even blacklisted server connects to a
> trusted or whitelisted server via a transport such as jabber-to-jabber
> or xmpp-to-xmpp gateways?

I'm not sure I understand.

"Transports" in the XMPP sense are pieces of software which live on XMPP
servers and masquerade as one or more clients to other IM networks.  If
a blacklisted server connects to a whitelisted server via such a
transport, that means it must know the c2s credentials of some user on
the whitelisted server.

> There seems to be a lot of parallels between s2s and email.  When
> looking at how well the world has adapted SPF and domain keys, I would
> say the sooner something gets established, the better!

>From the start, Jabber has had "dialback" which is roughly equivalent to
SPF, and makes it difficult (requires DNS spoofing) to impersonate
another domain using s2s.  There is also a drive to make more servers
use properly verified TLS for s2s connections, which is roughly
equivalent to domain keys and would make it even harder to impersonate
another domain using s2s.




More information about the Operators mailing list