On Thu, May 12, 2011 at 11:52 PM, Peter Saint-Andre <[email protected]>wrote:
> On 5/4/11 9:57 PM, Glenn Maynard wrote: > > I'm not sure if this belongs there or here; it's related to the > > interactions between BOSH and TXT-based service discovery. > > http://mail.jabber.org/pipermail/standards/2011-May/024482.html > If anyone has thoughts on the discovery issue, they'd be a help. I implemented xbosh service discovery recently, but the security issues are a concern. I don't see any possible fix short of a redesign of XEP-0156 without using DNS, or treating all "cross-origin" non-DNSSEC TXT lookups as insecure (eg. triggering the same type of UI as certificate failures) which would severely limit BOSH autodiscovery. -- Glenn Maynard
