[Standards] Proposed XMPP Extension: Best Practices to Discourage Denial of Service Attacks Against XMPP Servers
stpeter at jabber.org
Tue Jan 23 17:02:52 UTC 2007
Kevin Smith wrote:
> On 22 Jan 2007, at 17:55, Peter Saint-Andre wrote:
>> XMPP Extensions Editor wrote:
>>> The XMPP Extensions Editor has received a proposal for a new XEP.
>>> Title: Best Practices to Discourage Denial of Service Attacks Against
>>> XMPP Servers
>>> Abstract: This document recommends a number of practices that can
>>> help discourage denial of service attacks on XMPP-based networks.
>>> URL: http://www.xmpp.org/extensions/inbox/dos.html
>> Just a little something I wrote up over the weekend. It needs to be
>> expanded a bit before the XMPP Council decides whether to accept it.
> Within the 'Specific recommendations to follow' of Karma usage - what do
> people really think of Karma? While I agree that it's desirable to stop
> people overloading servers, I'm a bit concerned that low karma limits
> will do more damage than good, and we should think reasonably carefully
> about recommending levels.
That's true of all the levels (stanza size etc.). Plus we need to define
"karma" more carefully in the first place -- some servers have rather
complex formulas for it...
XMPP Standards Foundation
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
More information about the Standards