OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

mqtt message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] Updated: (MQTT-52) Handling permission problems

     [ http://tools.oasis-open.org/issues/browse/MQTT-52?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Richard Coppen updated MQTT-52:
-------------------------------

    Proposal: 
The 3.1.1 specification should provide a clarification to promote better clients client side error handling, retry and recovery behavior. 


Change Publish (WD13  844)

If a server implementation does not authorize a PUBLISH to be performed by a client; it has no way of informing that client. It MUST either make a positive acknowledgement, according to the normal QoS rules or disconnect the TCP session.


Change Subscribe (WD13 979)

The Payload of a SUBSCRIBE packet MUST contain at least one topic filter / QoS pair. A SUBSCRIBE packet with no payload is a protocol violation.

Remove 991 - 995 (WD13) See MQTT Issue-52 ... authorized to subscribe.

Change from 997 


A SUBACK Packet MUST be sent to the Client by the Server containing a return code for each topic filter/QoS pair. The Server might grant a lower maximum QoS than the subscriber requested. The QoS of Payload Messages sent in response to a subscription MUST be the minimum of the QoS of the originally published message and the maximum QoS granted by the Server.


Change table under 3.9.3 SUBACK Payload to have 4 values, all bits used, remove reserved/granted QoS to read return code.

0x00 - Success - Maximum QoS0
0x01 - Success - Maximum QoS1
0x02 - Success - Maximum QoS2
0x80 - Failure

All other return codes are reserved and MUST NOT be used 

<add to non normative example for failed>

change 1048 - 

substitute "return codes" for "granted QoS's" 

  was:
The 3.1.1 specification should provide a clarification to promote better clients client side error handling, retry and recovery behavior. 


Change Publish (WD13  844)

If a server implementation does not authorize a PUBLISH to be performed by a client; it has no way of informing that client. It MUST either make a positive acknowledgement, according to the normal QoS rules or disconnect the TCP session.


Change Subscribe (WD13 979)

The Payload of a SUBSCRIBE packet MUST contain at least one topic filter / QoS pair. A SUBSCRIBE packet with no payload is a protocol violation.

Remove 991 - 995 (WD13) See MQTT Issue-52 ... authorized to subscribe.

Change from 997 


A SUBACK Packet MUST be sent to the Client by the Server containing a return code for each topic filter/QoS pair. The Server might grant a lower maximum QoS than the subscriber requested. The QoS of Payload Messages sent in response to a subscription MUST be the minimum of the QoS of the originally published message and the maximum QoS granted by the Server.


Change table under 3.9.3 SUBACK Payload to have 4 values, all bits used, remove reserved/granted QoS to read return code.

0x00 - Success - Maximum QoS0
0x01 - Success - Maximum QoS1
0x02 - Success - Maximum QoS2
0x20 - Not allowed

<add to non normative example for failed>

change 1048 - 

substitute "return codes" for "granted QoS's" 


> Handling permission problems
> ----------------------------
>
>                 Key: MQTT-52
>                 URL: http://tools.oasis-open.org/issues/browse/MQTT-52
>             Project: OASIS Message Queuing Telemetry Transport (MQTT) TC
>          Issue Type: Improvement
>          Components: core
>    Affects Versions: 3.1.1
>            Reporter: Richard Coppen
>            Assignee: Andrew Banks
>             Fix For: 3.1.1
>
>
> What should a server do if a client attempts to perform an operation that is disallowed?
> For example:
> 1. Attempts to publish to a topic for which they do not have permission
> The input specification (which is not based on RFC2119 terminology) provides ambiguous guidance for such a scenario. 
> "Note that if a server implementation does not authorize a PUBLISH to be made by a client; it has no way of informing that client. It must therefore make a positive acknowledgement, according to the normal QoS rules, and the client will not be informed that it was not authorized to publish the message."
> This behavior is problematic (strictly enforced or not) since a valid client talking to a poorly configured server will continue to process work unaware of the problem. In practice it is very difficult, if not impossible, to write a client application with error handling and recovery logic to defend against it.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]