Closed tmolitor-stud-tu closed 4 weeks ago
tmolitor-stud-tu
commented
11 months ago Side note: I've wrote a blog post about modern SASL authentication that more or less led to all of these SASL2 related XEPs over here: https://monal-im.org/post/00004-sasl/
Neustradamus
commented
11 months ago Important too :)
Neustradamus
commented
4 weeks ago @tmolitor-stud-tu: Good news, @prefiks has added the support in xmpp 1.9.0 and ejabberd 24.10, a big thanks!
tmolitor-stud-tu
commented
4 weeks ago Nice, thanks!!
This is the last missing piece for modern SASL2 authentication: XEP-0480: SASL Upgrade Tasks is needed to make sure clients can update the old SHA-1 password hashes to more secure alternatives like SHA-256.
This isn't as urgent as the other SASL2 related stuff you just implemented, but needed to make sure we can transition from SHA-1 to something more secure before SCRAM-SHA-1 becomes insecure. This transition will take quite some time, so it is good to start early with this.
I promise this is the last SASL-related implementation request I'm doing ;)
BTW: This XEP was originally developed inside the main SASL2 XEP (XEP-0388) but later factored out to not create another of these large XEPs like MUC or PubSub.