[Standards] SIFT revisited
stpeter at stpeter.im
Mon Jun 8 21:53:26 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
On 6/6/09 3:15 AM, Dave Cridland wrote:
> On Sat Jun 6 02:54:44 2009, Brian Cully wrote:
>> Sorry, on my phone so I can't do proper inline replies.
>> Maybe I'm missing something, but preserving presence on the server
>> until a subsequent iq or message stanza leads to dos attacks via
>> resource consumption. Is that not what you were advocating?
> Well, I'm assuming there's details to be worked out. That attack is
> instantly mitigated by allowing the server to flush down presence after
> a timeout, or when it becomes "big", or just "because".
Sure, I expect that the server would always need to be Smart[tm] about
how it implements any such feature.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Standards