[Standards] XEP-0138: security considerations
fippo at goodadvice.pages.de
Mon Apr 14 14:33:33 UTC 2014
> 1. A server implementation MUST NOT turn on compression by default;
> instead, it MUST enable a server administrator to turn on compression if
Any particular reason to use RFC 2119 language here (and in 2+3).
Otherwise this LGTM.
> 3. A server implementation MUST enable a server administrator to
> limit the amount of bandwidth it will allow a connected client or peer
> server to use in a given time period.
We have that already in
http://xmpp.org/extensions/xep-0205.html#rec-bandwidth so if this
repeated here (which seems like a good idea) there should be a reference.
More information about the Standards