Hiya, As your non-shiny new helper AD I've reviewed draft-ietf-uta-xmpp-05. I have some comments (below), none need hold up IETF LC I think so please treat these as you would IETF LC comments.
I'll request IETF LC momentarily. Thanks, S. - 3.4: I'm not clear what the last paragraph is telling me. What should I do about that? - 3.7: practically, is it feasible to provide a client with information about server-server uses of TLS? (And how many server-server TLS "hops" might there be?) - 3.7: Would it be sensible here to recommend that servers log information about the use of TLS so as to be able to spot e.g. that what used normally be sent over TLS, is now in clear? I'm not sure how feasible it would be to do that very well, but maybe we could give developers some hints here and see what they come up with? - 5: Would it be worth noting there that this is not e2e (obvious I guess) but that that means that some gateways (e.g. to SIP) may mean that we even if we really get all hops protected, we may not be able to report on that? nits: - 3.5: maybe s/passive eavesdropping/eavesdropping/ and a reference to RFC7258 might save someone the trouble about arguing that case in XMPP land later. - ID nits has some reference version nits, it's fine to fix those next time some changes are needed. _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
