On Jan 25, 2013, at 7:08 AM, Winfried Tilanus <winfr...@tilanus.com> wrote:
> Hi, > > And now we are talking about XEP-0198, I think the security > considerations should take some more situations in account for the > session hijacking protection. When properly and securely authenticated, > the authentication is enough protection against sesion hijacking. But > when using SASL-Anonymous, the session id MUST be unpredictable AND the > session MUST be encrypted, otherwise the session can be hijacked. Think > it would be better to add that to the spec. > Those are good points, although transport encryption is only as trusted as the certificate in use (think of all the times we have clicked "I understand the risks"...). I think it should also be valid for the server to prohibit stream management resumption if using SASL ANONYMOUS. - m&m Matthew A. Miller < http://goo.gl/LK55L >
smime.p7s
Description: S/MIME cryptographic signature