ldaptive icon indicating copy to clipboard operation
ldaptive copied to clipboard
verified publisher icon vt-middleware

RFC 9266: Channel Bindings for TLS 1.3 support

Open Neustradamus opened this issue 3 years ago • 1 comments

Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?

  • https://datatracker.ietf.org/doc/html/rfc9266

Little details, to know easily:

  • tls-unique for TLS =< 1.2
  • tls-server-end-point
  • tls-exporter for TLS = 1.3

Thanks in advance.

Linked to:

  • https://github.com/vt-middleware/ldaptive/issues/153
  • https://github.com/vt-middleware/ldaptive/issues/164

Neustradamus avatar Aug 18 '22 04:08 Neustradamus

Dear @vt-middleware team, @dfish3r, @dhawes,

Can you look for Channel Binding for TLS 1.3 support?

There is a recent history with jabber.ru MITM and SCRAM-SHA-*-PLUS is the security solution!

Some sources about jabber.ru:

  • https://notes.valdikss.org.ru/jabber.ru-mitm/
  • https://snikket.org/blog/on-the-jabber-ru-mitm/
  • https://www.devever.net/~hl/xmpp-incident
  • https://blog.jmp.chat/b/certwatch

Thanks in advance.

Linked to:

  • https://github.com/vt-middleware/ldaptive/issues/153
  • https://github.com/vt-middleware/ldaptive/issues/164

Neustradamus avatar Nov 03 '23 00:11 Neustradamus