Hi, Does anyone know of available servers that implement the s2s recommendation for SASL EXTERNAL as described in XEP-0178?
My understanding of this best practice is that both the sending and receiving servers must present certificates during TLS negotiation. I've been playing with Openfire, ejabberd and Jabber XCP 5.4 and have not been able to get them to present certificates for connections they initiate (indeed none of them claim to support XEP-178 s2s either :). When these servers open the TCP connection and the stream, they do not present certs during STARTTLS so the receiving server can't use the cert to authenticate them. Thank you, Chris E.
_______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
