This is the part that is confusing. I am trying to code for "strange" paths, and this is one of them. Something you said explains some of the behavior we see experimentally, where I cannot configure some servers to just do a connection without dialback, tls nor sasl. If I turns tls/sasl off, they always do dialback. And in fact, the features are not sent by some servers in the dialback config, which was not clear from the original RFC, new RFC nor XEP0220.
I guess clarifying all this would help. I think stating that either dialback or TLS/SASL is a MUST, or at least existing implementations force one or the other. Somewhat related, clarifying XEP0220 with the fact that old dialback implementations may not send features would help as well. Thanks, Toly -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Saint-Andre Sent: Wednesday, October 24, 2007 15:56 To: XMPP Extension Discussion List Subject: Re: [Standards] 3920 clarification of features Toly Menn wrote: > I just wanted to get a clarification on the following stream packet: > > <stream:features> > <starttls xmlns='urn:ietf:params:xml:ns:smpp-tls'/> > <stream:features/>. > > If the <required/> is not used, does that mean that the originator of > the connection can assume that TLS is not required Yes, that is a safe assumption. > and proceed to send > stanzas? Not so fast! :) If TLS is optional then presumably the server should provide some other features here (SASL and dialback come to mind, though for s2s connections SASL usually won't be offered until after TLS negotiation since we prefer SASL EXTERNAL for s2s). It's probably not safe to assume you can just send stanzas, because servers that don't at least weakly verify identity via dialback have not been tolerated since the old jabberd 1.0 releases in early 2000. But you can't really expect to see the dialback feature because pre-XMPP-1.0 servers won't send that (since they don't send stream features at all) and even XMPP 1.0 servers may not do so. However, you should see the dialback namespace declaration (xmlns:db='jabber:server:dialback') on the stream header and therefore know that you can at least do dialback. Would it help to explain this more fully somewhere? :) Peter -- Peter Saint-Andre https://stpeter.im/
