1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-11-25 10:42:19 -05:00

resource binding fix per list discussion

git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@3386 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
Unknown User 2009-09-02 20:43:03 +00:00
parent 1e3ffc2192
commit 6c6b2b12e7

View File

@ -60,7 +60,7 @@
<section1 topic='Recommendations' anchor='rec'> <section1 topic='Recommendations' anchor='rec'>
<p>An XMPP server implementation SHOULD NOT enable the SASL ANONYMOUS mechanism by default, but instead SHOULD force an administrator to explicitly enable support in any given deployment.</p> <p>An XMPP server implementation SHOULD NOT enable the SASL ANONYMOUS mechanism by default, but instead SHOULD force an administrator to explicitly enable support in any given deployment.</p>
<p>An XMPP server SHOULD assign a temporary, unique bare JID &LOCALBARE; to a client that authenticates with SASL ANONYMOUS. Although the method for ensuring the uniqueness of localpart is a matter of implementation, it is RECOMMENDED for the localpart to be a UUID as specified in &rfc4122;.</p> <p>An XMPP server SHOULD assign a temporary, unique bare JID &LOCALBARE; to a client that authenticates with SASL ANONYMOUS. Although the method for ensuring the uniqueness of localpart is a matter of implementation, it is RECOMMENDED for the localpart to be a UUID as specified in &rfc4122;.</p>
<p>After a client authenticates using the SASL ANONYMOUS mechanism, it MUST bind a resource; the server SHOULD ignore the resource identifier provided by the client (if any) and instead assign a resource identifier that it generates on behalf of the client.</p> <p>After a client authenticates using the SASL ANONYMOUS mechanism, it MUST bind a resource. On public servers where the same JID is reused for multiple anonymous sessions, the server MAY ignore the resource identifier provided by the client (if any) and instead assign a resource identifier that it generates on behalf of the client.</p>
<p>Because an anonymous user is unknown to the server, the server SHOULD appropriately restrict the user's access in order to limit the possibility of malicious behavior, such as denial of service attacks as described in &xep0205;. The following restrictions are encouraged:</p> <p>Because an anonymous user is unknown to the server, the server SHOULD appropriately restrict the user's access in order to limit the possibility of malicious behavior, such as denial of service attacks as described in &xep0205;. The following restrictions are encouraged:</p>
<ol start='1'> <ol start='1'>
<li><p>The user SHOULD NOT be allowed to initiate communication with entities hosted at remote servers.</p></li> <li><p>The user SHOULD NOT be allowed to initiate communication with entities hosted at remote servers.</p></li>