On 10/20/25 4:46 AM, Dave Cridland wrote:
> At minimum, I think a document, somewhere, should provide advice on what
> security stuff to implement and why in 2025, and include the MTIs for
> such things, and be kept current.
It sounds like we need a replacement for RFC 7590, which was published
in June 2015. The IETF's UTA WG is still operational, so the work could
happen there; alternatively, we could publish a XEP (easier to update),
although we might want to coordinate with the UTA WG chairs to at least
inform them of the effort at the XSF.
I'll take "RFCs I have forgotten about" for 400, Peter.
But yes, that one, but with SASL and Channel Bindings and such things.
Dave.