Peter Saint-Andre wrote:
I've made some provisional updates to XEP-0178, reflecting changes from draft-ietf-xmpp-3920bis and draft-saintandre-tls-server-id-check.
The process of validating the certificate is slightly different from what is described in draft-saintandre-tls-server-id-check. This is not surprising given that we want to check a client-id, not a server-id.
I think the difference can be described as an alternative way to construct the reference identifier (section 4.2 in the draft), which is supplied by the client (or peer server) in the stream's from attribute (step 7, c2s or s2s).
http://xmpp.org/extensions/tmp/xep-0178-1.1.html Your feedback is welcome!
"Server2 considers EXTERNAL" in s2s step 10 should be Server1 actually. cheers philipp
