Toly Menn wrote: > I just wanted to get a clarification on the following stream packet: > > <stream:features> > <starttls xmlns=’urn:ietf:params:xml:ns:smpp-tls’/> > <stream:features/>. > > If the <required/> is not used, does that mean that the originator of > the connection can assume that TLS is not required
Yes, that is a safe assumption. > and proceed to send > stanzas? Not so fast! :) If TLS is optional then presumably the server should provide some other features here (SASL and dialback come to mind, though for s2s connections SASL usually won't be offered until after TLS negotiation since we prefer SASL EXTERNAL for s2s). It's probably not safe to assume you can just send stanzas, because servers that don't at least weakly verify identity via dialback have not been tolerated since the old jabberd 1.0 releases in early 2000. But you can't really expect to see the dialback feature because pre-XMPP-1.0 servers won't send that (since they don't send stream features at all) and even XMPP 1.0 servers may not do so. However, you should see the dialback namespace declaration (xmlns:db='jabber:server:dialback') on the stream header and therefore know that you can at least do dialback. Would it help to explain this more fully somewhere? :) Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
