[Standards] XEP-0220: handling of invalid dialback key
fippo at goodadvice.pages.de
Thu Apr 14 20:47:17 UTC 2011
Peter Saint-Andre wrote:
>> Actually, I mostly disagree with the "removed requirement for the
>> Receiving Server to close the stream if the dialback key is invalid"
>> stuff. From the security POV, why should the receiving server not
>> terminate the stream?
> Because, from the performance point of view, it doesn't want to discard
> the 10,000 valid domains it already supports on that stream. That's a
The average stream has probably one domain pair. Do you want me to make
a simple extrapolation of the power law to demonstrate that most domains
will not even have 500 domain pairs?
> huge cost to impose on the server just because the 10,001st domain has a
> DNSSEC problem. For traditional dialback the force-close requirement is
> fine. For dialback as used for domain name assertions with DNSSEC it
> seems too strong to me.
If DNSSEC is used, when does the receiving server ask the authoritative
server to verify a dialback key?
If it never uses dial-back, why should the receiving server send
'invalid' instead of 'error'?
And you might still generate valid dialback keys for
dialback-with-dnssec to avoid that problem.
More information about the Standards