[jdev] S2S questions - from attribute and version support
Vinod Panicker
vinod.p at gmail.com
Thu Jan 5 10:12:35 CST 2006
On 1/5/06, Richard Dobson <richard at dobson-i.net> wrote:
> >> Using DIGEST-MD5 or PLAIN for interconnection between servers would mean
> >> that EVERY PAIR of jabber servers would have to agree on a shared
> >> secret. That's very much impractical.
>
> > True, thats why I believe that something should be done to facilitate
> > it. Otherwise, how about having TLS+SASL ANONYMOUS for s2s then?
>
> Doesnt that open you up to forgery (and thus forged spam)? Or is the TLS
> enough to protect against that?
Right. And If the servers do mutual auth using TLS, then might as
well go for EXTERNAL
Regards,
Vinod.
More information about the JDev
mailing list