[Standards] NEW: XEP-0440 (SASL Channel-Binding Type Capability)

Dave Cridland dave at cridland.net
Tue Jul 21 18:28:52 UTC 2020


On Tue, 21 Jul 2020 at 18:57, Florian Schmaus <flo at geekplace.eu> wrote:

> Based on the discussion in this thread, I suggest the following changes
>
> http://geekplace.eu/xeps/xep-sasl-cb-types/diff.html#sasl-mech-interaction


Is it worth making tls-server-endpoint an MTI for XEP-0440?

It is, as you note, trivial to implement, and as we always chant, MTI is
Mandatory to Implement, not Mandatory to Deploy.

But it means anything using XEP-0440 MUST implement (and PROBABLY SHOULD
deploy) a common binding that's reasonably well understood, provides some
significant protection, and is easy to implement. If it turns out we really
need something better later, we can review and change the MTI.

It also means that if it is not offered, one assumes the server
administrator has some very good reasons for doing so.

Dave.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/standards/attachments/20200721/79f4ee43/attachment.html>


More information about the Standards mailing list