On 9/22/17 8:14 AM, Guus der Kinderen wrote: > > > On 22 September 2017 at 15:58, Peter Saint-Andre <stpe...@stpeter.im > <mailto:stpe...@stpeter.im>> wrote: > > On 9/22/17 5:50 AM, Guus der Kinderen wrote: > > I suggest to improve the wording of this XEP by replacing the command > > name "STARTTLS" with the technique name "Opportunistic TLS". > > "Opportunistic Security" usually means encryption without > authentication: > > https://tools.ietf.org/html/rfc7435 > <https://tools.ietf.org/html/rfc7435> > > > To me, that wouldn't be a problem. "Security" is rather generic, > distinct from the very specific "TLS".
Section 4 of that RFC is entitled "Example: Opportunistic TLS in SMTP". https://tools.ietf.org/html/rfc7435#section-4 > I've also seen "Opportunistic Encryption" being used, described as > "Opportunistic encryption (OE) refers to any system that, when > connecting to another system, attempts to encrypt the communications > channel, otherwise falling back to unencrypted communications." > > I still favor "Opportunistic TLS" over "STARTTLS" in this text - but > adding a clear description to the glossary would be good. IMHO it's not smart for us to redefine a term that is well-understood elsewhere. Peter
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
