On Thu, May 31, 2012 at 4:50 PM, Todd Herman <[email protected]> wrote: > We heavily use XEP-0114 (Jabber Components). This is currently only > historical and not actually a standards track. I wanted to check if anyone > knows why this is and I wanted to check if there is any movement related to > updated the specification to support TLS and SASL. I don’t see why the > component and server couldn’t exchange features to determine is TLS is > supported and what sasl mechanisms are. > > > > The one big thing I can think of is that current servers wouldn’t support > any direct changes so either a separate extension would need to be written > to provide this updated version, so as not to break with current > implementations, or the process would need to be more manual and not rely on > the server doing some things automatically. > > > > I am curious what peoples thoughts are on this or if anyone has already > started looking in to this. As I said, we use components often and having > them be secured is becoming more and more an issue.
We have http://xmpp.org/extensions/xep-0225.html - although support is less widespread than for 114. /K
