You're sending a "Start IM Session" request instead of a resource bind
request. You need to bind your resource first then you can start your
session. You need another round trip. :)
XMPP-IM states this is required but doesn't show you the XML in an
example. Perhaps this should be annotated mo
I'm currently home growing a client in Java and have somehow managed to connect,
authenticate using DIGEST-MD5. In reading RFC's 3921 and 3920 the XMPP Core
draft I have ( page 36 ) says "Client must send a new stream header to
the server,
to which the server must respond with.. a list of availabl
I doubt someone arguing that ssh is more widely used (either in terms
of traffic or in terms of users) than SSL/TLS, or even than just the
https usage of SSL/TLS, would be taken very seriously.
If Jabber servers had started with S2S defaulting to SSL, then trusted
issuers would be the only way to
Neil Stevens wrote:
> You can't know if there's a man-in-the-middle in progress when you first
> connect, but if you're remembering certificate and someone tries one after
> a while, you will be able to detect that.
And even if there is a mitm the first time, you should notice if/when it
ends. A
In article <[EMAIL PROTECTED]>,
Stephen Marquard <[EMAIL PROTECTED]> wrote:
> STARTTLS + Dialback has now been implemented in both jabberd1.4 (in CVS)
> and jabberd2 (a patch for s2s), so I think STARTTLS + Dialback should be
> encouraged as the basic minimum for s2s traffic, and when there's
In article <[EMAIL PROTECTED]>,
Neil Stevens <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Thursday 11 November 2004 05:06 pm, Justin Karneges wrote:
> > While JD's comments sum this up nicely, I just want to reiterate loudly
> > that self-signed certificate
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> On Thu, 11 Nov 2004, Peter Saint-Andre wrote:
>
> > http://web.amessage.info/news/article/2981 asserts that one cannot use
> > self-signed certs with TLS for securing XMPP streams.
>
> Quote: "The problem is, that XMPP is not very clear
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
> Hi,
>
> your projects about GAIM Filesharing sounds great.
The poster <[EMAIL PROTECTED]> has been given fair warning by the list
admin. The list admin has decided that all posts from this person will
now be moderated. I also declare
> From: Matthias Wimmer [mailto:[EMAIL PROTECTED]
> Sent: Friday, November 12, 2004 5:07 AM
>
> Hi Justin!
>
> Justin Karneges schrieb am 2004-11-11 22:07:54:
> > And now that I think about it, the whole "use dialback for the first
> > connection, SASL EXTERNAL for all after" concept would be a g
This was sent to [EMAIL PROTECTED] rather than [EMAIL PROTECTED], so
I'm forwarding it on. The ownership of the Jabber Applet code seems a
bit unclear -- is there a current maintainer for this project?
/psa
Begin forwarded message:
From: "David D. Cloyd" <[EMAIL PROTECTED]>
Date: November 12,
Hi Justin!
Justin Karneges schrieb am 2004-11-11 22:07:54:
> And now that I think about it, the whole "use dialback for the first
> connection, SASL EXTERNAL for all after" concept would be a good way to
> optimize s2s.
Not sure ... there are valid reasons to change your s2s certificate:
- Key
Hi Peter!
Peter Saint-Andre schrieb am 2004-11-11 17:53:30:
> > Allowing self signed (or otherwise untrusted) certs with STARTTLS +
> > EXTERNAL is opening yourself up for a serious security breach.
> Well, that's another story. But that claim on the URL I provided was
> that it is technically
Hi,
your projects about GAIM Filesharing sounds great.
http://www.zeropaid.com/bbs/showthread.php?threadid=24366
http://downhillbattle.org/labs/gaim_filesharing_plugin/
Would be good, if you could create a real project on SF.net
and then make a link to this on your homepage.
The GAIM People d
On Thu, 11 Nov 2004, Peter Saint-Andre wrote:
> http://web.amessage.info/news/article/2981 asserts that one cannot use
> self-signed certs with TLS for securing XMPP streams.
Quote: "The problem is, that XMPP is not very clear about the usage of
STARTTLS on dialback-connections". In the following
14 matches
Mail list logo
