[jdev] Which stream error should the server return?
Gaston Dombiak
gaston at jivesoftware.com
Mon Nov 14 11:15:53 CST 2005
Hey all,
I'm trying to figure out with stream errors should the server return under
these circumstances:
1) client requested TLS and the server never offered it (i.e. TLS is
disabled on the server)
2) server required TLS and client ignored it (i.e. never secured the
connection and went ahead with SASL or iq:auth)
I was not able to find the answer in the specs. And my best options are
<not-authorized/> or <policy-violation/>. But <policy-violation/> is more
oriented to application specific conditions so <not-authorized/> is my best
option so far.
Thanks,
-- Gato
More information about the JDev
mailing list