Re: [secdir] [xmpp] SecDir review of draft-ietf-xmpp-3920bis-17

"Peter Saint Andre" <Peter.SaintAndre@webex.com> Fri, 05 November 2010 13:54 UTC

Return-Path: <Peter.SaintAndre@webex.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 667F53A6948; Fri, 5 Nov 2010 06:54:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5nRXvjPBOehF; Fri, 5 Nov 2010 06:54:38 -0700 (PDT)
Received: from gw1.webex.com (gw1.webex.com [64.68.122.208]) by core3.amsl.com (Postfix) with SMTP id A384D3A693F; Fri, 5 Nov 2010 06:54:38 -0700 (PDT)
Received: from SRV-EXSC03.webex.local ([192.168.252.197]) by gw1.webex.com with Microsoft SMTPSVC(6.0.3790.4675); Fri, 5 Nov 2010 06:54:51 -0700
X-Mimeole: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Fri, 5 Nov 2010 06:54:50 -0700
Message-ID: <B276A36CB76AE04FADC48FDD7ED6A1CA0368BE@SRV-EXSC03.webex.local>
In-Reply-To: <4CD31A7C.1060502@mail.symlynx.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [xmpp] SecDir review of draft-ietf-xmpp-3920bis-17
Thread-Index: Act8YNP9Bdg8dPG1RMGfhaCCLK0A4QAkDBXY
From: "Peter Saint Andre" <Peter.SaintAndre@webex.com>
To: <fippo@mail.symlynx.com>, <yaronf.ietf@gmail.com>
X-OriginalArrivalTime: 05 Nov 2010 13:54:51.0130 (UTC) FILETIME=[044CDDA0:01CB7CF1]
X-Mailman-Approved-At: Sat, 06 Nov 2010 17:57:25 -0700
Cc: xmpp@ietf.org, draft-ietf-xmpp-3920bis.all@tools.ietf.org, iesg@ietf.org, stpeter@stpeter.im, secdir@ietf.org
Subject: Re: [secdir] [xmpp] SecDir review of draft-ietf-xmpp-3920bis-17
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Nov 2010 13:54:39 -0000

Yes, it would be good to add a conformance feature for that one, too.

----- Original Message -----
From: Philipp Hancke <fippo@mail.symlynx.com>;
To: Yaron Sheffer <yaronf.ietf@gmail.com>;
Cc: Peter Saint-Andre <stpeter@stpeter.im>;; draft-ietf-xmpp-3920bis.all@tools.ietf.org <draft-ietf-xmpp-3920bis.all@tools.ietf.org>;; iesg@ietf.org <iesg@ietf.org>;; XMPP <xmpp@ietf.org>;; secdir@ietf.org <secdir@ietf.org>;
Sent: Thu Nov 04 13:41:32 2010
Subject: Re: [xmpp] SecDir review of draft-ietf-xmpp-3920bis-17

Yaron Sheffer wrote:
> Hi Peter,
>
> yes, these seem reasonable. Is there a "converse" to the rewriting of
> the client's From header before forwarding to other servers, i.e. is
> there a server-side check on stanza From headers received from other
> servers?

Yes, see 8.1.2.2. Server-to-Server Streams (or search for the associated 
invalid-from stream error).