OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

mqtt message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: [OASIS Issue Tracker] (MQTT-411) Return code for Payload does not match Payload Format


    [ https://issues.oasis-open.org/browse/MQTT-411?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=65172#comment-65172 ] 

Ken Borgendale commented on MQTT-411:
-------------------------------------

A major basis for security exploits is applications which receive data off the wire and do not validate it before using it.  An MQTT server has the responsibility not only to protect itself, but any client to which it forwards data.

In this particular case it makes sense to have a server configuration which selects whether to validate the payload format before forwarding on the message.  In a strict data environment you would choose to enforce payload format.  In other environments this enforcement might not be unnecessary.  Thus we specifically put in the spec that the receiver MAY validate the payload format.  

 

> Return code for Payload does not match Payload Format
> -----------------------------------------------------
>
>                 Key: MQTT-411
>                 URL: https://issues.oasis-open.org/browse/MQTT-411
>             Project: OASIS Message Queuing Telemetry Transport (MQTT) TC
>          Issue Type: Bug
>    Affects Versions: 5, wd11
>            Reporter: Ken Borgendale
>            Assignee: Ken Borgendale
>            Priority: Minor
>             Fix For: 5, wd11
>
>
> In section 3.3.2.4 Payload Format Indicator we say the receiver MAY validate the Payload is of the specified format.  However we do not define a Return Code for this.  Also in this case it would make sense in the case of a QoS>0 message send send a NAK rather than closing the connection.



--
This message was sent by Atlassian JIRA
(v6.2.2#6258)


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]