-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 6/22/09 4:50 PM, Peter Saint-Andre wrote:
> On 6/22/09 9:53 AM, Brian Cully wrote:
>> I feel that implementations must be allowed to limit the number of
>> subscriptions a Bare JID is allowed to have to a given PubSub node. This
>> is particularly important when multi-subscribe features are enabled,
>> because the behavior is now to create a new subscription per request,
>> however it has always been necessary because it is trivial to subscribe
>> with the same bare JID and different resources as many times as one
>> would wish.
>
>> Naturally, given a vast number of subscriptions it becomes very
>> difficult to deliver notification events causing denial-of-service.
>
> That's a clever DoS. Presumably we need to describe a similar attack for
> Multi-User Chat.
>
>> I have tried to find something in XEP-0060 which denotes a
>> "too-many-subscriptions" error to no avail, so I propose we add one. I
>> believe it's necessary in the specification because then we can return a
>> specific error which clients can use to investigate their subscription
>> states. With only a generic error it is too difficult to surmise why a
>> given subscription request was denied, and unsuspecting clients may
>> never query their node subscriptions.
>
>> I propose the generic condition to be <not-allowed/> with a specific
>> condition of <too-many-subscriptions/>.
>
> That works for me. We'll need to clearly define the matching criteria
> (match on bare JID etc.).
I've added the following section to my working copy.
***
6.1.3.9 Too Many Subscriptions
If the requesting entity has attempted to establish too many
subscriptions (where the definition of "too many" is a matter of local
service policy), the service MUST return a <policy-violation/> error to
the subscriber, specifying a pubsub-specific error condition of
<too-many-subscriptions/>.
Example 42. Requesting entity has exceeded limit on number of subscriptions
<iq type='error'
from='pubsub.shakespeare.lit'
to='[email protected]/barracks'
id='sub1'>
<error type='wait'>
<policy-violation xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
<too-many-subscriptions
xmlns='http://jabber.org/protocol/pubsub#errors'/>
</error>
</iq>
The service can match on bare JID or full JID in determining which
subscribing entities match for the purpose of determining if an entity
has requested too many subscriptions.
***
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkrCmIgACgkQNL8k5A2w/vy4VwCgz0yvFI6w8D2gvULG5QADZuOI
5e8AoPq0yPTwpf65mqQ6NabUZ8o1FTpG
=bdMG
-----END PGP SIGNATURE-----
