[Standards] xep-0199 redundancy

Mridul Muralidharan mridul at sun.com
Sat Aug 25 17:05:43 UTC 2007


Hi,

   It might not be a good idea to use the full JID in the error response 
- can be used for leaking presence. (and clients should not respond to 
arbitrary ping requests - again, presence leak)

And if considered in this light, this response could be coming either 
from the actual connected resource, the server or an intermediary - 
while the pong would come from the actual destination.

- Mridul

Jonathan Dickinson wrote:
> Hey All,
> 
> XEP-0199 defines that if a server or client does not support ping it 
> should return the following stanza:
> 
> <iq from='juliet at capulet.lit/balcony' to='capulet.lit' id='s2c1' 
> type='error'>
>   <ping xmlns='urn:xmpp:ping'/>
>   <error type='cancel'>
>     <service-unavailable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
>   </error>
> </iq>
> 
> or
> 
> <iq from='capulet.lit' to='juliet at capulet.lit/balcony' id='c2s1' 
> type='error'>
>   <ping xmlns='urn:xmpp:ping'/>
>   <error type='cancel'>
>     <service-unavailable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
>   </error>
> </iq>
> 
> I beg, is that not the same as a pong? Shouldn't the server/client 
> rather ignore the packet if it doesn't allow pings? Unless of course, 
> the packet is structured as follows (as per XEP-0076):
> 
> <iq from='juliet at capulet.lit/balcony' to='capulet.lit' id='c2s1' 
> type='get'>
>   <ping xmlns='urn:xmpp:ping'/>
>   <evil xmlns='http://jabber.org/protocol/evil'/>
> </iq>
> 
> Just a thought.
> 
> Cheers,
>  Jonathan Dickinson




More information about the Standards mailing list