> In my previous post, I want to ask if I should let my codes do some > checking after TLS negotiation and before SASL negotiation. Now my > codes start SASL immediately after a successful TLS negotiation and > this is what I understand from the XMPP spec.
You can't really assume that the client will do SASL after successful TLS negotiation. They might negotiate compression, ACK, registration, non-sasl auth, dialback, or some other stream feature. In all the implementations I've seen this is allowed and SASL is not necessarily even required on an XMPP stream. -JD Conley _______________________________________________ jdev mailing list [email protected] http://mail.jabber.org/mailman/listinfo/jdev
