moparisthebest
/
xeps
mirror of https://github.com/moparisthebest/xeps
1
0
Fork 0
Code Issues Releases Wiki Activity

Accepting 'tls-srv' ProtoXEP as XEP-0368

This commit is contained in:
Ash Ward 2015-12-15 20:53:19 +00:00
parent 1d79afb3b6
commit d5fb17baf0
2 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
inbox/tls-srv.xml → xep-0368.xml
View File

@ -18,8 +18,8 @@
<liability>In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall the XMPP Standards Foundation or any author of this Specification be liable for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising out of the use or inability to use the Specification (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if the XMPP Standards Foundation or such author has been advised of the possibility of such damages.</liability>
<conformance>This XMPP Extension Protocol has been contributed in full conformance with the XSF's Intellectual Property Rights Policy (a copy of which may be found at &lt;<link url='http://xmpp.org/extensions/ipr-policy.shtml'>http://xmpp.org/extensions/ipr-policy.shtml</link>&gt; or obtained by writing to XSF, P.O. Box 1641, Denver, CO 80201 USA).</conformance>
</legal>
<number>xxxx</number>
<status>ProtoXEP</status>
<number>0368</number>
<status>Experimental</status>
<type>Standards Track</type>
<sig>Standards</sig>
<approver>Council</approver>
@ -37,10 +37,10 @@
<jid>travis@burtrum.org</jid>
</author>
<revision>
<version>0.0.1</version>
<date>2015-10-31</date>
<initials>psa</initials>
<remark><p>First draft.</p></remark>
<version>0.1</version>
<date>2015-12-15</date>
<initials>XEP Editor (asw)</initials>
<remark><p>Initial published version approved by the XMPP Council.</p></remark>
</revision>
<revision>
<version>0.0.2</version>
@ -48,6 +48,12 @@
<initials>tjb</initials>
<remark><p>tls proto to tcp, change service instead. Set SNI correctly.</p></remark>
</revision>
<revision>
<version>0.0.1</version>
<date>2015-10-31</date>
<initials>psa</initials>
<remark><p>First draft.</p></remark>
</revision>
</header>
<section1 topic='Introduction' anchor='intro'>
<p>&xmppcore; specifies the use of xmpp-client/xmpp-server SRV records as the method of discovering how to connect to an XMPP server. This XEP extends that to include new xmpps-client/xmpps-server SRV records pointing to TLS ports and combine priorities and weights as if they were a single SRV record. Applied to both xmpps-client and xmpps-server SRV records, this provides the opportunity to connect to XMPP servers with at least equal and perhaps increased security and privacy over using STARTTLS. It also provides an easy way for clients to bypass restrictive firewalls that only allow HTTPS, and for servers to host multiple protocols/services on a single port.</p>
@ -62,7 +68,7 @@
<li>Treat both 'xmpp-' and 'xmpps-' records as the same record with regard to connection order as specified by <cite>RFC 2782</cite>, in that all priorities and weights are mixed. (so the server operator can decide if they would rather clients connect to tcp with STARTTLS or just with TLS directly)</li>
<li>Where 'service' starts with 'xmpps-' the client or server MUST connect with TLS enabled.</li>
<li>Where 'service' starts with 'xmpp-' the client or server MUST NOT connect with TLS enabled, connection method is unchanged from <cite>XMPP Core</cite>.</li>
<li>TLS certificates MUST be validated the same way as for STARTTLS. (ie, as specified in <cite>XMPP Core</cite>).</li>
<li>TLS certificates MUST be validated the same way as for STARTTLS. (i.e., as specified in <cite>XMPP Core</cite>).</li>
<li>STARTTLS MUST NOT be used over TLS connections.</li>
<li>Client or server SHOULD set SNI TLS extension to the JID's domain part.</li>
<li>Client or server SHOULD set the ALPN (&rfc7301;) TLS extension.</li>

1
xep.ent
View File

@ -1370,3 +1370,4 @@ IANA Service Location Protocol, Version 2 (SLPv2) Templates</link></span> <note>
<!ENTITY xep0365 "<span class='ref'><link url='http://xmpp.org/extensions/xep-0365.html'>Server to Server communication over STANAG 5066 ARQ (XEP-0365)</link></span> <note>XEP-0365: Server to Server communication over STANAG 5066 ARQ &lt;<link url='http://xmpp.org/extensions/xep-0365.html'>http://xmpp.org/extensions/xep-0365.html</link>&gt;.</note>" >
<!ENTITY xep0366 "<span class='ref'><link url='http://xmpp.org/extensions/xep-0366.html'>Entity Versioning (XEP-0366)</link></span> <note>XEP-0366: Entity Versioning &lt;<link url='http://xmpp.org/extensions/xep-0366.html'>http://xmpp.org/extensions/xep-0366.html</link>&gt;.</note>" >
<!ENTITY xep0367 "<span class='ref'><link url='http://xmpp.org/extensions/xep-0367.html'>Message Attaching (XEP-0367)</link></span> <note>XEP-0367: Message Attaching &lt;<link url='http://xmpp.org/extensions/xep-0367.html'>http://xmpp.org/extensions/xep-0367.html</link>&gt;.</note>" >
<!ENTITY xep0368 "<span class='ref'><link url='http://xmpp.org/extensions/xep-0368.html'>SRV records for XMPP over TLS (XEP-0368)</link></span> <note>XEP-0368: SRV records for XMPP over TLS &lt;<link url='http://xmpp.org/extensions/xep-0368.html'>http://xmpp.org/extensions/xep-0368.html</link>&gt;.</note>" >