On 5/31/12 9:52 AM, Kevin Smith wrote: > On Thu, May 31, 2012 at 4:50 PM, Todd Herman <t...@apx-labs.com> wrote: >> We heavily use XEP-0114 (Jabber Components). This is currently only >> historical and not actually a standards track. I wanted to check if anyone >> knows why this is and I wanted to check if there is any movement related to >> updated the specification to support TLS and SASL. I don’t see why the >> component and server couldn’t exchange features to determine is TLS is >> supported and what sasl mechanisms are. >> >> >> >> The one big thing I can think of is that current servers wouldn’t support >> any direct changes so either a separate extension would need to be written >> to provide this updated version, so as not to break with current >> implementations, or the process would need to be more manual and not rely on >> the server doing some things automatically. >> >> >> >> I am curious what peoples thoughts are on this or if anyone has already >> started looking in to this. As I said, we use components often and having >> them be secured is becoming more and more an issue. > > We have http://xmpp.org/extensions/xep-0225.html - although support is > less widespread than for 114.
Now that I have more free time, I'd be happy to finish XEP-0225. There are a few existing implementations, so step one might be to gather feedback. Peter -- Peter Saint-Andre https://stpeter.im/
