On Fri, Jun 02, 2006 at 09:02:55AM -0600, Peter Saint-Andre wrote: > > If Server1 does not support XMPP 1.0 (including TLS), it MUST NOT > include the version='1.0' attribute in the stream header it sends to > Server2. However, if it supports dialback it MUST include the dialback > namespace declaration in the stream header it sends to Server2. So if > Server1 supports only dialback and not TLS, it would send: > > <stream:stream > xmlns='jabber:server' > xmlns:stream='http://etherx.jabber.org/streams' > xmlns:db='jabber:server:dialback' > to='Server1'> > > If Server2 detects that the stream header from Server1 does not include > the version='1.0' attribute but does include the dialback namespace > declaration, then it MUST NOT attempt to perform TLS negotiation. > > If Server2 breaks that rule and attempts to perform TLS negotiation > anyway (BAD SERVER, BAD!), Server1 would in all likelihood simply close > the stream with </stream:stream> (since it is probably an older server > implementation) but it might first send an appropriate stream error, > such as <not-authorized/> or <unsupported-stanza-type/> (though in > practice this is doubtful).
Hi Peter, Thanks for that bit of info. Another quick question. If server1 (which supports TLS) attempts to connect with server2 (which _doesn't_ support TLS) and server1 discovers this fact through the absence of a version='1.0' in server2's stream header, is server1 supposed to keep using the same TCP connection or open a new one? I have noticed that Wildfire opens a new TCP connection once it discovers that dialback is required, it even sends a stream header without version='1.0' after opening the new TCP connection. Why not just keep using the already opened TCP connection? Thanks, Ben -- Ben Turner SIEMENS - COM D MN B tel: +32 14 252326 ~ Scientia Vincere Tenebras ~
