[ejabberd] Psi misbehavior when using latest ejabberd svn version
zbyszek at toliman.pl
Tue Sep 25 12:03:14 MSD 2007
i agree with You, but what we can do to let client programmers to honor such
behavior? - so that why i also directed that question to Peter.
This would help to develop tighter-standard clients.
On 9/25/07, Mickaël Rémond <mickael.remond at process-one.net> wrote:
> Le 25 sept. 07 à 08:45, Zbyszek Żółkiewski a écrit :
> so the discussion went to dead end? maybe we need some XEP-best practices
> regarding client behavior - if there isn't already...Peter what you think?
> I am not sure it is a dead end. From the server perspective it make sense
> to avoid letting user connect without being authenticated for too long. It
> could be buggy client that fail negociation and is stuck in an intermediate
> state or denial of service attack.
> If you telnet Google server, you will see that they also have a timeout
> and for a good reason.
> The inband registration causes problem in this scheme (Google does not
> support it and most large site won't). We could make it possible to disable
> this option for small site, but I think it make sense too that client
> tolerate disconnexion from the server during the inband registration process
> and reconnect to perform the final step.
> Mickaël Rémond
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ejabberd