[Standards] LAST CALL: XEP-0368 (SRV records for XMPP over TLS)

Travis Burtrum travis at burtrum.org
Mon Feb 13 20:57:15 UTC 2017

On 02/13/2017 02:26 PM, Ruslan N. Marchenko wrote:
> So security here will be just in the sense "all or nothing" -
> either you pass through (non-paranoid) or not (paranoid).

That's not true though, there are firewalls in practice today that only
allow HTTP on port 80, and only TLS on port 443, but do not MITM TLS.

If TLS is MITM'd with a custom CA installed on your device then TLS
doesn't protect you from the MITM of course, and this won't address that.

More information about the Standards mailing list