[jdev] Re: s2s doubts
JD Conley
jd.conley at coversant.net
Wed May 18 02:59:00 CDT 2005
> On Tuesday 17 May 2005 11:01 pm, Stephen Marquard wrote:
> > JD Conley wrote:
> > > TLS/SASL requires a separate connection per domain since XMPP
makes no
> > > provisions for establishing streams to multiple domains over the
same
> > > connection. Opening a stream within a stream is prohibited.
> >
> > SASL requires that. jabberd 1 and 2 support TLS to encrypt sessions
but
> > without verifying certificates, so allow TLS with multiple domains
over
> > the same connection.
>
> So the channel is not authenticated at all? Welcome to SMTP!
>
I think he's referring to Dialback + TLS. So you get the
"authentication" of dialback with the encryption, but not
authentication, of StartTLS.
-JD
More information about the JDev
mailing list