On Sun, Jun 30, 2019 at 04:55:47PM +0000, Sam Whited wrote: > On Sun, Jun 30, 2019, at 16:32, Ralph Meijer wrote: > > Do you know which server implementations currently support both TLS > > and non-TLS (with STARTLS) on the same port? > > I'm sure if any of them do, but the fallback would still be useful in > case the service is only configured to support direct TLS on the > regular port.
Please don't. While detecting use of TLS or plain is fairly simple it is more complicated to handle both on the same port. I don't know any socket handling framework that makes this easy. Usually the TLS library takes over the socket and if you inspected the first bytes then it fails. Trying direct TLS on a starttls port will usually result in garbage being fed to the XML parser, which leads to very loud error messages, possibly even including thing garbage. I's annoying enough when some clients do this, don't legitimize it. -- Regards, Kim "Zash" Alvefur
signature.asc
Description: PGP signature
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________