Removed _xmpp-client-tcpssl attribute since use of the old-style SSL-only port is discouraged.
Added _xmpp-client-tcpssl for old-style SSL connections; discussed potential for using U-NAPTR.
Added _xmpp-client-tcpssl for old-style SSL connections; added discussion of IETF U-NAPTR technology.
The following examples show three DNS TXT resource records: the first indicates support for the httpbind connection method defined in XEP-0124 including the appropriate URL, the second indicates support for the httppoll connection method defined in XEP-0025 including the appropriate URL, and the third indicates support for WAP connections including the appropriate URL, and the fourth indicates support for the older, SSL-only connection method for clients.
+The following examples show three DNS TXT resource records: the first indicates support for the httpbind connection method defined in XEP-0124 including the appropriate URL, the second indicates support for the httppoll connection method defined in XEP-0025 including the appropriate URL, and the third indicates support for WAP connections including the appropriate URL, the fourth indicates support for client connections at TCP port 5222, and the fifth indicates support for server connections at TCP port 5269.
Note: These examples are included for the sake of completeness. As mentioned, use of the "_xmpp-client-tcp" and "_xmpp-server-tcp" attributes is discouraged, since SRV records are preferred.
It is possible that advertisement of connection methods other than the standard TCP connection method may introduce security vulnerabilities, since a connecting entity (usually a client) might deliberately seek to connect using the method with the weakest security mechanisms (e.g., no channel encryption or relatively weak authentication). Care must be taken in determining which connection methods are appropriate to advertise.
@@ -153,20 +161,12 @@ _xmppconnect IN TXT "_xmpp-client-tcpssl=5223"