[Vortex] [beepwg] Re: A couple of features to limit BEEP no reply attack
Francis Brosnan Blazquez
francis at aspl.es
Wed Mar 25 11:50:33 CET 2009
Hi Benoit,
> Just a few newbie comments, as an user of the vortex library.
>
> - I'm one of the people forced to use connection termination instead
> of
> proper connection closure, due to misbehaving peers. It's very easy
> to
> trigger just pause one peer process and wait for the other side to
> wait
> indefinitely. I think it's doable to implement this on top of the
> library without changing the BEEP protocol itself, by enforcing, if
> the
> user wants it, a timeout on expected replies. It would allow at
> least,
> to try to close the connection properly first, instead of always
> assuming the worst and terminate it.
>
> - About the 'no-reply' option, I'm not sure about whether it's a good
> idea not knowing whether the peer will reply or not. I like the
> semantics of an 'NFN' message much more. It would save bandwidth and
> not
> disrupt the in-order message mechanism per channel.
Thanks for your comments Benoit. It seems there are consensus with these
two points. Cheers!
> Bye!
> Benoit Amiaux
--
Francis Brosnan Blazquez <francis at aspl.es>
Advanced Software Production Line, S.L.
More information about the Vortex
mailing list