-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ben Turner wrote: > On Fri, Jun 02, 2006 at 09:02:55AM -0600, Peter Saint-Andre wrote: >> If Server1 does not support XMPP 1.0 (including TLS), it MUST NOT >> include the version='1.0' attribute in the stream header it sends to >> Server2. However, if it supports dialback it MUST include the dialback >> namespace declaration in the stream header it sends to Server2. So if >> Server1 supports only dialback and not TLS, it would send: >> >> <stream:stream >> xmlns='jabber:server' >> xmlns:stream='http://etherx.jabber.org/streams' >> xmlns:db='jabber:server:dialback' >> to='Server1'> >> >> If Server2 detects that the stream header from Server1 does not include >> the version='1.0' attribute but does include the dialback namespace >> declaration, then it MUST NOT attempt to perform TLS negotiation. >> >> If Server2 breaks that rule and attempts to perform TLS negotiation >> anyway (BAD SERVER, BAD!), Server1 would in all likelihood simply close >> the stream with </stream:stream> (since it is probably an older server >> implementation) but it might first send an appropriate stream error, >> such as <not-authorized/> or <unsupported-stanza-type/> (though in >> practice this is doubtful). > > Hi Peter, > > Thanks for that bit of info. > > Another quick question. If server1 (which supports TLS) attempts to connect > with > server2 (which _doesn't_ support TLS) and server1 discovers this fact through > the absence of a version='1.0' in server2's stream header, is server1 supposed > to keep using the same TCP connection or open a new one? > > I have noticed that Wildfire opens a new TCP connection once it discovers that > dialback is required, it even sends a stream header without version='1.0' > after > opening the new TCP connection. Why not just keep using the already opened TCP > connection?
I see no particular reason to close the TCP connection. Degrading gracefully to "XMPP 0.9" on the same TCP connection seems preferable. Peter - -- Peter Saint-Andre Jabber Software Foundation http://www.jabber.org/people/stpeter.shtml -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEha12NF1RSzyt3NURAiqYAJ4+wloJQOwOo4o7/UlqGz2bNxC/IwCgyf2a gnMDr9+z7wyZ8gZDIDx6HC0= =/bB1 -----END PGP SIGNATURE-----
smime.p7s
Description: S/MIME Cryptographic Signature
