Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Georg Lukas
* Peter Saint-Andre [2017-01-24 22:29]: > To NOT assign. especially when they are already assigned to other applications. signature.asc Description: Digital signature ___ Standards mailing list Info:

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Peter Saint-Andre
On 1/24/17 2:28 PM, Peter Saint-Andre wrote: On 1/24/17 7:16 AM, Philipp Hancke wrote: 3) Should we request IANA register 5223 and 5270 as default ports? No. We already have two ports for XMPP and there is a strong preference at the IETF and IANA to assign additional ports for TLS-only comms.

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Peter Saint-Andre
On 1/24/17 7:16 AM, Philipp Hancke wrote: 3) Should we request IANA register 5223 and 5270 as default ports? No. We already have two ports for XMPP and there is a strong preference at the IETF and IANA to assign additional ports for TLS-only comms. I may sound like a broken record but I

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Sam Whited
On Tue, Jan 24, 2017 at 2:13 PM, Travis Burtrum wrote: > I still disagree, I know in the wild you will find poorly written > clients and servers that fall back to plain text when confronted with > STARTTLS stripping, but you will NEVER find software that falls back to >

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Dave Cridland
On 24 January 2017 at 20:13, Travis Burtrum wrote: > On 01/24/2017 10:20 AM, Sam Whited wrote: >> I agree with Zash, they're equivalant; 6120 says >> that even if STARTTLS isn't advertised you should attempt it, and this >> is the same thing. Falling back to plain is a bad

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Travis Burtrum
On 01/24/2017 10:20 AM, Sam Whited wrote: > I agree with Zash, they're equivalant; 6120 says > that even if STARTTLS isn't advertised you should attempt it, and this > is the same thing. Falling back to plain is a bad idea, but it's a > matter of client policy. I still disagree, I know in the

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Sam Whited
On Tue, Jan 24, 2017 at 7:38 AM, Travis Burtrum wrote: > But you basically said it yourself, "Direct" TLS and STARTTLS are > equivalent security-wise ONLY IF you attempt STARTTLS regardless of > offer and give up with a security exception otherwise. That behavior is >

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Philipp Hancke
3) Should we request IANA register 5223 and 5270 as default ports? I may sound like a broken record but I don't see why servers can't do TLS and starttls on the same port. jabberd1 has showed how to do that at least since 2004. Basically the server peeks at the first byte which is either

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Dave Cridland
On 24 January 2017 at 13:38, Travis Burtrum wrote: > On 01/24/2017 08:08 AM, Kim Alvefur wrote: >> On Thu, Jan 19, 2017 at 03:19:12PM -0500, Travis Burtrum wrote: >>> I am proposing advancing XEP-0368 from Experimental to Proposed, and the >>> XSF MUC said to do this by

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Travis Burtrum
On 01/24/2017 08:08 AM, Kim Alvefur wrote: > On Thu, Jan 19, 2017 at 03:19:12PM -0500, Travis Burtrum wrote: >> I am proposing advancing XEP-0368 from Experimental to Proposed, and the >> XSF MUC said to do this by sending an email to the standards list. >> >>

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Kim Alvefur
On Thu, Jan 19, 2017 at 03:19:12PM -0500, Travis Burtrum wrote: > I am proposing advancing XEP-0368 from Experimental to Proposed, and the > XSF MUC said to do this by sending an email to the standards list. > > https://xmpp.org/extensions/xep-0368.html > Any thoughts? > TLS provides more

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-24 Thread Travis Burtrum
Hello, Thanks for the comments, I'll address these in-line: On 01/19/2017 05:11 PM, Dave Cridland wrote: > 1) SNI really needs to be a MUST rather than a SHOULD. It's the moral > equivalent to having a "to" in the stream open for the pre-TLS > STARTTLS case, which is also mandated as of RFC

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-20 Thread Evgeny Khramtsov
Thu, 19 Jan 2017 15:19:12 -0500 Travis Burtrum wrote: > Hi all, > > I am proposing advancing XEP-0368 from Experimental to Proposed, and > the XSF MUC said to do this by sending an email to the standards list. > > https://xmpp.org/extensions/xep-0368.html > > It's been a

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-19 Thread Dave Cridland
On 19 January 2017 at 20:19, Travis Burtrum wrote: > Hi all, > > I am proposing advancing XEP-0368 from Experimental to Proposed, and the > XSF MUC said to do this by sending an email to the standards list. > > https://xmpp.org/extensions/xep-0368.html > > It's been a bit over

Re: [Standards] Advance XEP-0368 to Proposed

2017-01-19 Thread Sam Whited
On Thu, Jan 19, 2017 at 2:19 PM, Travis Burtrum wrote: > What's the next step? Any thoughts? Added to the council agenda: https://trello.com/c/xrVh1W7C Please continue discussion here. —Sam ___ Standards mailing list Info:

[Standards] Advance XEP-0368 to Proposed

2017-01-19 Thread Travis Burtrum
Hi all, I am proposing advancing XEP-0368 from Experimental to Proposed, and the XSF MUC said to do this by sending an email to the standards list. https://xmpp.org/extensions/xep-0368.html It's been a bit over a year, no one has suggested any changes to me. There is at least one client