Hey all, I'm trying to figure out with stream errors should the server return under these circumstances:
1) client requested TLS and the server never offered it (i.e. TLS is disabled on the server) 2) server required TLS and client ignored it (i.e. never secured the connection and went ahead with SASL or iq:auth) I was not able to find the answer in the specs. And my best options are <not-authorized/> or <policy-violation/>. But <policy-violation/> is more oriented to application specific conditions so <not-authorized/> is my best option so far. Thanks, -- Gato
