On 18/03/2024 09.59, Daniel Gultsch wrote:
This message constitutes notice of a Last Call for comments on XEP-0386.Title: Bind 2 Abstract: This specification provides a single-request replacement for several activities an XMPP client needs to do at startup. URL: https://xmpp.org/extensions/xep-0386.html This Last Call begins today and shall end at the close of business on 2024-04-01. Please consider the following questions during this Last Call and send your feedback to the [email protected] discussion list: 1. Is this specification needed to fill gaps in the XMPP protocol stack or to clarify an existing protocol?
Yes.
2. Does the specification solve the problem stated in the introduction and requirements?
Yes.
3. Do you plan to implement this specification in your code? If not, why not?
No immediate plans, due the lack of resources on my end. However, it is consensus that SASL2 and Bind2 are the frontier of current XMPP stream/session establishment and hence are, or at least will become, highly relevant. And the fundamental design of both is solid and incorporates our experience with the current design.
4. Do you have any security concerns related to this specification?
No major concerns. However, I wonder if stable resource identifiers are a sensible concept security wise. It seems sensible to be able to restrict direct access to an end-device via unstable resource identifiers.
5. Is the specification accurate and clearly written?
Just some small remarks: - ยง 6. Superfluous '.' at the end of the sentence. - Mentions of XEPs within the document should be linked references. Thanks for working on Bind2. - Florian
OpenPGP_0x8CAC2A9678548E35.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Standards mailing list -- [email protected] To unsubscribe send an email to [email protected]
