prosody-modules
761142ee0ff2
mod_sasl_ssdp/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_sasl_ssdp/README.markdown @ 5882:761142ee0ff2

mod_http_oauth2: Reflect changes to defaults etc - Resource owner password grant was disabled by default - Tokens now include a hash of client_id making it possible to be reasonable sure that they were issued to a particular client
author Kim Alvefur <zash@zash.se>
date Tue, 05 Mar 2024 00:32:00 +0100
parent 5796:3a7349aa95c7
child 5899:61bee1be6db3
line wrap: on
line source

---
labels:
- 'Stage-Alpha'
summary: 'XEP-0474: SASL SCRAM Downgrade Protection'
...

Introduction
============

This module implements the experimental XEP-0474: SASL SCRAM Downgrade
Protection. It provides an alternative downgrade protection mechanism to
client-side pinning which is currently the most common method of downgrade
protection.

**Note:** This module implements version 0.3.0 of XEP-0474. As of 2023-12-05,
this version is not yet published on xmpp.org. Version 0.3.0 of the XEP is
implemented in Monal 6.0.1. No other clients are currently known to implement
the XEP at the time of writing.

# Configuration

There are no configuration options for this module, just load it as normal.

# Compatibility

For SASL2 (XEP-0388) clients, it is compatible with the mod_sasl2 community module.

For clients using RFC 6120 SASL, it requires Prosody trunk 33e5edbd6a4a or
later. It is not compatible with Prosody 0.12 (it will load, but simply
won't do anything) for "legacy SASL".