[Vortex] [beepwg] Re: A couple of features to limit BEEP no reply attack

Francis Brosnan Blazquez francis at aspl.es
Wed Mar 25 11:50:33 CET 2009

Hi Benoit,

> Just a few newbie comments, as an user of the vortex library.
> - I'm one of the people forced to use connection termination instead
> of 
> proper connection closure, due to misbehaving peers. It's very easy
> to 
> trigger just pause one peer process and wait for the other side to
> wait 
> indefinitely. I think it's doable to implement this on top of the 
> library without changing the BEEP protocol itself, by enforcing, if
> the 
> user wants it, a timeout on expected replies. It would allow at
> least, 
> to try to close the connection properly first, instead of always 
> assuming the worst and terminate it.
> - About the 'no-reply' option, I'm not sure about whether it's a good 
> idea not knowing whether the peer will reply or not. I like the 
> semantics of an 'NFN' message much more. It would save bandwidth and
> not 
> disrupt the in-order message mechanism per channel.

Thanks for your comments Benoit. It seems there are consensus with these
two points. Cheers!

> Bye!
> Benoit Amiaux
Francis Brosnan Blazquez <francis at aspl.es>
Advanced Software Production Line, S.L.

More information about the Vortex mailing list