[Council] XEP-0185 feedback

Peter Saint-Andre stpeter at jabber.org
Thu Feb 1 10:51:53 CST 2007

Ian Paterson wrote:
> Hi,
> Overall I'm +1 on XEP-0185.
> Should there be spaces between the concatenated strings in the example 
> in Section 4?

Yes I will clean up those examples.

> Why is SHA1 being used in Section 4 instead of HMAC-SHA256?


> Perhaps I've not understood, but I don't find section 4.1 very 
> convincing. Am I supposed to? I guess it doesn't matter, including the 
> Originating Server can't hurt, and with security it's always better to 
> be conservative.

All of Section 4 is purely informational. That said, I think 4.1 could 
be improved to describe why it might not be good for the originating 
server to reveal that it uses the same secret for two virtual domains.


Peter Saint-Andre
XMPP Standards Foundation

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/council/attachments/20070201/8db22929/smime-0001.bin

More information about the Council mailing list