On 09/22/2017 08:39 AM, Dave Cridland wrote: > a) I query whether ALPN needs to be SHOULD rather than MAY, > particularly for S2S cases.
That very well could be. I'll give you the background, and the exact wording can be discussed. ALPN is only required for easy multiplexing multiple services on a single TLS port. On the server, it has the upside of being simple, a standard, and easy to do. On the client, it has the downside of announcing to the network that you will be talking xmpp in this TLS stream. (same as STARTTLS today) So once firewalls start looking at and blocking connections based on ALPN, clients need the option to try again without ALPN (or even to try first without ALPN). So MAY might be a better fit? I just don't want to make it MUST. Thanks, Travis _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________