Philipp Hancke wrote: > XMPP Extensions Editor wrote: >> Version 0.1 of XEP-0220 (Server Dialback) has been released. > > I just noticed that you're omitting the text about reusing an existing > connection as mentioned in 3920/8.3 step 5 in what is now section 4.3. > Any particular reason for that?
Spec writer error, I think. > The important implication from this reuse is that a verification request > may happen at (almost) any time on a inbound stream (as seen by the > authoritative server). Correct. There has been some confusion about this (e.g., I think the Google Talk service is especially aggressive about reusing connections), so I'll work to clarify that in the next version of the spec. > Steps 1 and 3 in the order of events are (therefore) optional and should > be marked as such. Correct. > and in section 4.4: >> The Authoritative Server determines whether the key was valid or >> invalid and informs the Receiving Server of its determination, where >> the <db:verify/> element SHOULD include the key sent by the Receiving >> Server: > > This 'SHOULD' was neither in RFC 3920 nor in 3920bis-01. Why was it added? At the moment I don't recall. I'll have to check my notes and emails about this. > And the last sentence before section 4.5: >> After receiving the verification from the Authoritative Server, the >> Receiving Server SHOULD terminate the stream between them and the >> underlying TCP connection. > > Terminating that connection is a bad idea most of the time. That > connection may be used for establishing the > xmpp.example.com->example.org stream, which is usually needed quite soon > after the example.org->xmpp.example.com stream has been established. > Therefore I think that 'MAY' is more appropriate here. That seems better. > A strategy that works well is to wait for the authoritative server to > close the connection (due to idleness) and reuse the connection as > described in section 4.1 if possible. That seems even better. > The piggybacking section only talks about piggybacking db:result. > 3920bis-01 mentioned using it for db:verify also. Why was that removed? Another spec writer error, I think. XEP-0220 needs a complete overhaul (many more examples and error flows, etc.). I started on that task a while back but didn't finish. Maybe that will be an item to complete while flying to Brussels tomorrow. :) Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
