[Standards-JIG] Re: UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)

Jesper Krogh jesper at krogh.cc
Tue Mar 16 05:44:14 UTC 2004


I gmane.network.jabber.standards-jig, skrev Justin Karneges:
>  On Monday 15 March 2004 9:27 pm, Jesper Krogh wrote:
> > I gmane.network.jabber.standards-jig, skrev Justin Karneges:
> > >  The xmpp-e2e specification suggests the use of checking timestamps,
> > > however I think we could improve upon this by additionally including a
> > > unique ID in each packet.  A client can cache all such IDs it gets, and
> > > discard any that are older than 10 minutes.  A message is valid so as
> > > long the timestamp is +/-5 minutes of the delivery time and the ID does
> > > not exist in the cache. The "Delivery time" would be either 'now', or
> > > some specified date via jabber:x:delay.  This would allow for valid
> > > offline messages.
> >
> > What if the sending client's clock isn't set correctly?
> 
>  Then it won't work properly.  It is really the unique ID that does the replay 
>  protection, and the time checking is there only so recipients don't have to 
>  cache IDs until the end of time. 

You need to cache the unique id's in the roaster( or somewhere else
serverside ) in order to make this work with users, shifting
location/clients. 

>  We could remove the time checking entirely, 
>  but then keeping track of all those IDs would probably be more painful to 
>  implementations than just maintaining a correct clock. :)

Sure, but that's not the way it works for my mother who's computer is on
a dialup and a hardware-clock that goes crazy. (This is a real
situation) 

-- 
./Jesper Krogh, jesper at krogh.cc
Jabber ID: jesper at jabbernet.dk
Tøm din hjerne for Linuxviden på http://www.linuxwiki.dk





More information about the Standards mailing list