On June 30, 2019 5:07:08 PM GMT+02:00, Sam Whited <[email protected]> wrote: >On Sun, Jun 30, 2019, at 14:58, Ralph Meijer wrote: >> Just to be clear, in the same way as for xmpp-client, as per RFC >2782? > >I think so; I meant by fetching the A/AAAA record of the domain part of >the JID, and then attempting to perform direct TLS if a connection is >established. Then again, if an attacker can poison my DNS to send me a >"." SRV record, they can probably mess with the A/AAAA records too so I >suppose it doesn't matter all that much. > >Either way, if a connection is made at some point I'll probably try >direct TLS whether it was advertised or not.
Hmm. On which port? I want to point out explicitly that although 5223 has been used a bunch since before the IETF standardization, IANA has assigned it to some HP management service. Hence my other proposal, which is still currently unregistered. -- Cheers, ralphm _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
