On Sep 22, 2009, at 3:04 PM, Peter Saint-Andre wrote:
XEP-0030 allows the 'category' and 'type' attributes to have any
length,
including zero. This opens the door to certain attacks in entity
capabilities (see the recent discussion on the [email protected] list)
and in any case I think it is not a good idea (is there any meaning
to a
zero-length category or type?). Also, we need to harmonize the 'jid'
attribute in disco with rfc3920bis. I propose the following:
1. 'category' shall have a minimum length of 1
2. 'type' shall have a minimum length of 1
3. 'jid' shall be a length between 1 and 3071 (see 3920bis)
+1
__________________
Robert Quattlebaum
Jabber: [email protected]
eMail: [email protected]
www: http://www.deepdarc.com/
