[Standards] IETF SASL WG meeting
Justin Karneges
justin-keyword-jabber.093179 at affinix.com
Mon Dec 10 12:20:20 CST 2007
On Monday 10 December 2007 8:18 am, Dave Cridland wrote:
> On Fri Dec 7 00:36:04 2007, Peter Saint-Andre wrote:
> > Any chance that someone will write up the results of that exchange
> > into
> > more readable text? Perhaps rfc5056bis is already on the way? ;-)
>
> Maybe http://blog.dave.cridland.net/?p=43 might help. Or maybe it
> won't.
Still doesn't help. :)
I don't understand this talk about the SASL negotiation being attacked by a
MITM when it is taking place over TLS. There is brief mention of Bob
possibly not having a certificate or Alice not trusting Bob's CA. Does this
mean the channel binding problem only affects anonymous/unauthenticated TLS?
-Justin
More information about the Standards
mailing list