diff --git a/xep-0220.xml b/xep-0220.xml index bdd66149..534785b1 100644 --- a/xep-0220.xml +++ b/xep-0220.xml @@ -397,7 +397,7 @@ send: - + ]]>

Upon receiving this <db:verify/> element, the Authoritative Server determines the validity of the dialback key provided in the XML character data of the element. This can be achieved for example by comparing the character data with the output of applying the same key generation mechanism that was (presumably) used for the generation of the key, using as input the values of the 'from', 'to', and 'id' attributes contained in the verification request and the secret known only to the Sender Domain:

diff --git a/xep-0288.xml b/xep-0288.xml index bae2ef28..30b9d410 100644 --- a/xep-0288.xml +++ b/xep-0288.xml @@ -33,6 +33,15 @@ dave.cridland@isode.com dave.cridland@isode.com + + 0.3 + 2012-02-22 + ph + +

Fixed wrong from/to in example comment.

+

Required support for dialback error handling if the connecting server uses bidi in combination with dialback

+
+
0.2 2011-12-12 @@ -88,7 +97,7 @@ C:

Note: Since there is no reply to the request, it is possible to pipeline it.

After enabling bidirectionality, the connecting server continues to authenticate via SASL or requests to send stanzas for a domain pair with Server Dialback. The receiving server MUST NOT send stanzas to the peer before it has authenticated via SASL, or the peer's identity has been verified via Server Dialback. Note that the receiving server MUST NOT attempt to verify a dialback key on the same connection where the corresponding request was issued.

Also note that the receiving server MUST only send stanzas for which it has been authenticated - in the case of TLS/SASL based authentication, this is the value of the stream's 'to' attribute, whereas in the case of Server Dialback this is the inverse of any domain pair that has been used in a dialback request.

-

Finally, once bidirectionality is enabled, the receiving server MAY initiate Server Dialback authentications for other domains it hosts to any domain authenticated to be hosted by the connecting server. In particular, it may initiate Target Piggybacking for any target domain that has successfully been used as a source domain by the connecting server.

+

Finally, once bidirectionality is enabled, the receiving server MAY initiate Server Dialback authentications for other domains it hosts to any domain authenticated to be hosted by the connecting server. In particular, it may initiate Target Piggybacking for any target domain that has successfully been used as a source domain by the connecting server. Note that this implies that a connecting server that uses bidi and dialback MUST support dialback error conditions as defined in XEP 0220Ideally, support for dialback errors would be signalled by a proper extension mechanism such as <stream:features/>. However, these are currently only sent from the receiving server to the connecting server and can therefore not be used for signalling support for dialback errors in the other direction..

@@ -135,8 +144,8 @@ S: S: - C: @@ -174,9 +183,9 @@ S: C: e3f5cf21f12749ef2cf59269bc0118f35bc46b26 - S: + C: S: 1bac3ef56fed987cfe098c9785c654a5476ed765 C: