diff --git a/inbox/tls-srv.xml b/xep-0368.xml
similarity index 96%
rename from inbox/tls-srv.xml
rename to xep-0368.xml
index 2ab060f3..84cd40f8 100644
--- a/inbox/tls-srv.xml
+++ b/xep-0368.xml
@@ -18,8 +18,8 @@
In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall the XMPP Standards Foundation or any author of this Specification be liable for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising out of the use or inability to use the Specification (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if the XMPP Standards Foundation or such author has been advised of the possibility of such damages.This XMPP Extension Protocol has been contributed in full conformance with the XSF's Intellectual Property Rights Policy (a copy of which may be found at <http://xmpp.org/extensions/ipr-policy.shtml> or obtained by writing to XSF, P.O. Box 1641, Denver, CO 80201 USA).
- xxxx
- ProtoXEP
+ 0368
+ ExperimentalStandards TrackStandardsCouncil
@@ -37,10 +37,10 @@
travis@burtrum.org
- 0.0.1
- 2015-10-31
- psa
-
First draft.
+ 0.1
+ 2015-12-15
+ XEP Editor (asw)
+
Initial published version approved by the XMPP Council.
0.0.2
@@ -48,6 +48,12 @@
tjb
tls proto to tcp, change service instead. Set SNI correctly.
+
+ 0.0.1
+ 2015-10-31
+ psa
+
First draft.
+
&xmppcore; specifies the use of xmpp-client/xmpp-server SRV records as the method of discovering how to connect to an XMPP server. This XEP extends that to include new xmpps-client/xmpps-server SRV records pointing to TLS ports and combine priorities and weights as if they were a single SRV record. Applied to both xmpps-client and xmpps-server SRV records, this provides the opportunity to connect to XMPP servers with at least equal and perhaps increased security and privacy over using STARTTLS. It also provides an easy way for clients to bypass restrictive firewalls that only allow HTTPS, and for servers to host multiple protocols/services on a single port.
@@ -62,7 +68,7 @@
Treat both 'xmpp-' and 'xmpps-' records as the same record with regard to connection order as specified by RFC 2782, in that all priorities and weights are mixed. (so the server operator can decide if they would rather clients connect to tcp with STARTTLS or just with TLS directly)
Where 'service' starts with 'xmpps-' the client or server MUST connect with TLS enabled.
Where 'service' starts with 'xmpp-' the client or server MUST NOT connect with TLS enabled, connection method is unchanged from XMPP Core.
-
TLS certificates MUST be validated the same way as for STARTTLS. (ie, as specified in XMPP Core).
+
TLS certificates MUST be validated the same way as for STARTTLS. (i.e., as specified in XMPP Core).
STARTTLS MUST NOT be used over TLS connections.
Client or server SHOULD set SNI TLS extension to the JID's domain part.
Client or server SHOULD set the ALPN (&rfc7301;) TLS extension.
diff --git a/xep.ent b/xep.ent
index ab8afbd6..3bb8721d 100644
--- a/xep.ent
+++ b/xep.ent
@@ -1370,3 +1370,4 @@ IANA Service Location Protocol, Version 2 (SLPv2) Templates
Server to Server communication over STANAG 5066 ARQ (XEP-0365) XEP-0365: Server to Server communication over STANAG 5066 ARQ <http://xmpp.org/extensions/xep-0365.html>." >
Entity Versioning (XEP-0366) XEP-0366: Entity Versioning <http://xmpp.org/extensions/xep-0366.html>." >
Message Attaching (XEP-0367) XEP-0367: Message Attaching <http://xmpp.org/extensions/xep-0367.html>." >
+SRV records for XMPP over TLS (XEP-0368) XEP-0368: SRV records for XMPP over TLS <http://xmpp.org/extensions/xep-0368.html>." >