[Standards] Fwd: [Uta] STARTTLS vulnerabilities
holger at zedat.fu-berlin.de
Thu Aug 12 13:16:52 UTC 2021
* Sam Whited <sam at samwhited.com> [2021-08-11 17:21]:
> In my experience it's widely supported these days.
At least for c2s, yes.
> I also don't know if clients prioritize these records over starttls.
| Both 'xmpp-' and 'xmpps-' records SHOULD be treated as the same record
| with regard to connection order as specified by RFC 2782 , in that
| all priorities and weights are mixed. This enables the server operator
| to decide if they would rather clients connect with STARTTLS or direct
| TLS. However, clients MAY choose to prefer one type of connection over
| the other.
More information about the Standards