[Security] TLS Certificates Verification

Jonathan Schleifer js-xmpp-security at webkeks.org
Tue Aug 19 16:06:25 CDT 2008


Peter Saint-Andre <stpeter at stpeter.im> wrote:

> But then we realized we'd have more code reuse if we started an 
> end-to-end stream and upgraded via STARTTLS:
> 
> http://www.xmpp.org/extensions/xep-0246.html

I don't see a way to have multiple end to end streams at once? You are
inside a <stream:stream> for the server connection, then you open
another for end to end. So I can only have one e2e stream at once? Or
did I get it wrong and this isn't <stream:stream> inside
<stream:stream>, but a new connection, peer to peer? If so, this will
give many problems.
Sorry if I missed something, I'm tired and just had a quick look at it.

-- 
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
Url : http://mail.jabber.org/pipermail/security/attachments/20080819/98825f78/attachment.pgp 


More information about the Security mailing list