[Standards] XEP-0220: handling of invalid dialback key

Philipp Hancke fippo at goodadvice.pages.de
Thu Apr 14 20:47:17 UTC 2011


Peter Saint-Andre wrote:
>> Actually, I mostly disagree with the "removed requirement for the
>> Receiving Server to close the stream if the dialback key is invalid"
>> stuff. From the security POV, why should the receiving server not
>> terminate the stream?
>
> Because, from the performance point of view, it doesn't want to discard
> the 10,000 valid domains it already supports on that stream. That's a

The average stream has probably one domain pair. Do you want me to make 
a simple extrapolation of the power law to demonstrate that most domains 
will not even have 500 domain pairs?

> huge cost to impose on the server just because the 10,001st domain has a
> DNSSEC problem. For traditional dialback the force-close requirement is
> fine. For dialback as used for domain name assertions with DNSSEC it
> seems too strong to me.

If DNSSEC is used, when does the receiving server ask the authoritative 
server to verify a dialback key?

If it never uses dial-back, why should the receiving server send 
'invalid' instead of 'error'?

And you might still generate valid dialback keys for 
dialback-with-dnssec to avoid that problem.



More information about the Standards mailing list