Daniel Gultsch  

Two more things to note before we roll out channel binding:

· It’s not unreasonable to assume that future attacks will use stolen certificates. Therefore 'endpoint' is an inferior channel binding method and servers that have other methods available (unique or exporter) should not be offering 'endpoint' at all to avoid down grade attacks.¹
· Channel binding relies on the password staying secret; Make sure you are not reusing passwords across services.

¹: I realize XEP-0440 might imply otherwise

1+
ruff
Follow

@daniel So then simple minimal requirement:
Server must implement endpoint + unique for tlsv1.2 if it advertises PLUS and exporter + endpoint for tlsv1.3. Client may support either endpoint or unique for 1.2 and exporter or endpoint for 1.3 if it attempts to support PLUS

· Web · 0 · 0 · 0
Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml