On 9/28/10 11:49 PM, Philipp Hancke wrote: > Peter Saint-Andre wrote: >> I've made some provisional updates to XEP-0178, reflecting changes from >> draft-ietf-xmpp-3920bis and draft-saintandre-tls-server-id-check. > > The process of validating the certificate is slightly different from > what is described in draft-saintandre-tls-server-id-check. This is not > surprising given that we want to check a client-id, not a server-id. > > I think the difference can be described as an alternative way to > construct the reference identifier (section 4.2 in the draft), which is > supplied by the client (or peer server) in the stream's from attribute > (step 7, c2s or s2s).
Yes, good point. We'll need to work on that! >> http://xmpp.org/extensions/tmp/xep-0178-1.1.html >> >> Your feedback is welcome! > > "Server2 considers EXTERNAL" in s2s step 10 should be Server1 actually. Fixed in my working copy. Peter -- Peter Saint-Andre https://stpeter.im/
