[Operators] requiring channel encryption
joe.maissel at credit-suisse.com
Wed Apr 30 08:16:12 CDT 2008
Yep. This would work. Not sure if our firewall guys will go for it.
Can we create a standard SRV record for TLS only S2S?
From: operators-bounces at xmpp.org [mailto:operators-bounces at xmpp.org] On
Behalf Of Kevin Smith
Sent: Wednesday, April 30, 2008 9:11 AM
To: XMPP Operators Group
Subject: Re: [Operators] requiring channel encryption
On Wed, Apr 30, 2008 at 1:54 PM, Jonathan Schleifer <js-xog at webkeks.org>
> What about this as a solution: At the firewall level, route those
> servers that don't support TLS to the other s2s and let traffic from
> all other IPs be routed to the s2s that requires TLS. That way you
> won't even need SRV records!
You still need the usual SRV record, just not the second one. This will
work fine, though :)
Please access the attached hyperlink for an important electronic communications disclaimer:
More information about the Operators