[jdev] Opening stream element when TLS is not enabled
Jacek Konieczny
jajcus at jajcus.net
Tue Aug 30 01:33:19 CDT 2005
On Mon, Aug 29, 2005 at 08:24:28PM -0300, Gaston Dombiak wrote:
> I've been reading the rfc3920 spec and I have a question about TLS. Section
> 5.1.3 says:
>
> "When a receiving entity that complies with this specification receives an
> initial stream header that includes the 'version' attribute set to a value
> of at least "1.0", after sending a stream header in reply (including the
> version flag), it MUST include a <starttls/> element (qualified by the
> 'urn:ietf:params:xml:ns:xmpp-tls' namespace) along with the list of other
> stream features it supports."
That seems like an error in the specification. StartTLS is required for
implementation, but may be disabled and <stream:features/> element is exactly
for this -- showing which features are available and enabled and which are not.
> While I was testing TLS & SASL support in Smack using ejabberd I found that
> if TLS was disabled on the server the opening stream element was still
> including the version=1.0 attribute. So I was wondering which would be the
> correct behavior of a server that implements XMPP 1.0 but for some
> "business" reason TLS needs to be disabled from the server side. Does the
> server still need to send version=1.0? Is there a way to say "Hey, I do
> support TLS but it is NOT enabled at the moment"?
I guess, omitting <starttls/> in the feature list is still the only way
to do that.
Greets,
Jacek
More information about the JDev
mailing list