Using DIGEST-MD5 or PLAIN for interconnection between servers would mean that EVERY PAIR of jabber servers would have to agree on a shared secret. That's very much impractical.
True, thats why I believe that something should be done to facilitate it. Otherwise, how about having TLS+SASL ANONYMOUS for s2s then?
Doesnt that open you up to forgery (and thus forged spam)? Or is the TLS enough to protect against that?
Richard
