Il 11/01/2013 13:56, David Banes ha scritto:
You're correct but I don't see how any organisation can justify using plain
text communications for their client facing infrastructure in 2013.
The simple fact is TLS/SSL should be in use anywhere a business carries a
clients data.
David
http://zerp.ly/dbanes
xmpp: da...@jabber.org
Mobile: +44 (0)782 5138 214
On 11/01/2013, at 12:52 PM, Marco Cirillo <mara...@lightwitch.org> wrote:
Just read a bit of the discussion, and at the very least I'm not sure
"surprising" is the correct adjective in terms of GTalk not supporting
encryption on s2s streams, it's known from years.
It could be "inconvenient" at the very least.
And Philippe:
Section 5.2 - RFC 6120
<< Support for STARTTLS is REQUIRED in XMPP client and server implementations. An
administrator of a given deployment MAY specify that TLS is mandatory-to-negotiate for
client-to-server communication, server-to-server communication, or both. An initiating
entity SHOULD use TLS to secure its stream with the receiving entity before proceeding with
SASL authentication. >>
(just noticed the typo on your name Philipp sorry)
David, I don't think I'm justifying anything here.
I just pointed out that it's like this from 2006 which is when it was
implemented, perhaps it can't be "suprising" also stated it's rather an
inconveniency and that it's not compliant with the current RFC which
requires TLS support on s2s streams (which can hardly be interpreted as
"we do support but not deploy it").
Marco.
