Re: [secdir] [xmpp] SecDir review of draft-ietf-xmpp-3920bis-17

Philipp Hancke <fippo@mail.symlynx.com> Thu, 04 November 2010 20:56 UTC

Return-Path: <fippo@mail.symlynx.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7A73528C102; Thu, 4 Nov 2010 13:56:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gagyyI2bsGVN; Thu, 4 Nov 2010 13:56:26 -0700 (PDT)
Received: from lo.psyced.org (lost.IN.psyced.org [188.40.42.221]) by core3.amsl.com (Postfix) with ESMTP id 3DEEC28C0E6; Thu, 4 Nov 2010 13:42:14 -0700 (PDT)
Received: from [192.168.2.103] (p4FF0C2F2.dip.t-dialin.net [79.240.194.242]) (authenticated bits=0) by lo.psyced.org (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id oA4Kh8TL001051 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 4 Nov 2010 21:43:51 +0100
Message-ID: <4CD31A7C.1060502@mail.symlynx.com>
Date: Thu, 04 Nov 2010 21:41:32 +0100
From: Philipp Hancke <fippo@mail.symlynx.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.12) Gecko/20100915 Thunderbird/3.0.8
MIME-Version: 1.0
To: Yaron Sheffer <yaronf.ietf@gmail.com>
References: <4CC9503D.2000809@gmail.com> <4CCBA7A9.7030506@stpeter.im> <4CCE87A5.80701@gmail.com> <4CCF20E7.30401@stpeter.im> <4CD1D708.7010308@stpeter.im> <4CD2D90F.6040304@gmail.com>
In-Reply-To: <4CD2D90F.6040304@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Sat, 06 Nov 2010 17:57:25 -0700
Cc: XMPP <xmpp@ietf.org>, draft-ietf-xmpp-3920bis.all@tools.ietf.org, iesg@ietf.org, Peter Saint-Andre <stpeter@stpeter.im>, secdir@ietf.org
Subject: Re: [secdir] [xmpp] SecDir review of draft-ietf-xmpp-3920bis-17
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Nov 2010 20:56:27 -0000

Yaron Sheffer wrote:
> Hi Peter,
>
> yes, these seem reasonable. Is there a "converse" to the rewriting of
> the client's From header before forwarding to other servers, i.e. is
> there a server-side check on stanza From headers received from other
> servers?

Yes, see 8.1.2.2. Server-to-Server Streams (or search for the associated 
invalid-from stream error).