[Standards] XEP 0124 Section 9
steve at mundialnetworks.com
Thu Feb 15 17:25:34 UTC 2007
Thanks, I had been hoping that missed something.
I don't have a straightforward answer on what this would look like yet,
although I presume that if one followed RFC 3920, the logical outcome
base64 encoded messages wrapped by <body/>.
Simply because I'm newbie (in this area anyway :-) I need to do more
study/investigation before committing.
Perhaps a system could be worked out that validates the integrity of the
connection manager(CM) - either a signature analysis or a handshake
the server and client? If the integrity of the connection manager can
be assessed then relying on TLS between the server and the CM and
Https (TLS) between the CM and the client is a better option than
There is a place for a remote external CM even when all servers have
HTTP connection managers. In particular where messaging is a part of a
larger suite of web services.
> Your concerns are valid. However constrained clients typically can't do
> TLS, and most XMPP servers have native XEP-0124 support now (i.e. the
> connection manager is part of the server).
> What do you have in mind? Base64 encode the binary TLS stream and wrap
> it inside children of XEP-0124's <body/> elements?
> - Ian
> Standards mailing list
> Standards at xmpp.org
> End of Standards Digest, Vol 39, Issue 59
More information about the Standards