(Sorry, I'm replying slowly, having to carve out time at the moment). On Wed, 3 Feb 2021 at 17:34, Sonny Piers <[email protected]> wrote:
> I agree with the points raised, but I suggest we forget about public > deployments, looks like the only valid use case for this proposal is to > have default endpoints for non-public facing services (CI, localhost, > development, ...) > So are you suggesting these are formally scoped for default values for non-production environments? The XEP is a recommendation for server to default to > `ws://service:5280/xmpp-websocket` and `wss://service:5443/xmpp-websocket` > instead of current arbitrary endpoints. > And this would be for a CI, test, etc deployment only? So if a server has a "test mode", it would run like this, as opposed to a "production mode" where it disables unencrypted connections by default, etc? > The XEP mentions that these are not recommended endpoints for public > deployments and that protocol wss and port 443 advertised over XEP 0156 is > preferred. > Right, this feels like a XEP providing useful advice for deployments in test and production environments, with default ports etc. This feels, to me, to be a useful XEP, and if it can be codified into servers as a single switch that would have clear usability (adminability?) benefits. > > That's it. > > As a follow up: > > Client and client libraries are free to choose to fallback to these > endpoints if the service is not a FQDN. > > Regardless of this proposal, 0156 should become mandatory for compliance > suite web core. > > WDYT? > I think I'm broadly on-board with this, but I'm not sure it bears much relationship to the proposal offered - this ProtoXEP really talks about it from the client PoV, and that's where a lot of my concerns arise, and implies no encryption in production, which also gives me a fluttery feeling in my stomach. So in the meeting this afternoon/evening, I'm going to veto *this* ProtoXEP, and expect another based around deployment recommendations as described above. (Obviously you could approach this by editing the life out of the existing proposal and resubmitting, but honestly it feels like you're starting from scratch here and I'll certainly approach it that way). I hope that sounds reasonable to all concerned. Dave.
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
