On Tue, 2003-07-08 at 17:53, Barry Warsaw wrote:
> On Tue, 2003-07-08 at 11:00, Nigel Metheringham wrote:
>
> > One thing that could be considered to protect ourselves against such
> > attacks if there was a way of reducing the complexity to reasonable
> > levels, would be to drop pending subscription requests after a couple
> > (think of an appropriate number) of failed cookie cracking attempts.
> > That of course transforms this into a denial of service attack :-(
>
> Oh whoops, I just realized that if you get the cookie wrong, you have no
> idea which subscription request they intended to confirm. sha has 160
> bits of data in it and if you're off by one, you don't get a hit and we
> error out. But there's no way to match the sha hexdigest that you got
> in the confirmation attempt with one in the database of pending
> subscription requests.
Of course - I had been thinking that you are confirming a subscription
address so the sender address is used as a key, but that is not how it
works.
You can't reasonably shut off all confirmations if you get a number of
failed confirmations, and expecting the sender address to be useful is
not too good either so I guess there is no real way to do this.
Nigel.
--
Nigel Metheringham <[EMAIL PROTECTED]>
...at home... they call this a day off :-)
_______________________________________________
Mailman-Developers mailing list
[EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-developers
