[Standards] Feedback to Compliance Suites 2020

Evgeny xramtsov at gmail.com
Wed Oct 9 19:20:07 UTC 2019


On Wed, Oct 9, 2019 at 10:11 PM, JC Brand <lists at opkode.com> wrote:
> "Restoring" a session means simply making a new request within the 
> timeout
> period. Whether the browser tab has been reloaded in the meantime is
> irrelevant.

I still doubt this is anyhow more secure than session resumption in 
XEP-0198 (which btw requires real re-authentication).



More information about the Standards mailing list