[Standards] [Fwd: I-D Action:draft-melnikov-digest-to-historic-00.txt]

Peter Saint-Andre stpeter at stpeter.im
Mon Sep 17 19:11:01 UTC 2007


Ian Paterson wrote:
> Are XMPP implementors
> experiencing interoperability issues with DIGEST-MD5? If so can't we fix
> them with a Best Practices XEP - as we did with SASL ANONYMOUS and SASL
> EXTERNAL? Which of the 7 problems with DIGEST-MD5 mentioned in [1] make
> DIGEST-MD5 less secure for XMPP authentication than SASL PLAIN?

+1 to a Best Practices XEP. If we can more tightly describe the XMPP
usage of DIGEST-MD5, then we can have consistent interoperability on our
network. At that point we won't need to worry so much about DIGEST-MD5
in general.

/psa

> [1]
> http://www.ietf.org/internet-drafts/draft-melnikov-digest-to-historic-00.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7338 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20070917/e3dc394d/attachment.bin>


More information about the Standards mailing list