[jdev] SASL EXTERNAL for s2s in jabberd14
Justin Karneges
justin-keyword-jabber.093179 at affinix.com
Fri Nov 4 18:30:49 CST 2005
On Friday 04 November 2005 16:07, Matthias Wimmer wrote:
> that it seems to be common, that I get connects with certificates, that
> will fail on the domain check. Due to my logs all servers connecting
> with transport IDs at present use certificates for the server domain,
> not for the transport domain.
> If I'd offer SASL to these connects, they'd all try SASL first, that
> would fail and the server would have to reconnect and try dialback.
Why would a connecting server present a certificate, and then invoke SASL
EXTERNAL with an authzid that doesn't match what is written in the
certificate? Sounds to me like a configuration problem in the connecting
server that you probably shouldn't encourage.
-Justin
More information about the JDev
mailing list