mirror of
https://github.com/moparisthebest/xeps
synced 2024-12-21 23:28:51 -05:00
XEP-0379: Fix some DTD issues.
This commit is contained in:
parent
6b67a1149d
commit
9c3bd99e07
25
xep-0379.xml
25
xep-0379.xml
@ -28,6 +28,12 @@
|
|||||||
<email>georg@op-co.de</email>
|
<email>georg@op-co.de</email>
|
||||||
<jid>georg@yax.im</jid>
|
<jid>georg@yax.im</jid>
|
||||||
</author>
|
</author>
|
||||||
|
<revision>
|
||||||
|
<version>0.1.1</version>
|
||||||
|
<date>2017-01-01</date>
|
||||||
|
<initials>ssw</initials>
|
||||||
|
<remark><p>Minor DTD and formatting fixes.</p></remark>
|
||||||
|
</revision>
|
||||||
<revision>
|
<revision>
|
||||||
<version>0.1.0</version>
|
<version>0.1.0</version>
|
||||||
<date>2016-07-20</date>
|
<date>2016-07-20</date>
|
||||||
@ -165,7 +171,7 @@ https://yax.im/i/romeo/montague.net/1tMFqYDdKhfe2pwp/Romeo+Montague
|
|||||||
<div class="example">
|
<div class="example">
|
||||||
<p><strong><em>Romeo Montague</em> has invited you to chat</strong></p>
|
<p><strong><em>Romeo Montague</em> has invited you to chat</strong></p>
|
||||||
|
|
||||||
<p><strong><link url='xmpp:romeo@montague.net?roster;preauth=1tMFqYDdKhfe2pwp;name=Romeo%20Montague'>Add <em>Romeo Montague</em></link></strong></p>
|
<p><strong><link url='xmpp:romeo@montague.net?roster;preauth=1tMFqYDdKhfe2pwp;name=Romeo%20Montague'>Add "Romeo Montague"</link></strong></p>
|
||||||
<p>If this link does not work, you need to install and configure
|
<p>If this link does not work, you need to install and configure
|
||||||
an XMPP client. Please visit this page again afterwards. Choose one of
|
an XMPP client. Please visit this page again afterwards. Choose one of
|
||||||
these for your <em>Tomato OS</em>:</p>
|
these for your <em>Tomato OS</em>:</p>
|
||||||
@ -285,22 +291,19 @@ https://yax.im/i/romeo/montague.net/1tMFqYDdKhfe2pwp/Romeo+Montague
|
|||||||
<p>As the authentication token grants automatic addition to
|
<p>As the authentication token grants automatic addition to
|
||||||
Romeo's roster and automatic approval of presence subscription,
|
Romeo's roster and automatic approval of presence subscription,
|
||||||
the token SHOULD be created with a cryptographically secure random
|
the token SHOULD be created with a cryptographically secure random
|
||||||
number generator <note>See for example <link
|
number generator <note>See for example <tt><link
|
||||||
url='https://lwn.net/Articles/606141/'><tt>getrandom(2)</tt></link>,
|
url='https://lwn.net/Articles/606141/'>getrandom(2)</link></tt>,
|
||||||
<link
|
<tt><link
|
||||||
url='https://docs.oracle.com/javase/8/docs/api/java/security/SecureRandom.html'><tt>SecureRandom</tt></link>
|
url='https://docs.oracle.com/javase/8/docs/api/java/security/SecureRandom.html'>SecureRandom</link></tt>
|
||||||
or <tt>/dev/urandom</tt>. More information about the randomness
|
or <tt>/dev/urandom</tt>. More information about the randomness
|
||||||
requirements for security can be found in &rfc4086;</note> and
|
requirements for security can be found in &rfc4086;</note> and
|
||||||
provide sufficient entropy to make brute-force attacks
|
provide sufficient entropy to make brute-force attacks
|
||||||
infeasible. It is suggested to generate at least 80 bits of
|
infeasible. It is suggested to generate at least 80 bits of
|
||||||
entropy, and to use an encoding that can be easily encoded as part
|
entropy, and to use an encoding that can be easily encoded as part
|
||||||
of an URI (e.g. Base-32).</p> <p>It is possible to use a different token
|
of an URI (e.g. Base-32).</p> <p>It is possible to use a different token
|
||||||
generation scheme like <cite>SAML</cite><note>Security Assertion Markup
|
generation scheme like &saml; or JWT (&rfc7519;).
|
||||||
Language (SAML) <<link url='https://www.oasis-open.org/standards#samlv2.0'>https://www.oasis-open.org/standards#samlv2.0</link>></note>
|
In such a case, the issuer must ensure a comparable security level and
|
||||||
or JWT (<cite><link url='http://tools.ietf.org/html/rfc7519'>RFC
|
limit token reuse.</p>
|
||||||
7519</link></cite><note>RFC 7519: JSON Web Token (JWT) <<link url='http://tools.ietf.org/html/rfc7519'>http://tools.ietf.org/html/rfc7519</link>></note>). In
|
|
||||||
such a case, the issuer must ensure a comparable security level
|
|
||||||
and limit token reuse.</p>
|
|
||||||
</section2>
|
</section2>
|
||||||
<section2 topic='Checking Token Validity' anchor='security_validity'>
|
<section2 topic='Checking Token Validity' anchor='security_validity'>
|
||||||
<p>To limit the potential for abuse, the token SHOULD be limited in as follows:</p>
|
<p>To limit the potential for abuse, the token SHOULD be limited in as follows:</p>
|
||||||
|
1
xep.ent
1
xep.ent
@ -650,6 +650,7 @@ THE SOFTWARE.
|
|||||||
<!ENTITY rfc6763 "<span class='ref'><link url='http://tools.ietf.org/html/rfc6763'>RFC 6763</link></span> <note>RFC 6763: DNS-Based Service Discovery <<link url='http://tools.ietf.org/html/rfc6763'>http://tools.ietf.org/html/rfc6763</link>>.</note>" >
|
<!ENTITY rfc6763 "<span class='ref'><link url='http://tools.ietf.org/html/rfc6763'>RFC 6763</link></span> <note>RFC 6763: DNS-Based Service Discovery <<link url='http://tools.ietf.org/html/rfc6763'>http://tools.ietf.org/html/rfc6763</link>>.</note>" >
|
||||||
<!ENTITY rfc6920 "<span class='ref'><link url='http://tools.ietf.org/html/rfc6920'>RFC 6920</link></span> <note>RFC 6920: Naming Things with Hashes <<link url='http://tools.ietf.org/html/rfc6920'>http://tools.ietf.org/html/rfc6920</link>>.</note>" >
|
<!ENTITY rfc6920 "<span class='ref'><link url='http://tools.ietf.org/html/rfc6920'>RFC 6920</link></span> <note>RFC 6920: Naming Things with Hashes <<link url='http://tools.ietf.org/html/rfc6920'>http://tools.ietf.org/html/rfc6920</link>>.</note>" >
|
||||||
<!ENTITY rfc7081 "<span class='ref'><link url='http://tools.ietf.org/html/rfc7081'>RFC 7081</link></span> <note>RFC 7081: CUSAX: Combined Use of the Session Initiation Protocol (SIP) and the Extensible Messaging and Presence Protocol (XMPP) <<link url='http://tools.ietf.org/html/rfc7081'>http://tools.ietf.org/html/rfc7081</link>>.</note>" >
|
<!ENTITY rfc7081 "<span class='ref'><link url='http://tools.ietf.org/html/rfc7081'>RFC 7081</link></span> <note>RFC 7081: CUSAX: Combined Use of the Session Initiation Protocol (SIP) and the Extensible Messaging and Presence Protocol (XMPP) <<link url='http://tools.ietf.org/html/rfc7081'>http://tools.ietf.org/html/rfc7081</link>>.</note>" >
|
||||||
|
<!ENTITY rfc7519 "<span class='ref'><link url='http://tools.ietf.org/html/rfc7519'>RFC 7519</link></span> <note>RFC 7519: JSON Web Token (JWT) <<link url='http://tools.ietf.org/html/rfc7519'>http://tools.ietf.org/html/rfc7519</link>>.</note>" >
|
||||||
<!ENTITY rfc7572 "<span class='ref'><link url='http://tools.ietf.org/html/rfc7572'>RFC 7572</link></span> <note>RFC 7572: Interworking between the Session Initiation Protocol (SIP) and the Extensible Messaging and Presence Protocol (XMPP): Instant Messaging <<link url='http://tools.ietf.org/html/rfc7572'>http://tools.ietf.org/html/rfc7572</link>>.</note>" >
|
<!ENTITY rfc7572 "<span class='ref'><link url='http://tools.ietf.org/html/rfc7572'>RFC 7572</link></span> <note>RFC 7572: Interworking between the Session Initiation Protocol (SIP) and the Extensible Messaging and Presence Protocol (XMPP): Instant Messaging <<link url='http://tools.ietf.org/html/rfc7572'>http://tools.ietf.org/html/rfc7572</link>>.</note>" >
|
||||||
<!ENTITY rfc7595 "<span class='ref'><link url='http://tools.ietf.org/html/rfc7595'>RFC 7595</link></span> <note>RFC 7595: Guidelines and Registration Procedures for URI Schemes <<link url='http://tools.ietf.org/html/rfc7595'>http://tools.ietf.org/html/rfc7595</link>>.</note>" >
|
<!ENTITY rfc7595 "<span class='ref'><link url='http://tools.ietf.org/html/rfc7595'>RFC 7595</link></span> <note>RFC 7595: Guidelines and Registration Procedures for URI Schemes <<link url='http://tools.ietf.org/html/rfc7595'>http://tools.ietf.org/html/rfc7595</link>>.</note>" >
|
||||||
<!ENTITY rfc7613 "<span class='ref'><link url='http://tools.ietf.org/html/rfc7613'>RFC 7613</link></span> <note>RFC 7613: Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords<<link url='http://tools.ietf.org/html/rfc7613'>http://tools.ietf.org/html/rfc7613</link>>.</note>" >
|
<!ENTITY rfc7613 "<span class='ref'><link url='http://tools.ietf.org/html/rfc7613'>RFC 7613</link></span> <note>RFC 7613: Preparation, Enforcement, and Comparison of Internationalized Strings Representing Usernames and Passwords<<link url='http://tools.ietf.org/html/rfc7613'>http://tools.ietf.org/html/rfc7613</link>>.</note>" >
|
||||||
|
Loading…
Reference in New Issue
Block a user