On 5/28/11 4:14 AM, Tomasz Sterna wrote: > "2. Stream Feature > > After negotiating use of TLS and authenticating via SASL, the receiving > entity returns a new stream header [...]" > > > This is a bit unclear to me. > Does it mean that XEP-0198 requires using TLS encryption and > authentication? > What if the client does not want (or cannot due to resource constraints) > to use TLS encryption? > What about S2S links? These are mostly not SASL authenticated.
The server can offer stream management feature whenever it pleases, but typically in c2s streams it would do so only after SASL auth. Naturally things are different for s2s. I'll clarify that a bit in the next version of the spec. Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
