Justin Karneges wrote: > On Saturday 21 February 2009 13:36:30 Peter Saint-Andre wrote: >> I had not considered that "attack", so I will change the text to SHOULD >> or MAY (or remove it entirely). I don't think that any server >> implementations depend on the 'from' address of the initial stream >> header, so removing this text will not cause any problems. > > For what it's worth, SASL and iq:auth give away the identity already. The > only way this information was ever protected is through the use of TLS.
Correct. > So, it may be enough to suggest that, if you plan to use TLS, the 'from' > attribute should not be populated until the <stream> following TLS > negotiation. Though I don't know if that's really practical (for example, > you leave it out, but then the server doesn't offer starttls, oops). Right. But nothing breaks at that point because AFAIK the server doesn't depend on the 'from'. > What is the reason for this attribute? My guess is that it would allow a > server to offer SASL mechanisms specific to the initiating user, which > coincidentally I mentioned earlier today: http://forum.psi-im.org/thread/5257 > (but I don't know if that's true at all). Yes, that was the idea. But it can do that after the TLS negotiation has completed. It's always best to use TLS anyway, right? ;-) Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
