From 2702c80e4db8ddf6f613029c194e36cd4eb5e7ee Mon Sep 17 00:00:00 2001 From: Peter Saint-Andre Date: Tue, 30 Jan 2007 18:02:41 +0000 Subject: [PATCH] 0.5 git-svn-id: file:///home/ksmith/gitmigration/svn/xmpp/trunk@447 4b5297f7-1745-476d-ba37-a9c6900126ab --- xep-0156.xml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/xep-0156.xml b/xep-0156.xml index 8e0460a3..085ac989 100644 --- a/xep-0156.xml +++ b/xep-0156.xml @@ -23,11 +23,17 @@ N/A &hildjj; &stpeter; + + 0.5 + 2007-01-30 + psa +

Removed _xmpp-client-tcpssl attribute since use of the old-style SSL-only port is discouraged.

+
0.4 2007-01-29 psa -

Added _xmpp-client-tcpssl for old-style SSL connections; discussed potential for using U-NAPTR.

+

Added _xmpp-client-tcpssl for old-style SSL connections; added discussion of IETF U-NAPTR technology.

0.3 @@ -102,12 +108,14 @@ -

The following examples show three DNS TXT resource records: the first indicates support for the httpbind connection method defined in XEP-0124 including the appropriate URL, the second indicates support for the httppoll connection method defined in XEP-0025 including the appropriate URL, and the third indicates support for WAP connections including the appropriate URL, and the fourth indicates support for the older, SSL-only connection method for clients.

+

The following examples show three DNS TXT resource records: the first indicates support for the httpbind connection method defined in XEP-0124 including the appropriate URL, the second indicates support for the httppoll connection method defined in XEP-0025 including the appropriate URL, and the third indicates support for WAP connections including the appropriate URL, the fourth indicates support for client connections at TCP port 5222, and the fifth indicates support for server connections at TCP port 5269.

+

Note: These examples are included for the sake of completeness. As mentioned, use of the "_xmpp-client-tcp" and "_xmpp-server-tcp" attributes is discouraged, since SRV records are preferred.

It is possible that advertisement of connection methods other than the standard TCP connection method may introduce security vulnerabilities, since a connecting entity (usually a client) might deliberately seek to connect using the method with the weakest security mechanisms (e.g., no channel encryption or relatively weak authentication). Care must be taken in determining which connection methods are appropriate to advertise.

@@ -153,20 +161,12 @@ _xmppconnect IN TXT "_xmpp-client-tcpssl=5223" RFC 3920 - - _xmpp-client-tcpssl - old-style SSL-encrypted client-to-server TCP connection method - should contain the port number (traditionally 5223) - N/A - - _xmpp-server-tcp standard server-to-server TCP connection method (usually on port 5269) may contain the port number (however, this should be discovered via SRV) RFC 3920 - ]]>