[Standards] XEP-0178: Clarify SASL-EXTERNAL specification when s2s auth fails

Holger Weiß holger at zedat.fu-berlin.de
Tue Jun 30 18:58:03 UTC 2020


* Jonas Schäfer <jonas at wielicki.name> [2020-06-30 17:59]:
> On behalf of the Council, I'd like to bring this pull request to the attention 
> of the community:
> 
> https://github.com/xsf/xeps/pull/963

Wait, is this PR actually modifying the authentication step it intends
to change?  I was assuming we're talking about XEP-0178, #3, step 7 (a),
where the spec tells the receiving server to close the connection if
initial certificate verification fails.  The PR is instead changing step
11 (b), where the receiving server checks the new stream's 'from'
against the certificate.

Holger


More information about the Standards mailing list