You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is the last missing piece for modern SASL2 authentication: XEP-0480: SASL Upgrade Tasks is needed to make sure clients can update the old SHA-1 password hashes to more secure alternatives like SHA-256.
This isn't as urgent as the other SASL2 related stuff you just implemented, but needed to make sure we can transition from SHA-1 to something more secure before SCRAM-SHA-1 becomes insecure.
This transition will take quite some time, so it is good to start early with this.
I promise this is the last SASL-related implementation request I'm doing ;)
BTW: This XEP was originally developed inside the main SASL2 XEP (XEP-0388) but later factored out to not create another of these large XEPs like MUC or PubSub.
The text was updated successfully, but these errors were encountered:
Side note: I've wrote a blog post about modern SASL authentication that more or less led to all of these SASL2 related XEPs over here: https://monal-im.org/post/00004-sasl/
This is the last missing piece for modern SASL2 authentication: XEP-0480: SASL Upgrade Tasks is needed to make sure clients can update the old SHA-1 password hashes to more secure alternatives like SHA-256.
This isn't as urgent as the other SASL2 related stuff you just implemented, but needed to make sure we can transition from SHA-1 to something more secure before SCRAM-SHA-1 becomes insecure.
This transition will take quite some time, so it is good to start early with this.
I promise this is the last SASL-related implementation request I'm doing ;)
BTW: This XEP was originally developed inside the main SASL2 XEP (XEP-0388) but later factored out to not create another of these large XEPs like MUC or PubSub.
The text was updated successfully, but these errors were encountered: