I haven't seen notice of the ALPACA attack on this list, but it might be of interest to those running XMPP services and non-XMPP services (e.g., HTTP or IMAP) on the same machine:
https://alpaca-attack.com/ We've added some text about this to the forthcoming revision of RFC 7525 (on which the XMPP recommendations for TLS, i.e., RFC 7590, depend): https://datatracker.ietf.org/doc/html/draft-ietf-uta-rfc7525bis-01#section-3.8 Peter _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: standards-unsubscr...@xmpp.org _______________________________________________
