[jdev] Re: s2s doubts
Peter Saint-Andre
stpeter at jabber.org
Wed May 18 13:54:34 CDT 2005
On Wed, May 18, 2005 at 11:18:58AM -0700, Justin Karneges wrote:
> On Wednesday 18 May 2005 09:42 am, Stephen Marquard wrote:
> > Justin Karneges wrote:
> > > If this was meant to be possible, it certainly isn't clear in RFC 3920.
> > > Is this an extension documented somewhere?
> >
> > You do TLS as documented for streams (if advertised as a stream
> > feature), and then dialback as documented. TLS doesn't add much
> > additional complexity - the only subtlety is to wait for TLS to complete
> > once it's started before sending any dialback packets.
>
> The spec does not discuss dialback with TLS, or even <stream:features> for
> that matter. My problem with what you describe is that it would probably
> cause breakage between jabberd and my own server implementation which was
> created according to the spec. Please don't make stuff up. If we really
> want dialback + TLS, this _needs_ to be documented in the RFC.
I fail to see what anyone is making up here. TLS is documented in
Section 5 of RFC 3920. Server dialback is documented in Section 8
of RFC 3920. Stream features are documented in Section 4.6 of RFC
3920. Nowhere in RFC 3920 is it set forth that two servers MUST
NOT or SHOULD NOT complete dialback if they have completed TLS
(although RFC 3920 does say that two servers SHOULD NOT complete
dialback if they have completed SASL). If you are suggesting that
rfc3920bis be changed to so specify the relationship between TLS
and dialback, that is one thing. But the spec as written does not
forbid this behavior in any way.
/psa
More information about the JDev
mailing list