Hello Nico, Thanks for your answer!
Links of XEPs are here to confirm that "tls-exporter" is needed and already used. XEPs are already supported by a lot of projects/softwares/companies in production, for example on GitHub, we can see: - https://github.com/search?q=XEP-0480+-repo%3Axsf%2Fxeps+-repo%3Axsf%2Fxep-attic+-repo%3Axsf%2Fxmpp.org&type=code - https://github.com/search?q=XEP-0388+-repo%3Axsf%2Fxeps+-repo%3Axsf%2Fxep-attic+-repo%3Axsf%2Fxmpp.org&type=code - https://github.com/search?q=XEP-0440+-repo%3Axsf%2Fxeps+-repo%3Axsf%2Fxep-attic+-repo%3Axsf%2Fxmpp.org&type=code - https://github.com/search?q=XEP-0474+-repo%3Axsf%2Fxeps+-repo%3Axsf%2Fxep-attic+-repo%3Axsf%2Fxmpp.org&type=code At the same time, about these XEPs, it is the base of the "draft-melnikov-sasl2" done by Alexey Melnikov (author of several RFCs), that you know of course: - https://datatracker.ietf.org/doc/html/draft-melnikov-sasl2 - https://datatracker.ietf.org/person/Alexey%20Melnikov Several people would like to deprecate "tls-server-end-point" (RFC 5929) like Simon Josefsson (author of several RFCs), that you know of course, because RFC 9266 exists since July 2022: - https://mailarchive.ietf.org/arch/msg/kitten/zpesKSHsiuy1RvhPlbSUGajLbKQ/ - https://datatracker.ietf.org/person/Simon%20Josefsson For example, he is the GNU SASL maintainer and he does not want to add tls-server-end-point support: - https://gitlab.com/gsasl/gsasl/-/issues/13 Other talks about tls-server-end-point: - https://mailarchive.ietf.org/arch/browse/kitten/?q=tls-server-end-point&gbt=1&index= - https://mail.jabber.org/hyperkitty/search?count=200&q=tls-server-end-point&page=1&mlist=standards%40xmpp.org&sort=date-asc - https://mailarchive.ietf.org/arch/browse/tls/?q=tls-server-end-point&gbt=1&index= So it is really important to support "tls-exporter". Regards, Neustradamus ________________________________________ From: Nico Williams <[email protected]> Sent: Friday, November 21, 2025 18:32 To: * Neustradamus * Cc: PostgreSQL Hackers Subject: Re: RFC 9266: Channel Bindings for TLS 1.3 support On Thu, Nov 20, 2025 at 08:58:54PM +0000, * Neustradamus * wrote: > - XEP-0388: Extensible SASL Profile: https://xmpp.org/extensions/xep-0388.html > - XEP-0440: SASL Channel-Binding Type Capability: > https://xmpp.org/extensions/xep-0440.html > - XEP-0474: SASL SCRAM Downgrade Protection: > https://xmpp.org/extensions/xep-0474.html > - XEP-0480: SASL Upgrade Tasks: https://xmpp.org/extensions/xep-0480.html Why are XEPs relevant to PG?
