[Council] XEP-0185 feedback
Peter Saint-Andre
stpeter at jabber.org
Thu Feb 1 12:03:09 CST 2007
Peter Saint-Andre wrote:
> Ian Paterson wrote:
>> Hi,
>>
>> Overall I'm +1 on XEP-0185.
>>
>> Should there be spaces between the concatenated strings in the example
>> in Section 4?
>
> Yes I will clean up those examples.
>
>> Why is SHA1 being used in Section 4 instead of HMAC-SHA256?
>
> Laziness.
Laziness on my part, let me add.
>> Perhaps I've not understood, but I don't find section 4.1 very
>> convincing. Am I supposed to? I guess it doesn't matter, including the
>> Originating Server can't hurt, and with security it's always better to
>> be conservative.
>
> All of Section 4 is purely informational. That said, I think 4.1 could
> be improved to describe why it might not be good for the originating
> server to reveal that it uses the same secret for two virtual domains.
I chatted with Philipp Hancke (the spec author) and we think it's
probably best to simply remove Section 4 of XEP-0185. Objections?
Peter
--
Peter Saint-Andre
XMPP Standards Foundation
http://www.xmpp.org/xsf/people/stpeter.shtml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/council/attachments/20070201/62e8b659/smime.bin
More information about the Council
mailing list