[Security] TLS Certificates Verification

Peter Saint-Andre stpeter at stpeter.im
Wed Aug 20 11:22:37 CDT 2008


Jonathan Schleifer wrote:
> Jonathan Dickinson <jonathanD at k2.com> wrote:
> 
>> You are pretty much describing IBB. Having an actual message is a
>> moot point. The users would have set up ESessions or IBB which means
>> they both support it. If they don't both support it, the whole
>> process will break long before they get to use IBB or ESessions.
> 
> This pretty much shows you never used such a technology in real world.
> We actually *HAD* the case that messages got to the wrong resource due
> to one resource going offline etc. and otherwise you would never notice
> something got lost!
> 
>> Having it in a message stanza makes no sense.
> 
> As I stated above, it absolutely does.

IBB can use <message/> or <iq/>. The point is moot.

/psa

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/security/attachments/20080820/9812e5b3/attachment-0001.bin 


More information about the Security mailing list