mirror of
https://github.com/moparisthebest/xeps
synced 2024-12-22 07:38:52 -05:00
regenerate hashes
git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@3296 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
parent
8c0f19b45f
commit
a75ef415cb
12
xep-0220.xml
12
xep-0220.xml
@ -188,14 +188,14 @@ Originating Receiving
|
||||
send: <db:result
|
||||
from='sender.tld'
|
||||
to='target.tld'>
|
||||
37c69b1cf07a3f67c04a5ef5902fa5114f2c76fe4a2686482ba5b89323075643
|
||||
1e701f120f66824b57303384e83b51feba858024fd2221d39f7acc52dcf767a9
|
||||
</db:result>
|
||||
]]></example>
|
||||
<p>The key sent is generated as described in &xep0185;:</p>
|
||||
<code>
|
||||
key = HMAC-SHA256(
|
||||
SHA256('s3cr3tf0rd14lb4ck'),
|
||||
{'target.tld', ' ', 'sender.tld', ' ', 'D60000229F'}
|
||||
{ 'target.tld', ' ', 'sender.tld', ' ', 'D60000229F' }
|
||||
)
|
||||
</code>
|
||||
<p>Note: the Receiving Server MAY use any method to determine the validity of the dialback key and the identity of the Originating Sever. The Originating Server MUST NOT make any assumptions about how the Receiving Server verifies the key. This includes the assumption that the key is ever verified by the Receiving Server.</p><!-- FIXME: belongs into 0185? -->
|
||||
@ -287,7 +287,7 @@ recv: <db:verify
|
||||
recv: <db:result
|
||||
from='sender.tld'
|
||||
to='target.tld'>
|
||||
37c69b1cf07a3f67c04a5ef5902fa5114f2c76fe4a2686482ba5b89323075643
|
||||
1e701f120f66824b57303384e83b51feba858024fd2221d39f7acc52dcf767a9
|
||||
</db:result>
|
||||
]]></example>
|
||||
<p>This key MUST be verified before the Sender Domain ('sender.tld') is authorized to send stanzas. The verification process might fail prematurely, for example, if the Receiving Server's policy states that connections from the Sender Domain are not allowed.</p>
|
||||
@ -329,7 +329,7 @@ recv: <db:verify
|
||||
from='target.tld'
|
||||
id='417GAF25'
|
||||
to='sender.tld'>
|
||||
38b501ec606752318f72ad53de17ac6d15f86257485b0d8f5d54e1f619e6b869
|
||||
fed84f34d39682fd80bd04e01894f98c4149cf9df47575b134eeb6d2c7fe9fee
|
||||
</db:verify>
|
||||
]]></example>
|
||||
<p>If the Target Domain as given in the 'to' attribute of the element does not match a configured local domain, this results in a dialback error. This error, which is explained further in section 2.4, is not a stream error and therefore MUST NOT result in termination of the stream and the underlying TCP connection, which might already be used for sending XML stanzas for other domain pairs.</p>
|
||||
@ -348,9 +348,9 @@ send: <db:verify
|
||||
<code>
|
||||
key = HMAC-SHA256(
|
||||
SHA256('d14lb4ck43v3r'),
|
||||
{ 'sender.tld', ' ', 'target.tld', ' ', '417GAF25'}
|
||||
{ 'sender.tld', ' ', 'target.tld', ' ', '417GAF25' }
|
||||
)
|
||||
= 38b501ec606752318f72ad53de17ac6d15f86257485b0d8f5d54e1f619e6b869
|
||||
= fed84f34d39682fd80bd04e01894f98c4149cf9df47575b134eeb6d2c7fe9fee
|
||||
</code>
|
||||
<p>The Authoritative Server then notifies the Receiving Server whether the key is valid. This is done by creating a <db:verify/> element which MUST possess 'from' and 'to' attributes whose values are swapped from the request, MUST possess an 'id' attribute whose value is copied from the 'id' value of the request, and MUST possess a 'type' attribute whose value is either "valid" or "invalid".</p>
|
||||
<example caption="Authoritative Server Informs Receiving Server that Key is Valid (step 3)"><![CDATA[
|
||||
|
Loading…
Reference in New Issue
Block a user