diff --git a/xep-0205.xml b/xep-0205.xml index 8beaae02..6503d36c 100644 --- a/xep-0205.xml +++ b/xep-0205.xml @@ -10,7 +10,7 @@ This document recommends a number of practices that can help discourage denial of service attacks on XMPP-based networks. &LEGALNOTICE; 0205 - Proposed + Active Informational Standards @@ -21,6 +21,12 @@ N/A &stpeter; + + 1.0 + 2009-01-07 + psa +

Per a vote of the XMPP Council, advanced specification to Active; also corrected errors namespace for consistency with XEP-0182.

 + 0.3 2008-12-19 @@ -108,7 +114,7 @@ - + ]]> @@ -120,7 +126,7 @@ - + ]]> @@ -129,7 +135,7 @@ - + ]]> @@ -141,7 +147,7 @@ - + ]]> @@ -167,7 +173,7 @@ -

Implementations MAY enable administrators to configurate appropriate exceptions to some of the recommendations specified in this document. Examples include:

+

Implementations MAY enable administrators to configure appropriate exceptions to some of the recommendations specified in this document. Examples include:

  • Less strict limits for server administrators compared to entities associated with registered accounts, and for entities associated with registered accounts compared to anonymous entities.
  • Less strict limits for entities that authenticate via strong authentication methods (e.g., TLS + SASL EXTERNAL) compared to entities that authenticate via weaker authentication methods (e.g., TLS + SASL PLAIN or server dialback).
    • @@ -182,27 +188,29 @@

    This document requires no interaction with &IANA;.

    -

    The ®ISTRAR; shall add <resource-limit-exceeded/> to its registry of application-specific error conditions (see &APPERRORS;), where the element is qualified by the 'http://jabber.org/protocol/errors' namespace.

    +

    The ®ISTRAR; includes <resource-limit-exceeded/> and <too-many-stanzas/> in its registry of application-specific error conditions (see &APPERRORS;), where the element is qualified by the 'urn:xmpp:errors' namespace as described in &xep0182;.

    The registry submission is as follows:

    - http://jabber.org/protocol/errors + urn:xmpp:errors resource-limit-exceeded - the account is not allowed to bind more resources at this time + + The account is not allowed to bind more resources at this time. + XEP-0205 - http://jabber.org/protocol/errors + urn:xmpp:errors too-many-stanzas - a connected client has attempted to send multiple stanzas to too many - different intended recipients in a given time period + A connected client has attempted to send multiple stanzas to + too many different intended recipients in a given time period. XEP-0205 ]]>     -

    Special thanks to Chris Mullins for calling attention to the need for a specification detailing best practices such as those recommended herein. Thanks also to Thiago Camargo, Bruce Campbell, Dave Cridland, Gustavo Felisberto, Justin Karneges, Pedro Melo, Kevin Smith, Michal Vaner, and Matthew Wild for their suggestions.

    +

    Special thanks to Chris Mullins for calling attention to the need for a specification on this topic. Thanks also to Thiago Camargo, Bruce Campbell, Dave Cridland, Gustavo Felisberto, Justin Karneges, Pedro Melo, Kevin Smith, Michal Vaner, and Matthew Wild for their suggestions.