[Standards-JIG] Re: Discovering of less concrete features
stpeter at jabber.org
Thu Oct 28 20:26:32 UTC 2004
In article <Pine.LNX.4.53.0410281022280.10820 at bluebox.conspiracy.net>,
maqi at jabberstudio.org wrote:
> On Wed, 27 Oct 2004, Peter Saint-Andre wrote:
> > This enables software to advertise that it supports things like TLS and
> > SASL (since anything in the protocol namespaces registry can also be a
> > service discovery feature).
> c2s TLS and s2s TLS are treated differently, I hope? There are many
> servers around that support c2s TLS but not s2s TLS. Probably it would be
> good to discern s2s TLS with certificate checking from s2s TLS using
> dialback (I'm not sure - Mawis?).
urn:ietf:params:xml:ns:xmpp-tls as a protocol namespace and therefore as
a service discovery feature, so that is helpful but does not
differentiate between c2s and s2s. Therefore we could do the following
for service discovery features:
(Same for SASL.)
Now, that doesn't tell you if any given s2s connection is using TLS.
Perhaps it would be more helpful to have an "XMPP traceroute" protocol,
which would tell you what the connection is all along the line. The main
use case would be determining if the entire route is TLS-protected.
More information about the Standards