154 lines
9.3 KiB

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE xep SYSTEM 'xep.dtd' [
<!ENTITY % ents SYSTEM 'xep.ent'>
<?xml-stylesheet type='text/xsl' href='xep.xsl'?>
<title>SRV records for XMPP over TLS</title>
<abstract>This specification defines a procedure to look up xmpps-client/xmpps-server SRV records (for direct TLS connections) in addition to xmpp-client/xmpp-server and mix weights/priorities.</abstract>
<type>Standards Track</type>
<spec>XMPP Core</spec>
<spec>RFC 2782</spec>
<remark><p>Describe how to fall back if _xmpps-server/_xmpps-client records cannot be found.</p></remark>
<remark><p>Fix trivial 'to' vs. 'two' typo.</p></remark>
<initials>XEP Editor (ssw)</initials>
<remark><p>Advance to draft as approved by the XMPP Council.</p></remark>
<remark><p>Implement more last call comments, editorial changes, mixing SRV records is now SHOULD.</p></remark>
<remark><p>Implement last call comments, editorial changes, SNI is now MUST.</p></remark>
<initials>XEP Editor (asw)</initials>
<remark><p>Initial published version approved by the XMPP Council.</p></remark>
<remark><p>tls proto to tcp, change service instead. Set SNI correctly.</p></remark>
<remark><p>First draft.</p></remark>
<section1 topic='Introduction' anchor='intro'>
<p>&xmppcore; specifies the use of xmpp-client/xmpp-server SRV records as the method of discovering how to connect to an XMPP server. This XEP extends that to include new xmpps-client/xmpps-server SRV records pointing to direct TLS ports and combine priorities and weights as if they were a single SRV record similar to &rfc6186;. It also provides an easy way for clients to bypass restrictive firewalls that only allow HTTPS, for servers to host multiple protocols/services on a single port, and for servers and clients to take advantage of less round trips and existing direct TLS loadbalancers.</p>
<section1 topic='Glossary' anchor='glossary'>
<dt>Direct TLS</dt>
Where TLS is attempted immediately on connect to a TCP socket, like how HTTPS works, not like how STARTTLS works with any protocol.
<section1 topic='Requirements' anchor='reqs'>
<p>The following format for DNS SRV resource records is specified in &rfc2782;:</p>
_service._proto.name. TTL class SRV priority weight port target.
<p>&xmppcore; defines SRV records only where 'service' is 'xmpp-client' and 'xmpp-server'. This document specifies two additionally look up records where 'service' is 'xmpps-client' and 'xmpps-server'. This document specifies that the following additional rules apply:</p>
<li>Both 'xmpp-' and 'xmpps-' records SHOULD be treated as the same record with regard to connection order as specified by &rfc2782;, in that all priorities and weights are mixed. This enables the server operator to decide if they would rather clients connect with STARTTLS or direct TLS. However, clients MAY choose to prefer one type of connection over the other.</li>
<li>Where 'service' starts with 'xmpps-' the client or server MUST connect with direct TLS enabled.</li>
<li>Where 'service' starts with 'xmpp-' the client or server MUST NOT connect with direct TLS enabled, connection method is unchanged from &xmppcore;.</li>
<li>TLS certificates MUST be validated the same way as for STARTTLS. (i.e., as specified in &xmppcore;).</li>
<li>STARTTLS MUST NOT be used over direct TLS connections.</li>
<li>Client or server MUST set SNI TLS extension to the JID's domain part.</li>
<li>Client or server SHOULD set the ALPN (&rfc7301;) TLS extension.</li>
<li>When ALPN is used, the ALPN protocol MUST be '<strong>xmpp-client</strong>', where the SRV service is '<strong>xmpps-client</strong>'.</li>
<li>When ALPN is used, the ALPN protocol MUST be '<strong>xmpp-server</strong>', where the SRV service is '<strong>xmpps-server</strong>'.</li>
<section1 topic='Use Cases' anchor='usecases'>
<p>For server operators, this provides a way to host multiple services on the same port, especially when SNI or ALPN extensions are used. Servers could even host xmpp-client and xmpp-server services on the same TLS port. For clients, this provides a virtually zero overhead way to bypass restrictive firewalls that only allow HTTP over port 80 and HTTPS over port 443, as XMPP-over-TLS is indistinguishable from HTTP-over-TLS when ALPN is not used. For clients and servers, direct TLS saves round trips vs STARTTLS.</p>
<section1 topic='Implementation Notes' anchor='impl'>
<p>The only overhead is the single additional SRV lookup. All clients that support STARTTLS already have support for direct TLS.</p>
<p>Server operators should not expect multiplexing (via ALPN) to work in all scenarios and therefore should provide additional SRV record(s) that do not require multiplexing (either standard STARTTLS or dedicated direct XMPP-over-TLS). This is a result of relying on ALPN for multiplexing, where ALPN might not be supported by all devices or may be disabled by a user due to privacy reasons.</p>
<p>If the <tt>_xmpps-client</tt> (or <tt>_xmpps-server</tt>) target is set to <tt>.</tt> (dot), this indicates as per &rfc2782; that the service is not provided for the given domain. In this context, this means that Direct TLS is not supported. In this case, the initiating party SHOULD look up <tt>_xmpp-client</tt> (or <tt>_xmpp-server</tt>) records. The initiating party MUST NOT perform A/AAAA fallback as per &rfc6120; (since the service provider has already indicated that the SRV protocol is supported).</p>
<section1 topic='Security Considerations' anchor='security'>
<p>Direct TLS provides AT LEAST the same level of security as STARTTLS, and more privacy without ALPN as using STARTTLS leaks that the underlying protocol is XMPP, while any direct TLS stream should be indistinguishable from any other direct TLS stream. Direct TLS provides more security than STARTTLS if &rfc7590; is not followed, as it isn't subject to STARTTLS stripping. All security setup and certificate validation code SHOULD be shared between the STARTTLS and direct TLS logic as well. All SRV-based connection methods are subject to DNS modification/stripping/spoofing of SRV records in the absence of DNSSEC.</p>
<section1 topic='IANA Considerations' anchor='iana'>
<p>ALPN (&rfc7301;) requires registration of new Protocol IDs. This document specifies two Protocol IDs:</p>
Protocol: XMPP jabber:client namespace<br/>
Identification Sequence:<br/>
&nbsp;&nbsp;&nbsp;0x78 0x6d 0x70 0x70 0x2d 0x63 0x6c 0x69 0x65 0x6e 0x74 ("xmpp-client")<br/>
Reference: [&xep0368;]
Protocol: XMPP jabber:server namespace<br/>
Identification Sequence:<br/>
&nbsp;&nbsp;&nbsp;0x78 0x6d 0x70 0x70 0x2d 0x73 0x65 0x72 0x76 0x65 0x72 ("xmpp-server")<br/>
Reference: [&xep0368;]
<p>The ALPN registry is currently located <link url='https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids'>here</link>.</p>
<p>Issues with direct TLS ports mentioned in &rfc2595; <link url='https://tools.ietf.org/html/rfc2595#section-7'>Section 7</link> do not apply here for these reasons:</p>
<li>URL scheme is unchanged.</li>
<li>"Security" is the same between STARTTLS and direct TLS, and post-2014 the general consensus is that no public XMPP server or client should connect without some form of TLS per the <link url='https://github.com/stpeter/manifesto/blob/master/manifesto.txt'>ubiquitous encryption manifesto</link>.</li>
<li>A "Use TLS when available" security model is possible here because the client could fall back to standard STARTTLS SRV records if the server administrator supplies them.</li>
<li>No port numbers are assigned because SRV allows using arbitrary ports at the server administrator's discretion.</li>
<section1 topic='XMPP Registrar Considerations' anchor='registrar'>
<p>This document requires no interaction with the &REGISTRAR;.</p>