[Standards] XEP-0368: What does a . for a target mean in _xmpps-client/server records?

Ralph Meijer ralphm at ik.nu
Sun Jun 30 15:16:45 UTC 2019


On June 30, 2019 5:07:08 PM GMT+02:00, Sam Whited <sam at samwhited.com> wrote:
>On Sun, Jun 30, 2019, at 14:58, Ralph Meijer wrote:
>> Just to be clear, in the same way as for xmpp-client, as per RFC
>2782?
>
>I think so; I meant by fetching the A/AAAA record of the domain part of
>the JID, and then attempting to perform direct TLS if a connection is
>established. Then again, if an attacker can poison my DNS to send me a
>"." SRV record, they can probably mess with the A/AAAA records too so I
>suppose it doesn't matter all that much.
>
>Either way, if a connection is made at some point I'll probably try
>direct TLS whether it was advertised or not.

Hmm. On which port? I want to point out explicitly that although 5223 has been used a bunch since before the IETF standardization, IANA has assigned it to some HP management service. Hence my other proposal, which is still currently unregistered.


-- 
Cheers,

ralphm


More information about the Standards mailing list