[Operators] [Fwd: [ejabberd] Your server is a part of spammer/flood botnet!]

Peter Saint-Andre stpeter at stpeter.im
Mon May 5 08:45:16 CDT 2008


On 05/05/2008 2:26 AM, Tomasz Sterna wrote:
> Dnia 2008-05-04, nie o godzinie 22:09 -0600, Peter Saint-Andre pisze:
>> http://www.xmpp.org/extensions/xep-0158.html
>>
>> However, that doesn't give you a real workflow. For most EBIA (email
>> based identification and authentication) systems you visit the
>> website,
>> receive an email with a token, and visit the website again, at which
>> time you provide the token. Right now we don't have a way to do that
>> in
>> XEP-0077, but we might be able to do it with some combination of XEPs
>> 77, 158, and 235.
> 
> Or go wacko and define something like HTML over XMPP and let the people
> code the workflows anyhow they wish. :-)

Right. But the XMPP server will probably time you out if you maintain an
open connection that long without completing the registration process
(because there may a denial of service attack that's possible if you
flood the server with registration attempts).

Peter

-- 
Peter Saint-Andre
https://stpeter.im/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/operators/attachments/20080505/40b03341/attachment-0001.bin 


More information about the Operators mailing list