[Standards] XEP-0198 stream resumption with too high 'h' parameter

Georg Lukas georg at op-co.de
Tue Feb 14 13:20:31 UTC 2017

* Michal Piotrowski <michal.piotrowski at erlang-solutions.com> [2017-02-14 12:18]:
> I'm currently investigating following situation. The server sent to the
> client 10 stanzas and clients sends accept <a h='11'/> which is not valid
> (too high).
> In XEP-0198 I didn't find any information what should happen if clients
> sends too high 'h' parameter.

I would suggest terminating the session with a policy-violation both for
the <a> and <resume> cases. An invalid 'h' value is an indication of a
client implementation bug, and those are really hard to debug. Killing
the session on sight will make the client developer more aware of the
issue, preventing looming desynchronization problems like a mismatch in
the number of actually processed and user-displayed messages.

|| http://op-co.de ++  GCS d--(++) s: a C+++ UL+++ !P L+++ !E W+++ N  ++
|| gpg: 0x962FD2DE ||  o? K- w---() O M V? PS+ PE-- Y++ PGP+ t+ 5 R+  ||
|| Ge0rG: euIRCnet ||  X(+++) tv+ b+(++) DI+++ D- G e++++ h- r++ y?   ||
++ IRCnet OFTC OPN ||_________________________________________________||
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 811 bytes
Desc: Digital signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20170214/1a26f634/attachment.sig>

More information about the Standards mailing list