[jdev] dialback

Peter Saint-Andre stpeter at jabber.org
Fri Jun 2 10:02:55 CDT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ben Turner wrote:
> Hello,
> 
> I am trying to find documentation as to how a server should behave if only
> dialback authentication is supported. What should be returned in the stream
> header if a partner attempts to open a TLS connection whilst only dialback is
> supported?

If Server1 does not support XMPP 1.0 (including TLS), it MUST NOT
include the version='1.0' attribute in the stream header it sends to
Server2. However, if it supports dialback it MUST include the dialback
namespace declaration in the stream header it sends to Server2. So if
Server1 supports only dialback and not TLS, it would send:

<stream:stream
       xmlns='jabber:server'
       xmlns:stream='http://etherx.jabber.org/streams'
       xmlns:db='jabber:server:dialback'
       to='Server1'>

If Server2 detects that the stream header from Server1 does not include
the version='1.0' attribute but does include the dialback namespace
declaration, then it MUST NOT attempt to perform TLS negotiation.

If Server2 breaks that rule and attempts to perform TLS negotiation
anyway (BAD SERVER, BAD!), Server1 would in all likelihood simply close
the stream with </stream:stream> (since it is probably an older server
implementation) but it might first send an appropriate stream error,
such as <not-authorized/> or <unsupported-stanza-type/> (though in
practice this is doubtful).

Peter

- --
Peter Saint-Andre
Jabber Software Foundation
http://www.jabber.org/people/stpeter.shtml

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEgFMfNF1RSzyt3NURAgR9AJ9ta0Q06n0XaGODSF3VGrvwZ96Y9ACfSeGP
8CKittiALWJrML1oYykP3rY=
=ejlf
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3641 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/jdev/attachments/20060602/8bb54d31/attachment-0002.bin>


More information about the JDev mailing list