> BTW, we based the user-oriented recommendation somewhat on current practices > in web browsers. For instance, Firefox has an indicator showing whether a > connection is encrypted, but also has an advanced option that enables a user > to view the certificate and also see the TLS version and cipher suite (e.g., > my connection to datatracker.ietf.org uses TLS 1.2 with > TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256). I suppose we can argue about how > useful this information is to a "normal" user, but deliberately hobbling > XMPP clients in comparison to (some) web browsers seems less than completely > helpful.
Ack. And, of course, my comment is just a minor comment, so you can absolutely ignore it. I guess the only thing I would do, if it were my choice, is replace "strongly encouraged" with something like an explanation such as what you say above. Something that says that user-agent software often provides a way for advanced users (or any users at the direction of an administrator) to retrieve this extra information for trouble-shooting purposes, and that having such a mechanism is very useful. Anyway, again: just $.02, to take it as you will. And thanks for the response. Barry _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
