[06SummaryOfSessionMessages.md] Protocol Violations: Session level messages before session is Established

FIXTradingCommunity / fixp-specification

FIXP - FIX performance session layer specification

Other

49 stars 17 forks source link

[06SummaryOfSessionMessages.md] Protocol Violations: Session level messages before session is Established #57

Closed ujos closed 6 years ago

ujos commented 7 years ago

I have few questions regarding subj:

How should FIXP Acceptor handle any Session Level message message while processing Negotiate message?
How should FIXP Acceptor handle any Session Level message message while processing Establish message?

donmendelson commented 7 years ago

The spec is not explicit about when heartbeating should begin. In my view, no application messages or other session messages should be exchanged until EstablishAck is sent. Any intervening messages would be a protocol violation.

We should create a new section in the spec to summarize all protocol violations, as was done in the SBE spec.

ujos commented 7 years ago

Just a remark. Sending any data to remote peer while it is not authorized can be harmful. Sent data can be used attacker later.

donmendelson commented 7 years ago

Correction to my earlier comment. There already is a summary of protocol violations in section 6, but make sure it is comprehensive.

adkapur commented 6 years ago

If any message is sent whether business or session before session is established then it will be terminated period