[Standards] RFC 3920, 10.2/10.3: subdomain routing rules
jabber.org at ralphm.ik.nu
Wed Mar 28 10:02:40 UTC 2007
On Wed, 2007-03-28 at 09:42 +0000, Dave Cridland wrote:
> On Tue Mar 27 20:53:33 2007, Peter Saint-Andre wrote:
> > Bruce Campbell wrote:
> >> 9.1.2 From
> >> Furthermore, the domain identifier portion of the JID
> >> contained in
> >> the 'from' attribute MUST match the hostname of the sending
> >> server
> >> (or any validated domain thereof, such as a validated domain
> >> hosted by the sending server) as communicated in the SASL
> >> negotiation, dialback negotiation or other means;
> > ^^^^^^^^^^^^^^
> > What might those other means be?
> I think Bruce's (sensible) intention is to leave the door open for
> other methods as yet unspecified. DNS-SEC might be one such option, I
> suppose, although I'm not entirely sure. Text as-is looks good to me.
Actually I think that using DNS-SEC as a source for authentication would
be in combination with SASL EXTERNAL, just like how we now use TLS
certs. I'm not sure if you need to explicitly mention alternates.
More information about the Standards