[Standards-JIG] Re: UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Tue Mar 16 05:37:13 UTC 2004


On Monday 15 March 2004 9:27 pm, Jesper Krogh wrote:
> I gmane.network.jabber.standards-jig, skrev Justin Karneges:
> >  The xmpp-e2e specification suggests the use of checking timestamps,
> > however I think we could improve upon this by additionally including a
> > unique ID in each packet.  A client can cache all such IDs it gets, and
> > discard any that are older than 10 minutes.  A message is valid so as
> > long the timestamp is +/-5 minutes of the delivery time and the ID does
> > not exist in the cache. The "Delivery time" would be either 'now', or
> > some specified date via jabber:x:delay.  This would allow for valid
> > offline messages.
>
> What if the sending client's clock isn't set correctly?

Then it won't work properly.  It is really the unique ID that does the replay 
protection, and the time checking is there only so recipients don't have to 
cache IDs until the end of time.  We could remove the time checking entirely, 
but then keeping track of all those IDs would probably be more painful to 
implementations than just maintaining a correct clock. :)

-Justin



More information about the Standards mailing list