idnits 2.17.1 draft-ietf-xmpp-dna-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 4 instances of lines with non-RFC2606-compliant FQDNs in the document. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 20, 2013) is 3833 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-14) exists of draft-ietf-dane-srv-02 == Outdated reference: A later version (-03) exists of draft-miller-posh-02 ** Downref: Normative reference to an Informational RFC: RFC 4949 ** Obsolete normative reference: RFC 5785 (Obsoleted by RFC 8615) ** Obsolete normative reference: RFC 6125 (Obsoleted by RFC 9525) -- Possible downref: Non-RFC (?) normative reference: ref. 'XEP-0220' -- Obsolete informational reference (is this intentional?): RFC 3920 (Obsoleted by RFC 6120) Summary: 3 errors (**), 0 flaws (~~), 4 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group P. Saint-Andre 3 Internet-Draft M. Miller 4 Intended status: Standards Track Cisco Systems, Inc. 5 Expires: April 23, 2014 October 20, 2013 7 Domain Name Associations (DNA) in the Extensible Messaging and Presence 8 Protocol (XMPP) 9 draft-ietf-xmpp-dna-04 11 Abstract 13 This document improves the security of the Extensible Messaging and 14 Presence Protocol (XMPP) in two ways. First, it specifies how 15 "prooftypes" can establish a strong association between a domain name 16 and an XML stream. Second, it describes how to securely delegate a 17 source domain to a derived domain, which is especially important in 18 virtual hosting environments. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on April 23, 2014. 37 Copyright Notice 39 Copyright (c) 2013 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 56 3. Flow Chart . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 4. A Simple Scenario . . . . . . . . . . . . . . . . . . . . . . 6 58 5. One-Way Authentication . . . . . . . . . . . . . . . . . . . 7 59 6. Piggybacking . . . . . . . . . . . . . . . . . . . . . . . . 8 60 6.1. Assertion . . . . . . . . . . . . . . . . . . . . . . . . 8 61 6.2. Supposition . . . . . . . . . . . . . . . . . . . . . . . 9 62 7. Alternative Prooftypes . . . . . . . . . . . . . . . . . . . 11 63 7.1. DANE . . . . . . . . . . . . . . . . . . . . . . . . . . 11 64 7.2. POSH . . . . . . . . . . . . . . . . . . . . . . . . . . 12 65 8. Secure Delegation and Multi-Tenancy . . . . . . . . . . . . . 12 66 9. Prooftype Model . . . . . . . . . . . . . . . . . . . . . . . 13 67 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 68 10.1. Well-Known URI for xmpp-client Service . . . . . . . . . 13 69 10.2. Well-Known URI for xmpp-server Service . . . . . . . . . 14 70 11. Security Considerations . . . . . . . . . . . . . . . . . . . 14 71 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 14 72 12.1. Normative References . . . . . . . . . . . . . . . . . . 14 73 12.2. Informative References . . . . . . . . . . . . . . . . . 15 74 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16 76 1. Introduction 78 The need to establish a strong association between a domain name and 79 an XML stream arises in both client-to-server and server-to-server 80 communication using the Extensible Messaging and Presence Protocol 81 (XMPP) [RFC6120]. Because XMPP servers are typically identified by 82 DNS domain names, a client or peer server needs to verify the 83 identity of a server to which it connects. 85 To date, such verification has been established based on information 86 obtained from the Domain Name System (DNS), the Public Key 87 Infrastructure (PKI), or similar sources. In relation to such 88 associations, this document does the following: 90 1. Generalizes the model currently in use so that additional 91 prooftypes can be defined 93 2. Provides a basis for modernizing some prooftypes to reflect 94 progress in underlying technologies such as DNS Security 95 [RFC4033] 97 3. Describes the flow of operations for establishing a domain name 98 association (DNA) 100 This document also provides guidelines for secure delegation. The 101 need for secure delegation arises because the process for resolving 102 the domain name of an XMPP service into the IP address at which an 103 XML stream will be negotiated (defined in [RFC6120]) can involve 104 delegation of a source domain (say, example.com) to a derived domain 105 (say, hosting.example.net) using technologies such as DNS SRV records 106 [RFC2782]. If such delegation is not done in a secure manner, then 107 the domain name association cannot be authenticated. 109 2. Terminology 111 This document inherits XMPP terminology from [RFC6120] and 112 [XEP-0220], DNS terminology from [RFC1034], [RFC1035], [RFC2782] and 113 [RFC4033], and security terminology from [RFC4949] and [RFC5280]. 114 The terms "source domain", "derived domain", "reference identity", 115 and "presented identity" are used as defined in the "CertID" 116 specification [RFC6125]. The terms "permissive federation", 117 "verified federation", and "encrypted federation" are derived from 118 [XEP-0238], although we substitute the term "authenticated 119 federation" for the term "trusted federation" from that document. 121 3. Flow Chart 123 The following flow chart illustrates the protocol flow for 124 establishing domain name associations between Server 1 and Server 2, 125 as described in the remaining sections of this document. 127 | 128 | 129 (Section 4: A Simple Scenario) 130 | 131 | 132 DNS RESOLUTION ETC. 133 | 134 +-------------STREAM HEADERS--------------------+ 135 | | 136 | A: | 137 | | 138 | B: | 139 | | 140 +-----------------------------------------------+ 141 | 142 +-------------TLS NEGOTIATION-------------------+ 143 | | 144 | B: Server Certificate | 145 | [B: Certificate Request] | 146 | [A: Client Certificate] | 147 | | 148 +-----------------------------------------------+ 149 | 150 (A establishes DNA for b.example!) 151 | 152 +-------------AUTHENTICATION--------------------+ 153 | | | 154 | {client certificate?} ----+ | 155 | | | | 156 | | yes no | | 157 | v | | 158 | SASL EXTERNAL | | 159 | (mutual auth!) | | 160 +------------------------------------|----------+ 161 | 162 +----------------+ 163 | B needs to auth A 164 | 165 (Section 5: One-Way Authentication) 166 | 167 | 168 DNS RESOLUTION ETC. 169 | 170 +-------------STREAM HEADERS--------------------+ 171 | | 172 | B: | 173 | | 174 | A: | 175 | | 176 +-----------------------------------------------+ 177 | 178 +-------------TLS NEGOTIATION-------------------+ 179 | | 180 | A: Server Certificate | 181 | | 182 +-----------------------------------------------+ 183 | 184 (B establishes DNA for a.example!) 185 | 186 | 187 (Section 6.1: Piggybacking Assertion) 188 | 189 | 190 +----------DIALBACK IDENTITY ASSERTION----------+ 191 | | 192 | B: | 194 | | 195 +-----------------------------------------------+ 196 | 197 +-----------DNA DANCE AS ABOVE------------------+ 198 | | 199 | DNS RESOLUTION, STREAM HEADERS, | 200 | TLS NEGOTIATION, AUTHENTICATION | 201 | | 202 +-----------------------------------------------+ 203 | 204 +----------DIALBACK IDENTITY VERIFICATION-------+ 205 | | 206 | A: | 209 | | 210 +-----------------------------------------------+ 211 | 212 | 213 (Section 6.2: Piggybacking Supposition) 214 | 215 | 216 +-----------SUBSEQUENT CONNECTION---------------+ 217 | | 218 | B: | 220 | | 221 | A: | 223 | | 224 +-----------------------------------------------+ 225 | 226 +-----------DNA DANCE AS ABOVE------------------+ 227 | | 228 | DNS RESOLUTION, STREAM HEADERS, | 229 | TLS NEGOTIATION, AUTHENTICATION | 230 | | 231 +-----------------------------------------------+ 232 | 233 +-----------DIALBACK OPTIMIZATION---------------+ 234 | | 235 | B: | 237 | | 238 | B: | 241 | | 242 +-----------------------------------------------+ 244 4. A Simple Scenario 246 To illustrate the problem, consider the simplified order of events 247 (see [RFC6120] for details) in establishing an XML stream between 248 Server 1 (a.example) and Server 2 (b.example): 250 1. Server 1 resolves the DNS domain name b.example. 252 2. Server 1 opens a TCP connection to the resolved IP address. 254 3. Server 1 sends an initial stream header to Server 2, asserting 255 that it is a.example: 257 259 4. Server 2 sends a response stream header to Server 1, asserting 260 that it is b.example: 262 264 5. The servers attempt TLS negotiation, during which Server 2 265 (acting as a TLS server) presents a PKIX certificate proving that 266 it is b.example and Server 1 (acting as a TLS client) presents a 267 PKIX certificate proving that it is a.example. 269 6. Server 1 checks the PKIX certificate that Server 2 provided and 270 Server 2 checks the PKIX certificate that Server 1 provided; if 271 these proofs are consistent with the XMPP profile of the matching 272 rules from [RFC6125], each server accepts that there is a strong 273 domain name association between its stream to the other party and 274 the DNS domain name of the other party. 276 Several simplifying assumptions underlie the happy scenario just 277 outlined: 279 o Server 1 presents a PKIX certificate during TLS negotiation, which 280 enables the parties to complete mutual authentication. 282 o There are no additional domains associated with Server 1 and 283 Server 2 (say, a subdomain rooms.a.example on Server 1 or a second 284 domain c.example on Server 2). 286 o The server administrators are able to obtain PKIX certificates in 287 the first place. 289 o The server administrators are running their own XMPP servers, 290 rather than using hosting services. 292 Let's consider each of these "wrinkles" in turn. 294 5. One-Way Authentication 296 If Server 1 does not present its PKIX certificate during TLS 297 negotiation (perhaps because it wishes to verify the identity of 298 Server 2 before presenting its own credentials), Server 2 is unable 299 to mutually authenticate Server 1. Therefore, Server 2 needs to 300 negotiate and authenticate a stream to Server 1, just as Server 1 has 301 done: 303 1. Server 2 resolves the DNS domain name a.example. 305 2. Server 2 opens a TCP connection to the resolved IP address. 307 3. Server 2 sends an initial stream header to Server 1, asserting 308 that it is b.example: 310 312 4. Server 1 sends a response stream header to Server 2, asserting 313 that it is a.example: 315 317 5. The servers attempt TLS negotiation, during which Server 1 318 (acting as a TLS server) presents a PKIX certificate proving that 319 it is a.example. 321 6. Server 2 checks the PKIX certificate that Server 1 provided; if 322 it is consistent with the XMPP profile [RFC6120] of the matching 323 rules from [RFC6125], Server 2 accepts that there is a strong 324 domain name association between its stream to Server 1 and the 325 DNS domain name a.example. 327 At this point the servers are using two TCP connections instead of 328 one, which is somewhat wasteful. However, there are ways to tie the 329 authentication achieved on the second TCP connection to the first TCP 330 connection; see [XEP-0288] for further discussion. 332 6. Piggybacking 334 6.1. Assertion 336 Consider the common scenario in which Server 2 hosts not only 337 b.example but also a second domain c.example (a "multi-tenanted" 338 environment). If a user of Server 2 associated with c.example wishes 339 to communicate with a friend at a.example, Server 2 needs to send 340 XMPP stanzas from the domain c.example rather than b.example. 341 Although Server 2 could open an new TCP connection and negotiate new 342 XML streams for the domain pair of c.example and a.example, that too 343 is wasteful. Server 2 already has a connection to a.example, so how 344 can it assert that it would like to add a new domain pair to the 345 existing connection? 347 The traditional method for doing so is the Server Dialback protocol, 348 first specified in [RFC3920] and since moved to [XEP-0220]. Here, 349 Server 2 can send a element for the new domain pair over 350 the existing stream. 352 353 some-dialback-key 354 356 This element functions as Server 2's assertion that it is (also) 357 c.example, and thus is functionally equivalent to the 'from' address 358 of an initial stream header as previously described. 360 In response to this assertion, Server 1 needs to obtain some kind of 361 proof that Server 2 really is also c.example. It can do the same 362 thing that it did before: 364 1. Server 1 resolves the DNS domain name c.example. 366 2. Server 1 opens a TCP connection to the resolved IP address (which 367 might be the same IP address as for b.example). 369 3. Server 1 sends an initial stream header to Server 2, asserting 370 that it is a.example: 372 374 4. Server 2 sends a response stream header to Server 1, asserting 375 that it is c.example: 377 379 5. The servers attempt TLS negotiation, during which Server 2 380 (acting as a TLS server) presents a PKIX certificate proving that 381 it is c.example. 383 6. Server 1 checks the PKIX certificate that Server 2 provided; if 384 it is consistent with the XMPP profile [RFC6120] of the matching 385 rules from [RFC6125], Server 1 accepts that there is a strong 386 domain name association between its stream to Server 2 and the 387 DNS domain name c.example. 389 Now that Server 1 accepts the domain name association, it informs 390 Server 2 of that fact: 392 394 The parties can then terminate the second connection, since it was 395 used only for Server 1 to associate a stream over the same IP:port 396 combination with the domain name c.example (the dialback key links 397 the original stream to the new association). 399 6.2. Supposition 401 Piggybacking can also occur in the other direction. Consider the 402 common scenario in which Server 1 provides XMPP services not only for 403 a.example but also for a subdomain such as a groupchat service at 404 rooms.a.example (see [XEP-0045]). If a user from c.example at Server 405 2 wishes to join a room on the groupchat sevice, Server 2 needs to 406 send XMPP stanzas from the domain c.example to the domain 407 rooms.a.example rather than a.example. Therefore, Server 2 needs to 408 negotiate and authenticate a stream to rooms.a.example: 410 1. Server 2 resolves the DNS domain name rooms.a.example. 412 2. Server 2 opens a TCP connection to the resolved IP address. 414 3. Server 2 sends an initial stream header to Server 1 acting as 415 rooms.a.example, asserting that it is b.example: 417 419 4. Server 1 sends a response stream header to Server 2, asserting 420 that it is rooms.a.example: 422 424 5. The servers attempt TLS negotiation, during which Server 1 425 (acting as a TLS server) presents a PKIX certificate proving that 426 it is rooms.a.example. 428 6. Server 2 checks the PKIX certificate that Server 1 provided; if 429 it is consistent with the XMPP profile [RFC6120] of the matching 430 rules from [RFC6125], Server 2 accepts that there is a strong 431 domain name association between its stream to Server 1 and the 432 DNS domain name rooms.a.example. 434 As before, the parties now have two TCP connections open. So that 435 they can close the now-redundant connection, Server 2 sends a 436 dialback key to Server 1 over the new connection. 438 439 some-dialback-key 440 442 Server 1 then informs Server 2 that it accepts the domain name 443 association: 445 447 Server 2 can now close the connection over which it tested the domain 448 name association for rooms.a.example. 450 7. Alternative Prooftypes 452 The foregoing protocol flows assumed that domain name associations 453 were proved using the standard PKI prooftype specified in [RFC6120]: 454 that is, the server's proof consists of a PKIX certificate that is 455 checked according to the XMPP profile [RFC6120] of the matching rules 456 from [RFC6125], the client's verification material is obtained out of 457 band in the form of a trusted root, and secure DNS is not necessary. 459 However, sometimes XMPP server administrators are unable or unwilling 460 to obtain valid PKIX certificates for their servers. As one example, 461 a certificate authority (CA) might try to send email messages to 462 authoritative mailbox names [RFC2142], but the administrator of a 463 subsidiary service such as im.cs.podunk.example can't receive email 464 sent to mailto:hostmaster@podunk.example. As another example, a 465 hosting provider such as hosting.example.net might not want to take 466 on the liability of holding the certificate and private key for a 467 tenant such as example.com (or the tenant might not want the hosting 468 provider to hold its certificate and private key). In these 469 circumstances, prooftypes other than PKIX are desirable. As 470 described below, two alternatives have been defined so far: DNS-Based 471 Authentication of Named Entities (DANE) and and PKIX Over Secure HTTP 472 (POSH). 474 7.1. DANE 476 In the DANE prooftype, the server's proof consists of a PKIX 477 certificate that is compared as an exact match or a hash of either 478 the SubjectPublicKeyInfo or the full certificate, and the client's 479 verification material is obtained via secure DNS. 481 The DANE prooftype makes use of the DNS-Based Authentication of Named 482 Entities [RFC6698], specifically the use of DANE with DNS SRV records 483 [I-D.ietf-dane-srv]. For XMPP purposes, the following rules apply: 485 o If there is no SRV resource record, pursue the fallback methods 486 described in [RFC6120]. 488 o Use the 'to' address of the initial stream header to determine the 489 domain name of the TLS client's reference identifier (since use of 490 the TLS Server Name Indication is purely discretionary in XMPP, as 491 mentioned in [RFC6120]). 493 7.2. POSH 495 In the POSH prooftype, the server's proof consists of a PKIX 496 certificate that is checked according to the rules from [RFC6120] and 497 [RFC6125], the client's verification material is obtained by 498 retrieving the PKIK certificate over HTTPS at a well-known URI 499 [RFC5785], and secure DNS is not necessary since the HTTPS retrieval 500 mechanism relies on the chain of trust from the public key 501 infrastructure. 503 POSH is defined in [I-D.miller-posh]. For XMPP purposes, the well- 504 known URIs [RFC5785] to be used are: 506 o "/.well-known/posh._xmpp-client._tcp.json" for client-to-server 507 connections 509 o "/.well-known/posh._xmpp-server._tcp.json" for server-to-server 510 connections 512 8. Secure Delegation and Multi-Tenancy 514 One common method for deploying XMPP services is multi-tenancy or 515 virtual hosting: e.g., the XMPP service for example.com is actually 516 hosted at hosting.example.net. Such an arrangement is relatively 517 convenient in XMPP given the use of DNS SRV records [RFC2782], such 518 as the following pointer from example.com to hosting.example.net: 520 _xmpp-server._tcp.example.com. 0 IN SRV 0 0 5269 hosting.example.net 522 Secure connections with multi-tenancy can work using the PKIX 523 prooftype on a small scale if the provider itself wishes to host 524 several domains (e.g., several related domains such as jabber- 525 de.example and jabber-ch.example). However, in practice the security 526 of multi-tenancy has been found to be unwieldy when the provider 527 hosts large numbers of XMPP services on behalf of multiple tenants. 528 Typically there are two main reasons for this state of affairs: the 529 service provider (say, hosting.example.net) wishes to limit its 530 liability and therefore does not wish to hold the certificate and 531 private key for the tenant (say, example.com) and the tenant wishes 532 to improve the security of the service and therefore does not wish to 533 share its certificate and private key with service provider. As a 534 result, server-to-server communications to example.com go unencrypted 535 or the communications are TLS-encrypted but the certificates are not 536 checked (which is functionally equivalent to a connection using an 537 anonymous key exchange). This is also true of client-to-server 538 communications, forcing end users to override certificate warnings or 539 configure their clients to accept certificates for 540 hosting.example.net instead of example.com. The fundamental problem 541 here is that if DNSSEC is not used then the act of delegation via DNS 542 SRV records is inherently insecure. 544 The specification for use of SRV and MX records with DANE 545 [I-D.ietf-dane-srv] explains how to use DNSSEC for secure delegation 546 with the DANE prooftype, and the POSH specification [I-D.miller-posh] 547 explains how to use HTTPS redirects for secure delegation with the 548 POSH prooftype. 550 9. Prooftype Model 552 In general, a domain name association (DNA) prooftype conforms to the 553 following definition: 555 prooftype: A mechanism for proving an association between a domain 556 name and an XML stream, where the mechanism defines (1) the nature 557 of the server's proof, (2) the matching rules for comparing the 558 client's verification material against the server's proof, (3) how 559 the client obtains its verification material, and (4) whether the 560 mechanism depends on secure DNS. 562 The PKI, DANE, and POSH prooftypes adhere to this model. In 563 addition, other prooftypes are possible (examples might include PGP 564 keys rather than PKIX certificates, or a token mechanism such as 565 Kerberos or OAuth). 567 Some prooftypes depend on (or are enhanced by) secure DNS and thus 568 also need to describe how they ensure secure delegation. 570 10. IANA Considerations 572 The POSH specification [I-D.miller-posh] provides guidelines for 573 registering the well-known URIs [RFC5785] of protocols that make use 574 of POSH. This specification registers two such URIs, for which the 575 completed registration templates follow. 577 10.1. Well-Known URI for xmpp-client Service 579 This specification registers the well-known URI "posh._xmpp- 580 client._tcp.json" in the Well-Known URI Registry as defined by 581 [RFC5785]. 583 URI suffix: posh._xmpp-client._tcp.json 585 Change controller: IETF 587 Specification document(s): [[ this document ]] 589 10.2. Well-Known URI for xmpp-server Service 591 This specification registers the well-known URI "posh._xmpp- 592 server._tcp.json" in the Well-Known URI Registry as defined by 593 [RFC5785]. 595 URI suffix: posh._xmpp-server._tcp.json 597 Change controller: IETF 599 Specification document(s): [[ this document ]] 601 11. Security Considerations 603 This document supplements but does not supersede the security 604 considerations of [RFC6120] and [RFC6125]. Relevant security 605 considerations can also be found in [I-D.ietf-dane-srv] and 606 [I-D.miller-posh]. 608 12. References 610 12.1. Normative References 612 [I-D.ietf-dane-srv] 613 Finch, T., "Using DNS-Based Authentication of Named 614 Entities (DANE) TLSA records with SRV and MX records.", 615 draft-ietf-dane-srv-02 (work in progress), February 2013. 617 [I-D.miller-posh] 618 Miller, M. and P. Saint-Andre, "PKIX over Secure HTTP 619 (POSH)", draft-miller-posh-02 (work in progress), 620 September 2013. 622 [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", 623 STD 13, RFC 1034, November 1987. 625 [RFC1035] Mockapetris, P., "Domain names - implementation and 626 specification", STD 13, RFC 1035, November 1987. 628 [RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for 629 specifying the location of services (DNS SRV)", RFC 2782, 630 February 2000. 632 [RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and S. 633 Rose, "DNS Security Introduction and Requirements", RFC 634 4033, May 2005. 636 [RFC4949] Shirey, R., "Internet Security Glossary, Version 2", RFC 637 4949, August 2007. 639 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 640 Housley, R., and W. Polk, "Internet X.509 Public Key 641 Infrastructure Certificate and Certificate Revocation List 642 (CRL) Profile", RFC 5280, May 2008. 644 [RFC5785] Nottingham, M. and E. Hammer-Lahav, "Defining Well-Known 645 Uniform Resource Identifiers (URIs)", RFC 5785, April 646 2010. 648 [RFC6120] Saint-Andre, P., "Extensible Messaging and Presence 649 Protocol (XMPP): Core", RFC 6120, March 2011. 651 [RFC6125] Saint-Andre, P. and J. Hodges, "Representation and 652 Verification of Domain-Based Application Service Identity 653 within Internet Public Key Infrastructure Using X.509 654 (PKIX) Certificates in the Context of Transport Layer 655 Security (TLS)", RFC 6125, March 2011. 657 [RFC6698] Hoffman, P. and J. Schlyter, "The DNS-Based Authentication 658 of Named Entities (DANE) Transport Layer Security (TLS) 659 Protocol: TLSA", RFC 6698, August 2012. 661 [XEP-0220] 662 Miller, J., Saint-Andre, P., and P. Hancke, "Server 663 Dialback", XSF XEP 0220, September 2013. 665 12.2. Informative References 667 [RFC2142] Crocker, D., "MAILBOX NAMES FOR COMMON SERVICES, ROLES AND 668 FUNCTIONS", RFC 2142, May 1997. 670 [RFC3920] Saint-Andre, P., Ed., "Extensible Messaging and Presence 671 Protocol (XMPP): Core", RFC 3920, October 2004. 673 [XEP-0045] 674 Saint-Andre, P., "Multi-User Chat", XSF XEP 0045, February 675 2012. 677 [XEP-0238] 678 Saint-Andre, P., "XMPP Protocol Flows for Inter-Domain 679 Federation", XSF XEP 0238, March 2008. 681 [XEP-0288] 682 Hancke, P. and D. Cridland, "Bidirectional Server-to- 683 Server Connections", XSF XEP 0288, September 2013. 685 Authors' Addresses 687 Peter Saint-Andre 688 Cisco Systems, Inc. 689 1899 Wynkoop Street, Suite 600 690 Denver, CO 80202 691 USA 693 Email: psaintan@cisco.com 695 Matthew Miller 696 Cisco Systems, Inc. 697 1899 Wynkoop Street, Suite 600 698 Denver, CO 80202 699 USA 701 Email: mamille2@cisco.com