[Standards] XMPP Protocol Flows for Inter-Domain Federation
Philipp Hancke
fippo at goodadvice.pages.de
Thu Jan 24 05:07:08 CST 2008
Peter Saint-Andre wrote:
> I'd like some feedback from server developers.
Federation levels:
I don't think that federation level 3 should be called 'secure
federation'. TLS only provides protection against passive eavesdropping
here. Nice to have, but I would not call that 'secure'.
The level definition should include the behaviour of a server when
connecting to a remote domain:
* Use dns to resolve the remote domain and connect (level 2,
possibly also level 1)
* Use dns to resolve the remote domain, connect, starttls,
no certificate validation (level 3)
imo you should verify that the certificate contains the expected
identity, but doing so will not increase security when you accept
self-signed certs anyway.
* Use dns to resolve the remote domain, connect, starttls and verify
the certificate (level 4)
There is another important service type:
Verified Acceptable, CA-issued certificate
> Will it be helpful for me to finish defining these protocol flows?
Do you really want to (re)define 25 (36?) flows?
Some kind of matrix that says if the connection succeeds and what
mechanism is used for verification (connection rejected, dialback,
starttls+dialback, sasl external) would be sufficient.
Another two questions:
Example 13:
verona did not send version=1.0 to capulet. Is capulet supposed to send
stream:features anyway?
Example 25:
remote-server-not-found? Why not remote-connection-failed?
Philipp
More information about the Standards
mailing list