[Standards] XEP-0198 unclear wording

Tomasz Sterna tomek at xiaoka.com
Sat May 28 10:14:15 UTC 2011


"2. Stream Feature

After negotiating use of TLS and authenticating via SASL, the receiving
entity returns a new stream header [...]"


This is a bit unclear to me.
Does it mean that XEP-0198 requires using TLS encryption and
authentication?
What if the client does not want (or cannot due to resource constraints)
to use TLS encryption?
What about S2S links? These are mostly not SASL authenticated.


-- 
Tomasz Sterna
Instant Messaging Consultant : Open Source Developer
http://tomasz.sterna.tv/  http://www.xiaoka.com/




More information about the Standards mailing list