1
0
mirror of https://github.com/moparisthebest/xeps synced 2024-12-22 07:38:52 -05:00

regenerate hashes

git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@3296 4b5297f7-1745-476d-ba37-a9c6900126ab
This commit is contained in:
Philipp Hancke 2009-07-01 19:39:36 +00:00
parent 8c0f19b45f
commit a75ef415cb

View File

@ -188,14 +188,14 @@ Originating Receiving
send: <db:result
from='sender.tld'
to='target.tld'>
37c69b1cf07a3f67c04a5ef5902fa5114f2c76fe4a2686482ba5b89323075643
1e701f120f66824b57303384e83b51feba858024fd2221d39f7acc52dcf767a9
</db:result>
]]></example>
<p>The key sent is generated as described in &xep0185;:</p>
<code>
key = HMAC-SHA256(
SHA256('s3cr3tf0rd14lb4ck'),
{'target.tld', ' ', 'sender.tld', ' ', 'D60000229F'}
{ 'target.tld', ' ', 'sender.tld', ' ', 'D60000229F' }
)
</code>
<p>Note: the Receiving Server MAY use any method to determine the validity of the dialback key and the identity of the Originating Sever. The Originating Server MUST NOT make any assumptions about how the Receiving Server verifies the key. This includes the assumption that the key is ever verified by the Receiving Server.</p><!-- FIXME: belongs into 0185? -->
@ -287,7 +287,7 @@ recv: <db:verify
recv: <db:result
from='sender.tld'
to='target.tld'>
37c69b1cf07a3f67c04a5ef5902fa5114f2c76fe4a2686482ba5b89323075643
1e701f120f66824b57303384e83b51feba858024fd2221d39f7acc52dcf767a9
</db:result>
]]></example>
<p>This key MUST be verified before the Sender Domain ('sender.tld') is authorized to send stanzas. The verification process might fail prematurely, for example, if the Receiving Server's policy states that connections from the Sender Domain are not allowed.</p>
@ -329,7 +329,7 @@ recv: <db:verify
from='target.tld'
id='417GAF25'
to='sender.tld'>
38b501ec606752318f72ad53de17ac6d15f86257485b0d8f5d54e1f619e6b869
fed84f34d39682fd80bd04e01894f98c4149cf9df47575b134eeb6d2c7fe9fee
</db:verify>
]]></example>
<p>If the Target Domain as given in the 'to' attribute of the element does not match a configured local domain, this results in a dialback error. This error, which is explained further in section 2.4, is not a stream error and therefore MUST NOT result in termination of the stream and the underlying TCP connection, which might already be used for sending XML stanzas for other domain pairs.</p>
@ -348,9 +348,9 @@ send: <db:verify
<code>
key = HMAC-SHA256(
SHA256('d14lb4ck43v3r'),
{ 'sender.tld', ' ', 'target.tld', ' ', '417GAF25'}
{ 'sender.tld', ' ', 'target.tld', ' ', '417GAF25' }
)
= 38b501ec606752318f72ad53de17ac6d15f86257485b0d8f5d54e1f619e6b869
= fed84f34d39682fd80bd04e01894f98c4149cf9df47575b134eeb6d2c7fe9fee
</code>
<p>The Authoritative Server then notifies the Receiving Server whether the key is valid. This is done by creating a &lt;db:verify/&gt; element which MUST possess 'from' and 'to' attributes whose values are swapped from the request, MUST possess an 'id' attribute whose value is copied from the 'id' value of the request, and MUST possess a 'type' attribute whose value is either "valid" or "invalid".</p>
<example caption="Authoritative Server Informs Receiving Server that Key is Valid (step 3)"><![CDATA[