Merge branch 'xep-0440' into premerge

2024-11-21 08:45:04 -05:00 · 2022-08-30 15:40:11 +02:00 · 2022-08-30 15:40:11 +02:00 · 4045ce619c
commit 4045ce619c
parent 8a7977814e f793326085
1 changed files with 13 additions and 5 deletions
--- a/xep-0440.xml
+++ b/xep-0440.xml
@ -23,6 +23,14 @@
  <supersededby/>
  <shortname>sasl-cb-types</shortname>
  &flow;
+  <revision>
+    <version>0.3.0</version>
+    <date>2022-08-29</date>
+    <initials>tm</initials>
+    <remark>
+      Make implementation of tls-server-end-point a MUST for servers.
+    </remark>
+  </revision>
  <revision>
    <version>0.2.0</version>
    <date>2020-08-04</date>
@ -144,9 +152,9 @@
  case, implementations may want to allow the set of pinned channel-binding
  types to be extended to stronger ones.</p>

-  <p>As further mitigation, it is RECOMMENDED to implement the
-  channel-binding type tls-server-end-point (&rfc5929;) to increase the
-  probability of a mutual supported channel-binding type.</p>
+  <p>As further mitigation, servers MUST and clients are RECOMMENDED to
+  at least implement the channel-binding type tls-server-end-point (&rfc5929;)
+  to increase the probability of a mutual supported channel-binding type.</p>

 </section1>

@ -173,8 +181,8 @@
  <p>Thanks to Sam Whited for the discussion about the underlying
  issue and incentivizing me to come up with this extension. Further
  thanks goes to Ruslan N. Marchenko for pointing out the possible
-  MITM attack vector. Last but not least, Dave Cridland provided
-  valuable feedback.</p>
+  MITM attack vector. Last but not least, Dave Cridland and Thilo Molitor
+  provided valuable feedback.</p>

 </section1>