[Council] Fwd: [Standards] UPDATED: XEP-0220 (Server Dialback)
stpeter at stpeter.im
Wed Apr 13 23:41:37 UTC 2011
I think this version is ready for a vote (it incorporates all Last Call
feedback from 2010), so I'll request that in the next Council meeting.
-------- Original Message --------
Subject: [Standards] UPDATED: XEP-0220 (Server Dialback)
Date: Wed, 13 Apr 2011 23:41:56 +0000
From: XMPP Extensions Editor <editor at xmpp.org>
Reply-To: XMPP Standards <standards at xmpp.org>
To: standards at xmpp.org
Version 0.6 of XEP-0220 (Server Dialback) has been released.
Abstract: This specification defines the Server Dialback protocol, which
is used between XMPP servers to provide identity verification. Server
Dialback uses the Domain Name System (DNS) as the basis for verifying
identity; the basic approach is that when a receiving server accepts a
server-to-server connection from an originating server, it does not
process traffic over the connection until it has verified a key with an
authoritative server for the domain asserted by the originating server.
Although Server Dialback does not provide strong authentication or
trusted federation and although it is subject to DNS poisoning attacks,
it has effectively prevented most instances of address spoofing on the
XMPP network since its development in the year 2000.
Changelog: Updated to reflect RFC 6120; mandated support for stream
feature in XMPP 1.0 implementations; removed requirement for the
Receiving Server to close the stream if the dialback key is invalid,
since the stream might be used for multiple domain pairs. (psa)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 6105 bytes
Desc: S/MIME Cryptographic Signature
More information about the Council