[gnutls-devel] gnutls-cli vs service name

Nikos Mavrogiannopoulos nmav at gnutls.org
Mon May 8 06:55:48 CEST 2017

On Sun, 2017-05-07 at 11:05 -0400, James Cloos wrote:
> > > > > > "NM" == Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:
> JC>> I tried to use gnutls-cli to test out my xmpp server, but was
> unable to
> JC>> do so because the --starttls-proto=xmpp support uses the server
> name in
> JC>> the jabber:client bit of xml rather than a service name.
> JC>> And the server vs service issue is more generic.  All of the SRV
> protos
> JC>> of course require supplying both service and server, but even
> https can
> JC>> need both, such as when testing a new server before switching
> the A RRs.
> JC>> How do you feel about a --service-name option?  Or maybe just --
> service?
> NM> Would that be useful on any other option than xmpp? If it is only
> NM> related with xmpp, would the option of using
> NM> --starttls-proto=xmpp:service work?
> I see startls support for sip is missing (as are postgres and
> rfc2817),
> so for now xmpp is the only SRV protocol.  But as I (and a followup)
> mentioned, there are times when one needs to pass a different name
> for
> tls than one needs for dns.
> For xmpp, --starttls-proto=xmpp:service is enough.
> But a more general option remains welcome.

I do not see much connection between SNI and SRV. How do you see the
general option? Would you like to propose one via a merge request?


More information about the Gnutls-devel mailing list