[Vortex] [beepwg] Re: A couple of features to limit BEEP no reply attack

Francis Brosnan Blazquez francis at aspl.es
Wed Mar 18 14:14:11 CET 2009

Hi Martin,

> I think that David has said almost everything that I was going to.  No
> point me wasting my time reiterating it.


> One further note on reply-limit that might be related to David's
> second point: there are no provisions made for round trip time.  The
> serving peer might respond within the specified time, but that time
> might have elapsed by the time at the client before then, or before
> the response arrives.

Though I see your point, I find no easy solution to implement a
round-trip discovery extension, which, again, can be blocked in the same

It is expected that BEEP peers will provide appropriate values for this
reply-limit which includes such round-trip delay.


> Ta,
> Martin
Francis Brosnan Blazquez <francis at aspl.es>
Advanced Software Production Line, S.L.

More information about the Vortex mailing list