[Standards] [Fwd: [Council] meeting minutes, 2007-05-16]

Rachel Blackman rcb at ceruleanstudios.com
Fri May 18 22:40:08 UTC 2007


> Better, I think, to randomize the resource identifiers. That makes  
> the attack a lot harder, and it is something that's under the  
> user's control (just use a client that randomizes the resource  
> identifiers).

Or have servers which can generate a random resource on connection.   
(Again, see Google Talk.)  This is why we have XMPP bind stanzas,  
after all, right?  So the server can tell you what resource to use? :)

If we start trying to second-guess everything and prevent presence  
leaks everywhere by doing things like legislating the order of  
children in an XML element (to obscure if it's a client or server  
response), we're going to make the bar to entry to adopting XMPP  
much, much higher.

If we /do/ go that direction, I would think it would be the  
responsibility of the server to normalize IQ error replies to match  
its own format, rather than coming up with one diehard unchanging  
specification for ordering children and tags and whatever else.   
Otherwise, just to be /certain/, a client would have to probe a  
server on connection, discover how the server handles errors, and  
then emulate it.

Either way, it's a ton of extra work for everyone, for something that  
doesn't seem a significant amount of gain.  As Peter points out, just  
randomizing resource identifiers is far easier.  And that's something  
which can be done on either client /or/ server side.

-- 
Rachel Blackman <rcb at ceruleanstudios.com>
Trillian Messenger - http://www.trillianastra.com/





More information about the Standards mailing list