Wouldn't simply including a hub challenge style verification for sent updates address this? Redirecting DNS to a targeted URL, like http://google.com/, is likely to return an HTTP status code of 2xx simply because it won't specifically be looking for PSHB updates. But it's very unlikely to look for and return a valid hub challenge string when receiving that update. Once that fails a few times the subscription would get dropped.
That's far from perfect, but it's a step better than allowing hubs to be a blind relay. On Sun, Nov 22, 2009 at 12:41 AM, Pádraic Brady <[email protected]> wrote: > Subscribers track their subs too so it's simple to refuse non-matching > updates quickly with a 404. But that's playing softball - the entire attack > relies on the Subscriber's server being misconfigured or vulnerable to start > with. So this is largely FUD - the same risk applies to all pubsub models > relying on DNS. The protocol can't address unrelated security issues. -- Joseph Scott [email protected] http://josephscott.org/
