[jdev] rfc3920 document: use of TLS
jd.conley at coversant.net
Fri Jul 22 14:31:17 CDT 2005
> If the server does not enable TLS, then it should not even broadcast
> the <starttls> feature namespace within the <stream:features>
> element. Thus, in your client, you should double check first if the
> feature exists before proceeding with the TLS negotiation.
Another possible scenario is that the server did have TLS enabled when
it sent in the features, but someone changed its configuration while
stream feature negotiation was taking place. When the client sent in
the request the feature was no longer available.
More information about the JDev