Hi Kim, > I don't believe randomizing mechanisms helps. An attacker can simply > connect multiple times and check if things vary or stay the same. > > And given that attackers have unlimited IP addressees via proxies or > compromised machines, I don't think rate limiting helps much either. Hmm yes, you are right. > On the other hand, I'm not sure anyone cares enough to really do this > kind of thing, there are probably much easier ways to check if an > account exists. And yes, that's right, too. Querying for OMEMO keys/devices comes to my mind. An attacker could even try to establish an OMEMO session without actually sending any user-visible message to see if a device is online and maybe even fingerprint the client by observing when the prekeys are refilled.
> I would likely just pick one "common" set of mechanisms to offer for > unknown accounts, or seed the randomization with something relatively > stable. Sounds sensible. I'll update the Security Considerations to include this approach in a few days. -tmolitor _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________