[Council] XEP-0185 feedback
stpeter at jabber.org
Thu Feb 1 10:51:53 CST 2007
Ian Paterson wrote:
> Overall I'm +1 on XEP-0185.
> Should there be spaces between the concatenated strings in the example
> in Section 4?
Yes I will clean up those examples.
> Why is SHA1 being used in Section 4 instead of HMAC-SHA256?
> Perhaps I've not understood, but I don't find section 4.1 very
> convincing. Am I supposed to? I guess it doesn't matter, including the
> Originating Server can't hurt, and with security it's always better to
> be conservative.
All of Section 4 is purely informational. That said, I think 4.1 could
be improved to describe why it might not be good for the originating
server to reveal that it uses the same secret for two virtual domains.
XMPP Standards Foundation
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/council/attachments/20070201/8db22929/smime-0001.bin
More information about the Council