mirror of
https://github.com/moparisthebest/xeps
synced 2024-11-21 16:55:07 -05:00
Clarification
Clarified to avoid reliance on insecure DNS queries for determination of hostname
This commit is contained in:
parent
4fe2bbe25c
commit
aa96595b05
@ -88,7 +88,7 @@
|
||||
<p>An XMPP client will initiate a connection to the XMPP server.</p>
|
||||
<p>The XMPP server will communicate its hostname in a child element of the <mechanisms/> element during SASL negotation, as allowed by <cite>RFC 6120</cite> (see Section 6.3.5 and the schema for the 'urn:ietf:params:xml:ns:xmpp-sasl' namespace in Appendix A.4).</p>
|
||||
<p>This child element is <hostname/> qualified by the 'urn:xmpp:domain-based-name:1' namespace. &NSNOTE;.</p>
|
||||
<p>The XML character data of the <hostname/> element specifies the fully-qualified name of the XMPP server. This should be used for constructing the Kerberos principal name and is independent of the usual rules that an XMPP client uses for establishing a network connection to the XMPP server.</p>
|
||||
<p>The XML character data of the <hostname/> element specifies the fully-qualified name of the XMPP server. This should be used for constructing the Kerberos principal name and is independent of the usual rules that an XMPP client uses for establishing a network connection to the XMPP server which may use insecure DNS queries (also see &rfc4120;).</p>
|
||||
</section1>
|
||||
|
||||
<section1 topic='Kerberos Principal Name in the GSS-API environment' anchor='principal'>
|
||||
|
Loading…
Reference in New Issue
Block a user