[Standards-JIG] UPDATED: JEP-0027 (Current Jabber OpenPGP Usa ge)

Justin Karneges justin-keyword-jabber.093179 at affinix.com
Wed Mar 17 23:19:34 UTC 2004


On Wednesday 17 March 2004 2:39 pm, Matthias Wimmer wrote:
> Hi Ian!
>
> Ian Paterson schrieb am 2004-03-16 10:05:01:
> > What about when a user switches (within five minutes) between two
> > different clients (resources).
> >
> > If the message sender does not specify a resource then the message could
> > be replayed to the second client.
> >
> > Perhaps the message IDs should be stored on the server, not locally on
> > the client.
>
> I didn't think this thought to end yet ... but what about if the message
> id is not generated sole by the sender, but in cooperation by the sender
> and the receiver? If the receiver does not generate the same part of the
> valid IDs again, the replay would not work, I guess.

Unfortunately this would require the receiver to be available at the time of 
send, in order to negotiate this value.  Maybe the receiver could leave some 
values on the server for use while offline.  I discussed this matter with one 
of my friends, and he devised a system that could work this way, but it 
requires server modification.  It is somewhat complicated, maybe I'll write 
it up and share it here.

Of course, this doesn't let the receiver off the hook about storing IDs 
somewhere (ie, to disk).  Instead of storing sender IDs, now it must store 
receiver IDs (the IDs it generated).

> Storing on the server does not satisfy me as the client has to trust the
> server that no message IDs have been removed from the storage on the
> server.

We must surrender to the fact that the server may DoS a user at any time, by 
not delivering messages, eating offline messages, eating any stored values 
(as mentioned above), etc.  As long as these actions do not cause security 
violations, then we should not worry about them.

-Justin



More information about the Standards mailing list