I was implementing XEP-50 and was dumbfounded to find the protocol is
stateful. That is, the protocol requires a server to maintain state,
potentially of significant size, of each in-progress command. I think
a stateless protocol design would be more appropriate, such as one
where the server provides a state data in non-final command responses
that the client is required to return in subsequent requests.
If the design remains stateful, I recommend a security consideration
be added cautioning server developers of the possibility that state
management requirements of 'ad hoc' commands might be used to mount
denial of service attacks against the server. One simple way to avoid
such DoS attacks is to limit the number of concurrent commands a
client (and/or user) can execute, and to limit the size of state held
for each client (and/or user).
-- Kurt
- [Standards] XEP-50: Ad hoc command protocol is stateful Kurt Zeilenga
-
