[Council] XEP-0185 feedback
stpeter at jabber.org
Thu Feb 1 12:03:09 CST 2007
Peter Saint-Andre wrote:
> Ian Paterson wrote:
>> Overall I'm +1 on XEP-0185.
>> Should there be spaces between the concatenated strings in the example
>> in Section 4?
> Yes I will clean up those examples.
>> Why is SHA1 being used in Section 4 instead of HMAC-SHA256?
Laziness on my part, let me add.
>> Perhaps I've not understood, but I don't find section 4.1 very
>> convincing. Am I supposed to? I guess it doesn't matter, including the
>> Originating Server can't hurt, and with security it's always better to
>> be conservative.
> All of Section 4 is purely informational. That said, I think 4.1 could
> be improved to describe why it might not be good for the originating
> server to reveal that it uses the same secret for two virtual domains.
I chatted with Philipp Hancke (the spec author) and we think it's
probably best to simply remove Section 4 of XEP-0185. Objections?
XMPP Standards Foundation
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mail.jabber.org/pipermail/council/attachments/20070201/62e8b659/smime.bin
More information about the Council