Re: [xmpp] message size

Kevin Smith <kevin@kismith.co.uk> Thu, 06 March 2014 14:46 UTC

Return-Path: <k.i.smith@gmail.com>
X-Original-To: xmpp@ietfa.amsl.com
Delivered-To: xmpp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CE811A000D for <xmpp@ietfa.amsl.com>; Thu, 6 Mar 2014 06:46:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0tuVfVfT8S2O for <xmpp@ietfa.amsl.com>; Thu, 6 Mar 2014 06:46:39 -0800 (PST)
Received: from mail-we0-x234.google.com (mail-we0-x234.google.com [IPv6:2a00:1450:400c:c03::234]) by ietfa.amsl.com (Postfix) with ESMTP id 089341A0041 for <xmpp@ietf.org>; Thu, 6 Mar 2014 06:46:37 -0800 (PST)
Received: by mail-we0-f180.google.com with SMTP id p61so3199919wes.11 for <xmpp@ietf.org>; Thu, 06 Mar 2014 06:46:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:sender:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=dpmR58OR2hycjetCsE/LE7O/ereCgcIc0afWH8D+yeY=; b=agdZ9kCySTh3o4WISbvCE+QSER4m26gZhPh33CuWSGciDYI7jSG7TJ4qnAcWPX32sN /IfuhkBKCHeQsnCrt/ieasuRelINoZRs7p3FtZlPNcyHxTmKbHH4EM/YEqU9P2Ey54s/ ZlYfrYu6cMRPG/OP8xNHQBC0cTZncsI+YjZZxpy0UNEFoiPbh/APjPKzvvosSG2tavAr dKanHCszr/q5oSFV7esDi/pxdxEInQIkC1xCSoU6wJY3dX204EbHXECgX+gEceeWR6OF 4vW8+ZQRbuM5ehW5PsSJ8emOi86G6jLleUcjXGh+MjZ6w6De1dAeNypmE7CBrLf/NWkr vIZQ==
MIME-Version: 1.0
X-Received: by 10.194.24.35 with SMTP id r3mr10729021wjf.68.1394117193648; Thu, 06 Mar 2014 06:46:33 -0800 (PST)
Sender: k.i.smith@gmail.com
Received: by 10.217.96.196 with HTTP; Thu, 6 Mar 2014 06:46:33 -0800 (PST)
In-Reply-To: <CAKHUCzwPcBuOy=em8jseBQrgWP6Wx8RgooZHi40U_W_oS5dRCA@mail.gmail.com>
References: <531883F5.7000800@stpeter.im> <CAKHUCzz7QqnJirHHwrGJHSD1U_m_uAZGV4GcQaC-rteceug-sA@mail.gmail.com> <C16C702C-50EC-41A2-9559-B7576129A70B@surevine.com> <CAOb_FnywkNkyjwc3c4+AJb1xAXTpjD8dPj1gex_K9GzGKiJvAg@mail.gmail.com> <CAKHUCzwPcBuOy=em8jseBQrgWP6Wx8RgooZHi40U_W_oS5dRCA@mail.gmail.com>
Date: Thu, 6 Mar 2014 14:46:33 +0000
X-Google-Sender-Auth: 1J8eYSPdIuyrQrawtJMoTUiuDCM
Message-ID: <CAOb_FnzJxRfh4eZQo6uyLdRVtfJWajMHLuMQ8t3dJLv+H6OFJw@mail.gmail.com>
From: Kevin Smith <kevin@kismith.co.uk>
To: Dave Cridland <dave@cridland.net>
Content-Type: text/plain; charset=ISO-8859-1
Archived-At: http://mailarchive.ietf.org/arch/msg/xmpp/-GNXPFheOPTNsqL8MHxsAipZpuU
Cc: XMPP Working Group <xmpp@ietf.org>
Subject: Re: [xmpp] message size
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: kevin@kismith.co.uk
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/xmpp/>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Mar 2014 14:46:41 -0000

On Thu, Mar 6, 2014 at 2:41 PM, Dave Cridland <dave@cridland.net> wrote:
> On 6 March 2014 14:40, Kevin Smith <kevin@kismith.co.uk> wrote:
>>
>> On Thu, Mar 6, 2014 at 2:35 PM, Ashley Ward <ashley.ward@surevine.com>
>> wrote:
>> > On 6 Mar 2014, at 14:28, Dave Cridland <dave@cridland.net> wrote:
>> >
>> >> You're saying to include, pre-encrypt, something like <spacer:junk
>> >> xmlns:spacer='urn:...'>123465</spacer> in the plaintext order to defeat
>> >> message size analysis of the ciphertext?
>> >
>> > It's XML - you could always just use <!-- --> comments or whitespace.
>>
>> Comments are slightly problematic, on account of being illegal.
>
>
> Only on the wire, where they'd not appear in the plaintext.

Presumably if we're encrypting stanza contents, we'd like the stanza
contents to still be legal stanza contents once decrypted.

I don't see a reason to start fiddling around with the rules so we
could shove comments in here and only here. The
shove-stuff-in-a-junk-namespace seems easier and less contentious.

/K