[Standards] XEP-0220: handling of invalid dialback key
fippo at goodadvice.pages.de
Fri Apr 15 04:12:46 UTC 2011
Peter Saint-Andre wrote:
>> I do not see any conflicts. As noted on the XMPPWG list, DNA actually
>> requires support for dialback errors, but otherwise I do not see why it
>> would not work as described.
> So, in DNA, if a DNSSEC-based verification doesn't work out, the
> Authoritative Server returns an error, not "invalid"?
The Authoritative Server (in the dialback sense) is not involved - there
is no dial-back.
>>>> If it never uses dial-back, why should the receiving server send
>>>> 'invalid' instead of 'error'?
>>> Could you clarify that scenario?
>> The receiving server will only "forward" invalid, never generate it itself.
> Hmm, yes.
I just noticed that the current DNA draft does not use 'invalid' in this
> If there are no DNSSEC records or the
> signature is not valid, then the server rejects the request to send
> stanzas from that domain. [...]
> R: <db:result type='invalid' from='sender.tld' to='target.tld' />
I think using a dialback error (possibly <not-authorized/>) is more
appropriate in that situation.
More information about the Standards