8 May
2024
8 May
'24
2:56 p.m.
On 08/05/2024 16.42, Florian Schmaus wrote:
On 08/05/2024 12.41, Marvin W wrote:> To address
your concerns I'd
suggest the following changes to 0440:
And now I also have the link to the thread with the motivation that
there should be at least one common cb type:
https://web.archive.org/web/20221129011623/https://mail.jabber.org/pipermai…
(Thanks to travis for pointing out that the old ML archives are still
available via archive.org)
Note that a probably relevant remark from Dave is that
mandatory-to-implement does not automatically imply mandatory-to-deploy. :)
- Flow
- Reduce tls-server-end-point to SHOULD for
servers and MAY for
clients, specifically mention that this is only for better
compatibility.
I'd like to note that we previously explicitly decided[1] that requiring
a common channel-binding type would increase security. And that type had
to be tls-server-end-point, as it is generally available. That is why
the XEP currently says that servers MUST support tls-server-end-point.