[Standards] LAST CALL: XEP-0233 (XMPP Server Registration for use with Kerberos V5)
zash at zash.se
Fri Feb 24 15:43:28 UTC 2017
On Wed, Feb 08, 2017 at 10:50:03PM +0000, XMPP Extensions Editor wrote:
> This message constitutes notice of a Last Call for comments on
> XEP-0233 (XMPP Server Registration for use with Kerberos V5).
> Abstract: This specification defines the Kerberos principal name of an
> XMPP server. It also details a method by which a connecting client can
> determine this Kerberos principal name when authenticating using the
> "GSSAPI" SASL mechanism.
> URL: http://xmpp.org/extensions/xep-0233.html
> This Last Call begins today and shall end at the close of business on
I apologize for the late response.
> Please consider the following questions during this Last Call and send
> your feedback to the standards at xmpp.org discussion list:
> 1. Is this specification needed to fill gaps in the XMPP protocol
> stack or to clarify an existing protocol?
Yes. However I should note that I'm not sufficiently familiar with
Kerberos to be sure.
> 3. Do you plan to implement this specification in your code? If not,
> why not?
I implemented a method for manually specifying the hostname to be
communicated, as described by this specification.
> 2. Does the specification solve the problem stated in the
> introduction and requirements?
Those who asked me to implement this were pleased, so as far as I can
> 4. Do you have any security concerns related to this specification?
> 5. Is the specification accurate and clearly written?
A sentence on why it would be a bad idea to use the target from the SRV
record used to connect (in the absence of DNSSEC) might be a good idea.
Kim "Zash" Alvefur
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the Standards