ldapsdk icon indicating copy to clipboard operation
ldapsdk copied to clipboard

Published 20 hours ago verified publisher icon pingidentity

RFC 9266: Channel Bindings for TLS 1.3 support

Open Neustradamus opened this issue 2 years ago • 1 comments

Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?

  • https://datatracker.ietf.org/doc/html/rfc9266

Little details, to know easily:

  • tls-unique for TLS =< 1.2
  • tls-server-end-point
  • tls-exporter for TLS = 1.3

Thanks in advance.

Linked to:

  • https://github.com/pingidentity/ldapsdk/issues/71

Neustradamus avatar Jul 31 '22 23:07 Neustradamus

@dirmgr: Can you look for Channel Binding support?

There is a recent history with jabber.ru MITM and SCRAM-SHA-*-PLUS is the security solution!

Some sources about jabber.ru:

  • https://notes.valdikss.org.ru/jabber.ru-mitm/
  • https://snikket.org/blog/on-the-jabber-ru-mitm/
  • https://www.devever.net/~hl/xmpp-incident
  • https://blog.jmp.chat/b/certwatch

Thanks in advance.

Neustradamus avatar Nov 04 '23 16:11 Neustradamus