[jdev] serious jabberd's 1.4.3 violation of XMPP-Core
Justin
justin at openaether.org
Sat Oct 16 18:48:25 CDT 2004
Alexey Nezhdanov wrote:
>XMPP-Core:
>4.3 Stream Security
>An entity SHOULD NOT attempt to send XML StanzasXML Stanzas over the stream
>before the stream has been authenticated, but if it does then the other
>entity MUST NOT accept such stanzas and SHOULD return a <not-authorized/>
>stream error and then terminate both the XML stream and the underlying TCP
>connection
>
>jabberd 1.4.3 (at least on my host) sends stanzas immidiatedly upon connect,
>not waiting for dialback auth completion.
>
>
jabberd 1.4.3 is distinctly NOT xmpp compliant. It was written long
before xmpp and there are no active devlopers.
If you want xmpp compliance then select a modern jabber server.
Justin
More information about the JDev
mailing list