[jdev] Re: S2S and SASL

[Vinod Panicker]

On 7/27/05, Justin Karneges <justin-keyword-jabber.093179 at affinix.com> wrote:
> On Tuesday 26 July 2005 11:26 am, Stephen Marquard wrote:
> > Peter Saint-Andre wrote:

--snip--

> It was decided that in order to maintain compatibility with the dialback
> style, all s2s connections are uni-directional, even SASL-based connections.
> Note that completing two SASL connections (one in each direction) is not
> required to begin sending stanzas.  One connection is enough to begin
> sending, but you can only send in one direction.  This is no different than
> dialback.

The RFC is silent about the unidirectional communication being
permitted before the connection pair is successfully negotiated (for
dialback).  Although, it does state the following - "Therefore, server
dialback MUST be completed in each direction in order to enable
bi-directional communications between two domains".

I trust that if what Justin has stated is a consensus for Dialback and
SASL, the RFC will need to be updated.

As per current discussion, I'm assuming the implementation to be such - 

- SASL negotiation should happen for each individual s2s connection to
enable bi-directional communication.
- Data can be sent over a successfully SASL-negotiated connection in a
uni-directional fashion.

Pls do correct me if i'm wrong.

Now, what are the steps to consider in case of the following - 

- SASL negotiation succeeds on an s2s connection and the initiating
entity sends some data over it.
- SASL negotiation fails for the second s2s connection.

What will happen in case of the above?

Regards,
Vinod.