20 Oct
2025
20 Oct
'25
3:58 p.m.
On Mon, 20 Oct 2025 at 14:55, Peter Saint-Andre <stpeter(a)stpeter.im> wrote:
On 10/20/25 4:46 AM, Dave Cridland wrote:
I'll take "RFCs I have forgotten about" for 400, Peter.
But yes, that one, but with SASL and Channel Bindings and such things.
Dave.
At minimum, I think a document, somewhere, should
provide advice on what
security stuff to implement and why in 2025, and include the MTIs for
such things, and be kept current.
It sounds like we need a replacement for RFC 7590, which was published
in June 2015. The IETF's UTA WG is still operational, so the work could
happen there; alternatively, we could publish a XEP (easier to update),
although we might want to coordinate with the UTA WG chairs to at least
inform them of the effort at the XSF.