[Standards] [Fwd: [Council] meeting minutes, 2007-05-16]
rcb at ceruleanstudios.com
Fri May 18 22:40:08 UTC 2007
> Better, I think, to randomize the resource identifiers. That makes
> the attack a lot harder, and it is something that's under the
> user's control (just use a client that randomizes the resource
Or have servers which can generate a random resource on connection.
(Again, see Google Talk.) This is why we have XMPP bind stanzas,
after all, right? So the server can tell you what resource to use? :)
If we start trying to second-guess everything and prevent presence
leaks everywhere by doing things like legislating the order of
children in an XML element (to obscure if it's a client or server
response), we're going to make the bar to entry to adopting XMPP
much, much higher.
If we /do/ go that direction, I would think it would be the
responsibility of the server to normalize IQ error replies to match
its own format, rather than coming up with one diehard unchanging
specification for ordering children and tags and whatever else.
Otherwise, just to be /certain/, a client would have to probe a
server on connection, discover how the server handles errors, and
then emulate it.
Either way, it's a ton of extra work for everyone, for something that
doesn't seem a significant amount of gain. As Peter points out, just
randomizing resource identifiers is far easier. And that's something
which can be done on either client /or/ server side.
Rachel Blackman <rcb at ceruleanstudios.com>
Trillian Messenger - http://www.trillianastra.com/
More information about the Standards