[standards-jig] NEW: Malicious Stanzas in Jabber (JEP-0076)
mass at akuma.org
Tue Apr 1 22:12:34 UTC 2003
The idea is that if you are going to send malicious ('evil') data, be it
malicious content (say, a message containing slander) or a packet which
is attempting to exploit a flaw in a particular client, you are required
to flag it as evil so that intermediate routers can apply this flag to
their filtering rules and prevent that client from receiving the
message. It is the same general principle as a 'spam' header in email -
it allows you to filter out unwanted traffic. This particular
application makes the system as a whole much more secure, since you are
guaranteed an easy way to identify content which you would not want
delivered or displayed.
Mattias Campe wrote:
> Peter Saint-Andre wrote:
>> Following on the publication of RFC 3514  by the IETF, I have
>> written a JEP that enables Jabber applications to flag any XML stanza
>> type (message, presence, or iq) as malicious. The protocol
>> is defined in JEP-0076:
>> As always, feedback is welcome.
> Maybe strange feedback, but what is actually the purpose of this JEP?
> Why would clients want to indicate that they are sending malicous
> XML-data, if they know it, they can as well send the correct XML-data.
> I'm not in doubt of this JEP :), it's just that I don't get the
> picture :(.
> Standards-JIG mailing list
> Standards-JIG at jabber.org
More information about the Standards