On 1/3/22 14:17, Roger Price wrote:> I have received a comment from a embedded Windows XP user, concerned
> at being forced to use TLS encrypted communication by low budget "RFC
> conforming" UPS units which do not allow unencrypted communication.
I guess you meant _encrypted communication_ here>
> Section 4.2.12 STARTTLS says ? The client tells the Attachment Daemon
> (2.1) to switch to TLS encrypted communication ? but does not
> explicitly say that if the command STARTTLS is not sent, the
> Attachment and Management Daemons do not switch to encrypted
> communication
>
>
https://www.ietf.org/archive/id/draft-rprice-ups-management-protocol-05.html#name-starttls
>
>
> I propose adding the following sentence to section 4.2.12:
>
> ?If the client does not send command STARTTLS to the Attachment Daemon
> ?communication continues unencrypted.
Sounds like a sane decision. Most [ low end ] UPSes do not know anything
about encryption. What we can do is to recommend communication between
upsd and ups-monitor to be encrypted.