[Standards-JIG] Re: Closing idle streams (server comparison chart)

Carlo v. Loesch CvL at mail.symlynX.com
Thu Jun 1 05:23:26 UTC 2006


Jean-Louis Seguineau typeth:
| good reasons, no OPN server is available for unsolicited tests, either using
| a client or S2S. Any inappropriate attempt to connect to a server will be
| rejected be the access control service. In this situation, the protection of

After a successful RFC compliant dialback procedure.
Why should I presume a server does dialback if it doesn't plan to federate?
Maybe you should optimize your access control strategies because I am sure
someone one day will figure out a DoS attack based on the will to dialback.

| behavior. I cannot vouch for ejabberd. Judging from the wildfire code it
| closes the </stream:stream> on an idle connection. So was doing the early
| version of jabberd 1.4. 

Wildfire has recently introduced this behaviour, apparently in a wise
moment. ejabberd, the as far as I can see currently most popular
implementation, is suffering from this problem. So even if we only
identified one affected server, it's the most relevant one.

| For your information, both XCP and OPN have been closing </stream:stream>
| then the socket on idle authorized connections since they appeared on the

Good! So we have two buggy servers less!

| available at jabber.org. And you just made those tests results up. 

He he ouaix ouaix, vous etes tres drôle  :)




More information about the Standards mailing list