On Fri, Jul 12, 2013 at 9:16 PM, Peter Saint-Andre <[email protected]> wrote: > In general, XMPP server > implementations don't perform proper (RFC 6125 / RFC 6120) certificate > checking and don't have an option to refuse connections from domains > that lack proper certificates.
I thought we found in our S2S TLS interop tests a couple of years ago that servers generally /did/ have the options for doing secure S2S (with one or two exceptions), it's just that they don't get enabled in typical deployments. There is certainly a problem here, but it doesn't seem to me it's that code hasn't been written. /K _______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
