[Security] Reminder :: Draft feedback on "C2C authentication using TLS"

Jonathan Schleifer js-xmpp-security at webkeks.org
Mon Aug 25 04:28:30 CDT 2008


Am 24.08.2008 um 20:59 schrieb Dirk Meyer:

> You could put the stuff I added as <offer> to the disco stuff. But it
> must also work serverless. And when I work link-local I can not use
> disco#query before connecting.

For link-local, we can just try. But opening a direct connection and  
then trying STARTTLS and failing - that'd be stupid. So therefore, we  
should check before opening a connection when we're not link-local.

--
Jonathan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part
Url : http://mail.jabber.org/pipermail/security/attachments/20080825/9d506f52/attachment.pgp 


More information about the Security mailing list