[Standards] XEP-0368: What does a . for a target mean in _xmpps-client/server records?

Sam Whited sam at samwhited.com
Sun Jun 30 14:45:40 UTC 2019


On Sun, Jun 30, 2019, at 09:54, Dave Cridland wrote:
> 1) It's not A/AAAA fallback "as per RFC 6120", because we're talking
>    about a Direct TLS fallback. It should be per section... erm...
> 2) This document doesn't mention a A/AAAA fallback at all, and perhaps
>    that's right - do we ever want one with '368?
> >  Please comment on-list.

I've been meaning to change my library to do its fallback a little
differently, including trying direct TLS fallback A/AAAA fallback. DNS
often doesn't use any sort of security measures, so to prevent DNS based
downgrade attacks it seems best to me to always try direct TLS on the
A/AAAA record, just as we always try StartTLS even if it's not
advertised.

—Sam


More information about the Standards mailing list