+1 for MUST
Am Samstag, 27. August 2022, 11:41:38 CEST schrieb Dave Cridland: > On Wed, 24 Aug 2022 at 07:56, Daniel Gultsch <[email protected]> wrote: > > And yes we are currently implementing it. That's why I’m providing > > feedback on the XEP. And yes we are using it with compression and yes > > we do terminate TLS early and can’t use HT-* and yes we use PLAIN for > > regular logins too and therefor we don’t have an issue with the > > "downgrade" in security. > > Just on the TLS early termination, could you still support > tls-server-end-point, which (IIRC) doesn't need anything but a static > configuration of the server's certificate? > > It's also a SHOULD, I saw, in XEP-0440 - I'd be inclined to raise that to a > MUST, even though I prefer tls-exporter if possible, because it's very easy > to support. Assuming, of course, that any form of channel binding is > possible. > > Dave. _______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
