From 9a4760453d2aba2a278c2eedfdf4085e10d15f80 Mon Sep 17 00:00:00 2001 From: Sam Whited Date: Sat, 21 Nov 2020 14:20:38 -0500 Subject: [PATCH 1/3] Fix styling on superscript elements --- xmpp.css | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/xmpp.css b/xmpp.css index 798a1eeb..1ffdc3f1 100644 --- a/xmpp.css +++ b/xmpp.css @@ -942,14 +942,16 @@ } sub, - sup { + sup, + .super { font-size: 75%; line-height: 0; position: relative; vertical-align: baseline; } - sup { + sup, + .super { top: -0.5em; } From 00d7e0c39c50d18383a97fbf91f5b9608fbaaa74 Mon Sep 17 00:00:00 2001 From: Florian Schmaus Date: Mon, 23 Nov 2020 16:06:59 +0100 Subject: [PATCH 2/3] XEP-0373 (ox): s/NOT REQUIRED/OPTIONAL/ "NOT REQUIRED" is not a RFC 2119 keyword, "OPTIONAL" is. --- xep-0373.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xep-0373.xml b/xep-0373.xml index 4cad2eed..fde57cf9 100644 --- a/xep-0373.xml +++ b/xep-0373.xml @@ -268,7 +268,7 @@ &sign; MAY NOT contain one MUST have exactly one - NOT REQUIRED + OPTIONAL MUST have exactly one From d36f469b7fff9a300185eb2966a18f561b017fb4 Mon Sep 17 00:00:00 2001 From: Florian Schmaus Date: Mon, 23 Nov 2020 16:08:34 +0100 Subject: [PATCH 3/3] XEP-0373 (ox): Fix 'to'-attribute requirements The XEP had the requirements for the 'to'-attribute of and interchanged. Thanks to defanor for pointing this out. Acked-by: Vincent Breitmoser --- xep-0373.xml | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/xep-0373.xml b/xep-0373.xml index fde57cf9..6d1add19 100644 --- a/xep-0373.xml +++ b/xep-0373.xml @@ -46,6 +46,17 @@ look@my.amazin.horse valodim@stratum0.org + + 0.6.0 + 2020-11-22 + fs + +

Fix 'to'-attribute requirements: All content elements which are signed using OpenPGP need + that attribute to prevent Surreptitious Forward Attacks. The &crypt; element does not require + one, as the intented recipient is established by the encryption itself. The XEP had the + requirements for &sign; and &crypt; mixed up.

+
+
0.5.0 2020-06-19 @@ -229,7 +240,7 @@ ]]>

OpenPGP content elements MUST possess exactly one 'time' - element as direct child elements. The &signcrypt; and &crypt; + element as direct child elements. The &signcrypt; and &sign; content elements MUST contain at least one 'to' element(s), which MUST have a 'jid' attribute containing the intended recipient's XMPP address of the signed and/or encrypted data to prevent @@ -241,7 +252,7 @@ (Ed.). Springer-Verlag, London, UK, UK, 83-107. <https://www.iacr.org/archive/eurocrypt2002/23320080/adr.pdf>. The XMPP address found in the 'to' element's 'jid' attribute - SHOULD be without Resourcepart (i.e., a bare JID). A &sign; content + SHOULD be without Resourcepart (i.e., a bare JID). A &crypt; content element may not carry a 'to' attribute. The 'time' element MUST have a 'stamp' attribute which contains the timestamp when the OpenPGP content element was signed and/or encrypted in the @@ -266,14 +277,14 @@ &sign; - MAY NOT contain one + MUST have at least one MUST have exactly one OPTIONAL MUST have exactly one &crypt; - MUST have at least one + OPTIONAL MUST have exactly one SHOULD have exactly one MUST have exactly one