Comment 46 for bug 506647

I am having this problem now, the first time I am using empathy.

Wireshark confirms that it is the same message from aol as in the description.

The issue seems that empathy is connecting to api.oscar.aol.com on port 80 (non encrypted) and providing the startOSCARsession request including useTLS=1.

I would expect that connecting to 443 and giving the exact same request would work just fine, or connecting to 80 and not asking for useTLS=1.

AOL is effectively saying that if you want to have a secure (useTLS=1) connection, you should use https (443) to start it, or you're exposing a bunch of stuff (the startOSCARsession parameters which can probably be decoded pretty easily).