Am 31.08.2011 07:48, schrieb Waqas Hussain: > On Wed, Aug 31, 2011 at 7:10 AM, Peter Saint-Andre <[email protected]> wrote: >> >> So, to use examples closer to real life... >> >> >> EXAMPLE 1 >> >> <identity category='client' type='pc' name='QuxChat'/> >> >> is the same as: >> >> <feature var='client/pc//QuxChat'/> >> >> >> EXAMPLE 2 >> >> <feature var='http://jabber.org/protocol/caps'/> >> >> is the same as: >> >> <identity category='http://jabber.org' type='protocol' xml:lang='caps'/> >> >> note: "http://jabber.org"; and "protocol" are not registered categories >> and types at http://xmpp.org/registrar/disco-categories.html >> >> note: "caps" is not a registered language tag, although if you visit >> http://www.iana.org/assignments/language-subtag-registry I'm sure you >> can find interesting entries that are legitimate. >> >> >> EXAMPLE 3 >> >> <identity category='http://jabber.org' type='a' xml:lang='b' name='c/d'/> >> >> is the same as >> >> <identity category='http://jabber.org' type='a/b' xml:lang='c' name='d'/> >> >> note: none of the types registered at >> http://xmpp.org/registrar/disco-categories.html contain '/' >> > > Most protocol attacks are based on unexpected input. Attackers > wouldn't really care whether the values they send are registered or > usable in any way, as long as the attack succeeds. I don't think you > are proposing all caps handling entities ship with a copy of the > registry and fail on anything not included. > As a side-note: I feel that some of this discussion is drifting into saying "We can fix that if we mandate not to follow Postel's Law. I.e. you MUST NOT be liberal in what you accept." I can't say I'm particularly fond of that approach. Also were we to follow an approach checking category and type, entities won't be able to interoperate with other entities that use categories and types registered in the future (relative to the release date of client XY).
-- Florian Zeitz
