-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/6/09 3:15 AM, Dave Cridland wrote: > On Sat Jun 6 02:54:44 2009, Brian Cully wrote: >> Sorry, on my phone so I can't do proper inline replies. >> >> Maybe I'm missing something, but preserving presence on the server >> until a subsequent iq or message stanza leads to dos attacks via >> resource consumption. Is that not what you were advocating? > > Well, I'm assuming there's details to be worked out. That attack is > instantly mitigated by allowing the server to flush down presence after > a timeout, or when it becomes "big", or just "because".
Sure, I expect that the server would always need to be Smart[tm] about how it implements any such feature. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkotiFYACgkQNL8k5A2w/vxpXwCfcxQZs4dWjnk9RZinQuyu6YYM TA0AnRPX1hcS4Bn4ZlRTs49g75WvUJ/p =L1s4 -----END PGP SIGNATURE-----