[Standards] v1.1rc1 of XEP-0178 (Best Practices for Use of SASL EXTERNAL with Certificates)

Philipp Hancke fippo at goodadvice.pages.de
Wed Oct 13 12:05:43 UTC 2010


David Richards wrote:
> Also, step  10 in section 3, xep-0178 conflicts with 3920bis step 9 in section 9.2.2.  178 indicates inclusion of authorization identity matching the from attribute of the server1 to server2 stream element while 3920bis indicates an empty authorization identity.

I think the best strategy (right now) is to include the authorization 
identity when sending (for backward compability reasons) and to ignore 
it (and use the stream's 'from') as a receiver.



More information about the Standards mailing list