[Standards] XEP-0368: What does a . for a target mean in _xmpps-client/server records?

Ralph Meijer ralphm at ik.nu
Sun Jun 30 14:58:41 UTC 2019


On June 30, 2019 4:45:40 PM GMT+02:00, Sam Whited <sam at samwhited.com> wrote:
>On Sun, Jun 30, 2019, at 09:54, Dave Cridland wrote:
>> 1) It's not A/AAAA fallback "as per RFC 6120", because we're talking
>>    about a Direct TLS fallback. It should be per section... erm...
>> 2) This document doesn't mention a A/AAAA fallback at all, and
>perhaps
>>    that's right - do we ever want one with '368?
>> >  Please comment on-list.
>
>I've been meaning to change my library to do its fallback a little
>differently, including trying direct TLS fallback A/AAAA fallback. DNS
>often doesn't use any sort of security measures, so to prevent DNS
>based
>downgrade attacks it seems best to me to always try direct TLS on the
>A/AAAA record, just as we always try StartTLS even if it's not
>advertised.

Just to be clear, in the same way as for xmpp-client, as per RFC 2782?


-- 
Cheers,

ralphm


More information about the Standards mailing list