In rfc3920bis, we have generalized the use of the <required/> element in stream features from STARTTLS to all features. If the <required/> element is not included, then negotiation of the stream feature is implicitly optional. However, it can be dangerous (or at least inefficient) to rely on implicit flagging of a feature as optional. Therefore I suggest that we define an <optional/> child, just as we have done for <required/>, and specify that either <optional/> or <required/> must be included.
As an example, Joe Hildebrand pointed out to me that if we don't explicitly flag the old im-session feature as optional in servers that comply with rfc3920bis, then we will never save any round trips. Here's the reasoning: 1. bis-client connects to bis-server 2. they complete TLS, SASL, and resource binding 3. bis-server returns im-session feature (not <required/>) for backwards compatibility with 3920-clients 4. bis-client doesn't really know if im-session start is optional or required, so it initiates a session per RFC 3921 If the bis-server had explicitly told the client that negotiation of the im-session feature was optional, we could have saved a round trip. Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
