daniele-athome
commented
8 years ago Dropping this in favour of a more secure management based on cryptography (that is, signature timestamp).
Closed daniele-athome closed 8 years ago
daniele-athome
commented
8 years ago Dropping this in favour of a more secure management based on cryptography (that is, signature timestamp).
The
<delay/>element could be used to forge sent timestamp. If not done yet by Tigase, ensure that the<delay/>element is stripped for incoming messages from clients.https://projects.tigase.org/boards/4/topics/6274