[Security] Reminder :: Draft feedback on "C2C authentication using TLS"
melo at simplicidade.org
Mon Aug 25 05:28:02 CDT 2008
On Aug 25, 2008, at 11:24 AM, Jonathan Schleifer wrote:
> Am 25.08.2008 um 12:17 schrieb Pedro Melo:
>> My point was not about the namespace (I just copied and pasted from
>> the previous example) but making sure that we don't start placing
>> per-user information on disco#info replies, something that will
>> break Caps caching.
> I thought like this: We list all our client supports there. That
> won't break caps caching. But we should NOT only list the one we
> prefer there or something like that! We should list all we support.
I think you should list all that have a chance of completing
successfully. If my client support GPG but I didn't gave it my key, he
should not announce it.
And yes, as along as no personal, per-user information is sent on the
disco#info replies, caps caching should be ok.
XMPP ID: melo at simplicidade.org
More information about the Security