That sounds great Peter. I would be glad to assist in anyway. I am working on both an XMPP library and a server. We already support 0114 so I can add support for 0225 in our timeline. I can probabaly add something to my component connection to check if 0225 is supported and then use it or the 0114 accordingly. I don't think OpenFire currently supports this so do you know of any servers that do so I can start testing?
Thanks, Todd -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Peter Saint-Andre Sent: Thursday, May 31, 2012 12:07 PM To: [email protected]; XMPP Standards Subject: Re: [Standards] Secure components On 5/31/12 9:52 AM, Kevin Smith wrote: > On Thu, May 31, 2012 at 4:50 PM, Todd Herman <[email protected]> wrote: >> We heavily use XEP-0114 (Jabber Components). This is currently only >> historical and not actually a standards track. I wanted to check if >> anyone knows why this is and I wanted to check if there is any >> movement related to updated the specification to support TLS and >> SASL. I don’t see why the component and server couldn’t exchange >> features to determine is TLS is supported and what sasl mechanisms are. >> >> >> >> The one big thing I can think of is that current servers wouldn’t >> support any direct changes so either a separate extension would need >> to be written to provide this updated version, so as not to break >> with current implementations, or the process would need to be more >> manual and not rely on the server doing some things automatically. >> >> >> >> I am curious what peoples thoughts are on this or if anyone has >> already started looking in to this. As I said, we use components >> often and having them be secured is becoming more and more an issue. > > We have http://xmpp.org/extensions/xep-0225.html - although support is > less widespread than for 114. Now that I have more free time, I'd be happy to finish XEP-0225. There are a few existing implementations, so step one might be to gather feedback. Peter -- Peter Saint-Andre https://stpeter.im/
