Editorial fixes.
+With respect to XEP-0220's security considerations, the adaptations in this document add at minimum channel encryption and integrity, which forces an attacker into making an active attack, rather than passive eavesdropping. This raises the cost of an attack significantly. However, unless the certificates are authenticated, there is still a man-in-the-middle attack possible, and the reliance on unauthenticated DNS remains problematic.
-Use of the "Same Certificate" shortcut described in XXXX is not thought to materially alter the security profile beyond that described above. In particular, it does not alter the level of trust an implementation may put in authentication.
Use of the "Dialback without dialback" shortcut described in XXXX raises the level of authentication to that of the TLS/SASL-EXTERNAL process described in RFC 6120, and is thought to be indistinguishable from a security standpoint. As such, the security considerations relating to this in RFC 6120 et al apply.
If both SRV and A/AAAA records are protected by DNSSEC, this means that the correct address for the peer can be proven, removing DNS forgery as an attack vector. Without TLS, it is however still possible to mount an array of attacks, including IP spoofing and eavesdropping.
With TLS, however, the situation improves. Since TLS protects against a naïve IP spoofing attack, a routing protocol attack (such as BGP hijacking) is required to forge the server.