On Wed, Oct 9, 2019 at 10:11 PM, JC Brand <li...@opkode.com> wrote:
"Restoring" a session means simply making a new request within the
timeout
period. Whether the browser tab has been reloaded in the meantime is
irrelevant.
I still doubt this is anyhow more secure than session resumption in
XEP-0198 (which btw requires real re-authentication).
_______________________________________________
Standards mailing list
Info: https://mail.jabber.org/mailman/listinfo/standards
Unsubscribe: standards-unsubscr...@xmpp.org
_______________________________________________
