[Standards] XEP 0124 Section 9

Steve Shaffer steve at mundialnetworks.com
Thu Feb 15 17:25:34 UTC 2007


Ian,
Thanks, I had been hoping that missed something.
I don't have a straightforward answer on what this would look like yet, 
although I presume that if one followed RFC 3920, the logical outcome 
would be
base64 encoded messages wrapped by <body/>.

Simply because I'm newbie (in this area anyway :-)  I need to do more 
study/investigation before committing.
Perhaps a system could be worked out that validates the integrity of the 
connection manager(CM) - either a signature analysis or a handshake 
tunneled between
the server and client?  If the integrity of the connection manager can 
be assessed then relying on TLS  between the  server and the CM and  
Https (TLS) between the CM and the client is a better option than 
burdening the browser javascript or java.

There is a place for a remote external CM even when all servers have 
HTTP connection managers.  In particular where messaging is a part of a 
larger suite of web services.

Regards
Steve

> Your concerns are valid. However constrained clients typically can't do 
> TLS, and most XMPP servers have native XEP-0124 support now (i.e. the 
> connection manager is part of the server).
>
> What do you have in mind? Base64 encode the binary TLS stream and wrap 
> it inside children of XEP-0124's <body/> elements?
>
> - Ian
>
>
>
> ------------------------------
>
> _______________________________________________
> Standards mailing list
> Standards at xmpp.org
> http://mail.jabber.org/mailman/listinfo/standards
>
>
> End of Standards Digest, Vol 39, Issue 59
> *****************************************
>
>
>   




More information about the Standards mailing list