[Standards] LAST CALL: XEP-0368 (SRV records for XMPP over TLS)

Evgeny Khramtsov xramtsov at gmail.com
Tue Feb 14 19:36:45 UTC 2017


Tue, 14 Feb 2017 09:25:17 -0500
Travis Burtrum <travis at burtrum.org> wrote:

> It's basically got 3 maybe 4 use cases, share ports with other TLS
> services, enable connectivity from places with dumb firewall policies
> (airports, coffee shops etc), save roundtrips.  And this is the maybe,
> most TLS libs I've seen it's easier to establish a direct TLS
> connection than xmpp's custom STARTTLS.

There is yet another use case: letting load balancers (haproxy, nginx,
etc) support tls themselves and route decrypted traffic to an XMPP
backend. Currently, haproxy and nginx don't support XMPP STARTTLS
(although a patch for nginx exists with unknown quality). So this
removes some burden from server admins.


More information about the Standards mailing list