Mercurial > prosody-modules
annotate mod_sasl_ssdp/README.markdown @ 5835:9f41d2d33e3e
mod_privacy_lists: Deprecate
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 12 Feb 2024 15:41:41 +0100 |
| parents | 3a7349aa95c7 |
| children | 61bee1be6db3 |
| rev | line source |
|---|---|
|
5773
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 --- |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 labels: |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 - 'Stage-Alpha' |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 summary: 'XEP-0474: SASL SCRAM Downgrade Protection' |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 ... |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 Introduction |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 ============ |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 This module implements the experimental XEP-0474: SASL SCRAM Downgrade |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 Protection. It provides an alternative downgrade protection mechanism to |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 client-side pinning which is currently the most common method of downgrade |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 protection. |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 **Note:** This module implements version 0.3.0 of XEP-0474. As of 2023-12-05, |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 this version is not yet published on xmpp.org. Version 0.3.0 of the XEP is |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 implemented in Monal 6.0.1. No other clients are currently known to implement |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 the XEP at the time of writing. |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 # Configuration |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 There are no configuration options for this module, just load it as normal. |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 # Compatibility |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 For SASL2 (XEP-0388) clients, it is compatible with the mod_sasl2 community module. |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 For clients using RFC 6120 SASL, it requires Prosody trunk 33e5edbd6a4a or |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 later. It is not compatible with Prosody 0.12 (it will load, but simply |
|
3a7349aa95c7
mod_sasl_ssdp: New module implementing XEP-0474 SASL SCRAM Downgrade Protection
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 won't do anything) for "legacy SASL". |