[Security] TLS Certificates Verification

Jonathan Schleifer js-xmpp-security at webkeks.org
Wed Aug 20 11:25:41 CDT 2008


Jonathan Dickinson <jonathanD at k2.com> wrote:

> It sounds like your server expends a lot of effort to determine if
> something should be sent or not. Bandwidth is expensive in ZA so I
> can sympathize. How about unwrapping the initial moments of an IBB
> stream to see if it's XMPP or binary data? You could probably decide
> after decoding the first 10 or so characters.

Not every admin has the time to implement a new ejabberd module that
does IBB checking :) Most will just disable it and done. So this is
very admin and therefore user unfriendly. That's why we shouldn't use
Jingle IBB, but something else, so it's very very easy to distinguish.

And no, if it's encrypted, I can't say what is in it!

-- 
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/security/attachments/20080820/ded534e6/attachment.pgp 


More information about the Security mailing list