thank you for your comments. I will address them inline.
> I'm really tempted to say that the new message routing (in next gen
> XMPP as discussed during summit)
> must require the message stanza to have "id" attribute. I personally
> think that uuid v4 would enough here.
> This, to my knowledge, is hard to guess so a malicious user is
> probably not able to guess next ID.
> What it can do, though is to "reuse" the same id in other message,
> which maybe a bad thing.
So from the discussion we had in the summit-MUC it seems like abusing a
ID is not possible anyway if senders are properly verified. If anybody
please speak up!
Indeed, reusing IDs for different messages is always possible but can
be mitigated by requiring the ID to be a function of the message.
> E2. ...
> Making the id verifiable (in the most efficient way) would be perfect.
> I think, here we need to remember that no every client will have SM
> enabled, so it may not have the sm-counter.
Good point, thanks for bringing it up. This can probably be solved using
something like the salt based variant of E2.
Standards mailing list