Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XEP-0198: Add section defining SASL2 and BIND2 interaction #1294

Merged
merged 10 commits into from
Dec 11, 2023
Merged

XEP-0198: Add section defining SASL2 and BIND2 interaction #1294

merged 10 commits into from
Dec 11, 2023

Conversation

iNPUTmice
Copy link
Contributor

@iNPUTmice iNPUTmice commented Sep 12, 2023
edited
Loading

This is based on #1215 but changes the inline feature element name to sm to match what is currently in the wild. (And to match the example)

This PR also changes the (non normative) example in XEP-0388

ge0rg
ge0rg reviewed Sep 21, 2023
View reviewed changes
xep-0198.xml Outdated
<section1 topic='Security Considerations' anchor='security'>
<p>As noted, a server MUST NOT allow a client to resume a stream management session until after the client has authenticated (for some value of "authentication"); this helps to prevent session hijacking.</p>
<p>If SASL2 is used to inline stream resumption implementations must adhere to the security considerations defined in &xep0388; regarding the inclusion of SASL2 requests and inline feature negotiation in TLS 0-RTT ("early data") extensions. That is, they MUST NOT be sent or processed if the stream would be resumed solely based on 0-RTT data, except when appropriate mitigations are in place (which are beyond the scope of this document, but may be defined by others).</p>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

editorial:

  • missing comma after "inline stream resumption"
  • the "they" in the second sentence is ambiguous, please replace with "these elements"

@iNPUTmice
Copy link
Contributor Author

Council has accepted this today.

@Kev
Copy link
Member

Kev commented Oct 30, 2023

Council may have accepted it, but the build seems to be failing :)

@tmolitor-stud-tu
Copy link
Contributor

@Kev What exactly is failing the build? Or to rephrase it: what has to be changed/fixed to make it build?

@iNPUTmice iNPUTmice mentioned this pull request Dec 7, 2023
Merged
@iNPUTmice
Copy link
Contributor Author

Our tooling can’t handle when multiple XEPs are in the same PR. Please also merge #1303 (this has council approval. It's just a split of the old PR)

@Kev Kev merged commit 11fb101 into xsf:master Dec 11, 2023
1 check passed
@iNPUTmice iNPUTmice mentioned this pull request Mar 11, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ge0rg ge0rg ge0rg left review comments

Assignees
No one assigned
Labels
Needs Changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@iNPUTmice @Kev @tmolitor-stud-tu @ge0rg