RFC 9266: Channel Bindings for TLS 1.3 support

Hello Ignite Realtime team,

A good news, it is official, a new RFC has been released!

It is used by SCRAM-SHA-*-PLUS variants specified in RFC6120: Extensible Messaging and Presence Protocol (XMPP): Core:

• RFC 6120 - Extensible Messaging and Presence Protocol (XMPP): Core

Can you add the support of RFC 9266: Channel Bindings for TLS 1.3 in Openfire, Smack, Spark?

• RFC 9266 - Channel Bindings for TLS 1.3

Little details, to know easily:

• tls-unique for TLS =< 1.2
• tls-exporter for TLS = 1.3

Thanks in advance.

TLS is a little beyond my understanding. Every time I learn it, it leaks out of my head.

Have you had a read? How much work is involved in these changes, do you think?

What’s the value to the operator and the user? (e.g. if this is “more secure”, how?)

@danc: Thanks for your answer!

Currently, for example, you can see the code which supports the new RFC9266 (TLS = 1.3).

Mellium SASL by the author of the RFC9266:

• sasl: support tls-exporter channel binding · mellium/sasl@0091208 · GitHub

Jackal IM has been updated:

• Support tls-exporter channel binding type (#243) · ortuman/jackal@6640d38 · GitHub

Prosody IM has been updated:

• #1542 SCRAM-*-PLUS offered even on TLSv1.3 (closed) - Prosody IM Issue Tracker
• #1760 Implement tls-exporter channel binding for TLS 1.3 (closed) - Prosody IM Issue Tracker

Miranda NG has been updated:

• fixes #3140 (RFC 9266: Channel Bindings for TLS 1.3 support) · miranda-ng/miranda-ng@ff9679b · GitHub

GNU SASL (GSASL) has been updated:

• Savannah Git Hosting - gsasl.git/blob - NEWS
• Savannah Git Hosting - gsasl.git/shortlog

glib/glib-networking has been updated, it was compatible with draft before:

• RFC 9266: Channel Bindings for TLS 1.3 support (#191) · Issues · GNOME / glib-networking · GitLab

indimail-mta has been updated:

• https://github.com/mbhangui/indimail-mta/pull/33

Note that there is a big list with previous RFC5929 (TLS =< 1.2), ejabberd, Djabberd, Metronome IM, MongooseIM, Tigase XMPP Server, Coy IM, Tigase JaXMPP, Tigase TTS-NG, Tigase Stork IM / Tigase Android Messenger, Gajim (nbxmpp), Wocky, pyxmpp2, xmpp-rs, Ubiety.Scram.Core/Ubiety.Xmpp.Core, cyrus-sasl/cyrus-imapd, Exim, mpop/msmtp, Racket SASL, aiosasl, PostgreSQL, ba0f3/scram.nim, tlocke/scramp, pwithnall/libscram, MailKit, MimeKit, Mutt, NeoMutt, Postfix, WildFly Elytron, …

A document here: How to securely authenticate with SCRAM in Postgres 13 - Microsoft Tech Community

How much work is involved in these changes, do you think?

What’s the value to the operator and the user? (e.g. if this is “more secure”, how?)

Thanks for your reply, but without answers to these questions, I’d be taking on an unknown amount of unpaid work that has an unknown value, just because “lots of other people did it”.

Is this not handled by the JVM? I have BOSH running on TLS 1.3 using OpenJDK 1.8 and I am not seeing any issues. I can’t speak for native XMPP connections, but I would expect that also would use the JVM TLS implementation.

It is explained here:

• How to securely authenticate with SCRAM in Postgres 13 - Microsoft Tech Community