[Standards-JIG] UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)
justin-keyword-jabber.093179 at affinix.com
Tue Mar 16 20:29:08 UTC 2004
On Tuesday 16 March 2004 2:05 am, Ian Paterson wrote:
> Justin wrote:
> > A message is valid so as long the timestamp is +/-5 minutes
> > of the delivery time and the ID does not exist in the cache.
> What about when a user switches (within five minutes) between two different
> clients (resources).
This would appear to be a problem in my current spec if you logout and login
from even the same client/resource within the timeframe. The client would
need to cache all the jid/id/timestamp mappings to disk.
> If the message sender does not specify a resource then the message could be
> replayed to the second client.
> Perhaps the message IDs should be stored on the server, not locally on the
I thought of this too, but then couldn't a malicious server enable replay
attacks by simply not providing the ID list to other resources? I don't see
a good solution for this one... Maybe a client could provide an option:
[ X ] - Trust server for replay attack prevention across multiple logins.
Although I think most users would not know what the heck this even means.
> > the client should only consider offline messages valid if
> > they are timestamped between the current and previous
> > login time (this means saving a single timestamp to disk),
> The client would have to allow messages stamped up to five minutes before
> the logout time.
Good point. Along the same lines, the client should not delete the previous
session cache until 10 minutes into the new session.
New question: what if the client or client machine crashes and is unable to
record a proper logout time?
More information about the Standards