[standards-jig] NEW: Malicious Stanzas in Jabber (JEP-0076)

Robert Norris rob at cataclysm.cx
Tue Apr 1 22:54:43 UTC 2003


> Following on the publication of RFC 3514 [1] by the IETF, I have 
> written a JEP that enables Jabber applications to flag any XML 
> stanza type (message, presence, or iq) as malicious. The protocol
> is defined in JEP-0076:

Excellent work, Peter. Since I beleive this is an important security
enhancement, I've gone ahead and implemented for jabberd 1.4. It's
available here:

  http://cataclysm.cx/dist/jabber/mod_evil.c

I encourage server administrators to download and install this module
ASAP.

Rob.

-- 
Robert Norris                                       GPG: 1024D/FC18E6C2
Email+Jabber: rob at cataclysm.cx                Web: http://cataclysm.cx/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/standards/attachments/20030402/42964d07/attachment.sig>


More information about the Standards mailing list