[Standards] pubsub whitelists

Peter Saint-Andre stpeter at stpeter.im
Thu Aug 23 16:13:28 UTC 2007


Fabio Forno wrote:
> Peter Saint-Andre wrote:
>> Peter Millard originally thought of a pubsub whitelist as the list of
>> entities that are subscribed to a node. However, as Joe Hildebrand and
>> Matt Yacobucci just pointed out to me, that introduces a security hole
>> quite similar to <presence type='subscribed'/> -- that is, the node
>> owner can now add you to the subscriber list without your permission
>> (introducing all sorts of wonderful spam possibilities). Joe and Matt
>> pointed out that the whitelist is more properly a list of entities that
>> are allowed to subscribe (or retrieve items) if they want to, not as the
>> list of subscribers. This could be managed via node configuration (e.g.,
>> a "pubsub#whitelist" node configuration option of type jid-multi). It
>> seems important to fix this before we publish version 1.10 of XEP-0060
>> so I will work on that here soon.
> 
> 
> Not sure about the real danger of this issue. If entity A wants to spam
> entity B, entity A can directly a message to B, so why pass through
> pubsub? The only reason I can image is that B has already blocked A and
> A is finding a new way to reach B, but if A is abusing of the the pubsub
> service it can be easily banned.

There are always rogue publishers (or pubsub services) with one node for
viagra spam, another node for cialis spam, etc. :)

> Instead eliminating this option implies that it becomes impossible to
> centrally manage the list of subscribers forcing clients to do this (in
> the near future I see many clients able of handling the pubsub <event/>
>  but not all the browse/subscribe stuff).

The owner can already manage subscriptions:

http://www.xmpp.org/extensions/xep-0060.html#owner-subscriptions

What Joe and Matt pointed out is that the whitelist is a list of people
who are *allowed* to subscribe (or retrieve items), not a list of people
who *are* subscribed.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070823/3e0f8f21/attachment.bin>


More information about the Standards mailing list