14 Oct
2025
14 Oct
'25
1:50 a.m.
Hi
I think it is time to require that the 'tls-exporter' channel binding is
supported for compliant implementations. Yes, some may not be able to
do it, but that is the true for all tightening of security bolts, and
over time the software that can't follow security processes will
gradually fade away...
/Simon
Daniel Gultsch <daniel(a)gultsch.de> writes:
This message constitutes notice of a Last Call for
comments on
XEP-0440.
Title: SASL Channel-Binding Type Capability
Abstract:
This specification allows servers to annouce their supported SASL
channel-binding types to clients.
URL: https://xmpp.org/extensions/xep-0440.html
This Last Call begins today and shall end at the close of business on
2025-10-28.
Please consider the following questions during this Last Call and send
your feedback to the standards(a)xmpp.org discussion list:
1. Is this specification needed to fill gaps in the XMPP protocol
stack or to clarify an existing protocol?
2. Does the specification solve the problem stated in the introduction
and requirements?
3. Do you plan to implement this specification in your code? If not,
why not?
4. Do you have any security concerns related to this specification?
5. Is the specification accurate and clearly written?
Your feedback is appreciated!
_______________________________________________
Standards mailing list -- standards(a)xmpp.org
To unsubscribe send an email to standards-leave(a)xmpp.org