[jdev] S2S and SASL
Peter Saint-Andre
stpeter at jabber.org
Tue Jul 26 12:55:37 CDT 2005
Vinod Panicker wrote:
> I had a few doubts regarding TLS+SASL negotiation between servers and
> couldn't find any answers in any archive.
Perhaps this is not as clear in RFC 3920 as it could be. We'll have to
fix that in rfc3920bis.
> - Should SASL negotiation between 2 servers happen over the
> unidirectionally established connection pair or should it happen for
> each connection (just like TLS). What I'm trying to ask is if SASL
> should treat the 2 tcp connections as a single logical connection.
I think SASL negotiation should happen for each connection (just like TLS).
> - If SASL should happen for each individual s2s connection, should
> bi-directional communications be deferred until SASL is successfully
> completed over each connection as is required for Server Dialback?
I think exchange of XML stanzas should be deferred until SASL is
successfully completed in both directions.
But those are merely my opinions.
Peter
--
Peter Saint-Andre
Jabber Software Foundation
http://www.jabber.org/people/stpeter.shtml
More information about the JDev
mailing list