[Standards] XEP-0178: Clarify SASL-EXTERNAL specification when s2s auth fails
fippo at goodadvice.pages.de
Wed Jul 1 12:23:32 UTC 2020
If the receiving server follows the process described in #9 of
which says that you do the authentication at this point (and then again
in #11) how can external fail?
If the receiving server can not authenticate the request its a policy
decision to not offer external and maybe use dialback.
Am 30.06.20 um 17:59 schrieb Jonas Schäfer:
> Hi list,
> (Editor hat on)
> On behalf of the Council, I’d like to bring this pull request to the attention
> of the community:
> Input from server operators specifically would be welcomed to see if this
> change is in fact desirable or if you can see any issues with that. At least
> one member of the community has already expressed  that they think this may
> lead to downgrade attacks.
> kind regards and thank you,
> : https://mail.jabber.org/pipermail/standards/2020-June/037592.html
> Standards mailing list
> Info: https://mail.jabber.org/mailman/listinfo/standards
> Unsubscribe: Standards-unsubscribe at xmpp.org
More information about the Standards