[Standards] XEP-0198: Stream should be closed when 'h' value is to high

Daniel Gultsch daniel at gultsch.de
Wed Feb 7 09:24:16 UTC 2018


2018-02-07 9:55 GMT+01:00 Christian Schudt <christian.schudt at gmx.de>:
> Are there any real-world scenarios where this issue could happen? A MitM
> attack on an unencrypted stream?
>
> Otherwise I think it can only happen due to an programming error.

I think I haven't encountered a 0198 implementation (including my own)
that was bug free from the beginning.
Merely logging counting errors might not be enough since client devs
sometimes don't have access to server logs and vice versa.

+1 to OP and what Georg said.

cheers
Daniel


More information about the Standards mailing list