[Standards] LAST CALL: XEP-0368 (SRV records for XMPP over TLS)

Sam Whited sam at samwhited.com
Mon Feb 13 21:55:13 UTC 2017


On Mon, Feb 13, 2017 at 3:43 PM, Ruslan N. Marchenko <me at ruff.mobi> wrote:
> I don't understand what do we need to hide here by summoning port 5223 from
> the oblivion.

This is another reason why I think that privacy/security statement
needs to be removed; it just leads to this sort of confusion.

I think we're *not* hiding anything here, we're just saving a few
round trips. That's the benefit I see to this XEP: If you know you're
using TLS, just start using it, why bother negotiating an upgrade?

I understand that not everyone needs to save these round trips, but I
see that as the primary benefit of this XEP for people who do need to
save it; trying to frame it as a security thing will just confuse
people or make them think that the existing STARTTLS stuff is "bad"
somehow.

—Sam


More information about the Standards mailing list