Uploaded image for project: 'OASIS Message Queuing Telemetry Transport (MQTT) TC'
  1. OASIS Message Queuing Telemetry Transport (MQTT) TC
  2. MQTT-532

update Chapter 5 intro re. non-normative

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 5, wd18
    • Fix Version/s: 5, wd20
    • Component/s: edits
    • Labels:
    • Proposal:
      Hide

      Update introduction subsection 5.1 as follows to replace 3510-3515 (paras 1,2 and 5):
      >>>
      5.1 Introduction

      MQTT is a transport protocol specification for message transmission, allowing implementers a choice of network, privacy, authentication and authorisation technologies. Since the exact security technologies chosen will be context specific, it is the implementer's responsibility to include the appropriate features as part of their design.

      Implementations will need to keep pace with an evolving security landscape.

      This Chapter provides general implementation guidance so as not to restrict choices available and is therefore Non Normative. This should not detract from its importance.

      It is strongly recommended that Server implementations that offer TLS [RFC5246] should use TCP port 8883 (IANA service name: secure-mqtt).
      <<<
      rejoin at existing para 3 "There are a number ..."

      Show
      Update introduction subsection 5.1 as follows to replace 3510-3515 (paras 1,2 and 5): >>> 5.1 Introduction MQTT is a transport protocol specification for message transmission, allowing implementers a choice of network, privacy, authentication and authorisation technologies. Since the exact security technologies chosen will be context specific, it is the implementer's responsibility to include the appropriate features as part of their design. Implementations will need to keep pace with an evolving security landscape. This Chapter provides general implementation guidance so as not to restrict choices available and is therefore Non Normative. This should not detract from its importance. It is strongly recommended that Server implementations that offer TLS [RFC5246] should use TCP port 8883 (IANA service name: secure-mqtt). <<< rejoin at existing para 3 "There are a number ..."

      Description

      Section 5 heading reads:

      5 Security (non-normative)
      5.1 Introduction
      It is strongly recommended that Server implementations that offer TLS [RFC5246] should use TCP port 8883 (IANA service name: secure-mqtt).

      For 3.1.1 we say:

      5 Security
      5.1 Introduction
      This Chapter is provided for guidance only and is Non Normative. However, it is strongly recommended that Server implementations that offer TLS [RFC5246] SHOULD use TCP port 8883 (IANA service name: secure-mqtt).

      While it's true that the section is provided as implementer guidance only, the intent of the 3.1.1 wording to make a strong recommendation for using TLS on 8883. It's primarily a cosmetic change, but reverting to the 3.1.1 style makes it consistent

        Attachments

          Activity

            People

            • Assignee:
              andrew_banks Andrew Banks (Inactive)
              Reporter:
              coppen Richard Coppen
            • Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: