[Standards] Re: XEP-178
Matthias Wimmer
m at tthias.eu
Thu Feb 1 15:11:43 CST 2007
Hi Peter!
Peter Saint-Andre schrieb:
> What about wildcards? I guess things should be OK as long as there is no
> wildcard in the XMPP OID (i.e., id-on-xmppAddr). But what should the
> receiving server do if the connection comes from "conference.jabber.org"
> but the id-on-xmppAddr has "jabber.org" (even if the dnsName has
> "*.jabber.org") and the OID is checked first?
I think you would always check _all_ dNSName and id-on-xmppAddr
extensions and accept the certificate if anyone matches.
You would also not stop comparing extensions if you first get
users.jabber.org and you would continue checking the second extension
which might be conference.jabber.org
Matthias
--
Matthias Wimmer Fon +49-700 77 00 77 70
Züricher Str. 243 Fax +49-89 95 89 91 56
81476 München http://ma.tthias.eu/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4263 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/standards/attachments/20070201/5542a2a3/smime.bin
More information about the Standards
mailing list