[Standards] SIFT revisited

Peter Saint-Andre stpeter at stpeter.im
Mon Jun 8 21:53:26 UTC 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 6/6/09 3:15 AM, Dave Cridland wrote:
> On Sat Jun  6 02:54:44 2009, Brian Cully wrote:
>> Sorry, on my phone so I can't do proper inline replies.
>>
>> Maybe I'm missing something, but preserving presence on the server 
>> until a subsequent iq or message stanza leads to dos attacks via 
>> resource consumption. Is that not what you were advocating?
> 
> Well, I'm assuming there's details to be worked out. That attack is
> instantly mitigated by allowing the server to flush down presence after
> a timeout, or when it becomes "big", or just "because".

Sure, I expect that the server would always need to be Smart[tm] about
how it implements any such feature.

Peter

- --
Peter Saint-Andre
https://stpeter.im/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkotiFYACgkQNL8k5A2w/vxpXwCfcxQZs4dWjnk9RZinQuyu6YYM
TA0AnRPX1hcS4Bn4ZlRTs49g75WvUJ/p
=L1s4
-----END PGP SIGNATURE-----



More information about the Standards mailing list