Hi I think it is time to require that the 'tls-exporter' channel binding is supported for compliant implementations. Yes, some may not be able to do it, but that is the true for all tightening of security bolts, and over time the software that can't follow security processes will gradually fade away...
/Simon Daniel Gultsch <[email protected]> writes: > This message constitutes notice of a Last Call for comments on > XEP-0440. > > Title: SASL Channel-Binding Type Capability > Abstract: > This specification allows servers to annouce their supported SASL > channel-binding types to clients. > > URL: https://xmpp.org/extensions/xep-0440.html > > This Last Call begins today and shall end at the close of business on > 2025-10-28. > > Please consider the following questions during this Last Call and send > your feedback to the [email protected] discussion list: > > 1. Is this specification needed to fill gaps in the XMPP protocol > stack or to clarify an existing protocol? > > 2. Does the specification solve the problem stated in the introduction > and requirements? > > 3. Do you plan to implement this specification in your code? If not, > why not? > > 4. Do you have any security concerns related to this specification? > > 5. Is the specification accurate and clearly written? > > Your feedback is appreciated! > _______________________________________________ > Standards mailing list -- [email protected] > To unsubscribe send an email to [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Standards mailing list -- [email protected] To unsubscribe send an email to [email protected]
