[exim-cvs] Docs: gsasl auth channel-binding now also usable …

Top Page
Delete this message
Reply to this message
Author: Exim Git Commits Mailing List
Date:  
To: exim-cvs
Subject: [exim-cvs] Docs: gsasl auth channel-binding now also usable under OpenSSL
Gitweb: https://git.exim.org/exim.git/commitdiff/bda253e55534a96a3c1fd9747121c46e6507ed32
Commit:     bda253e55534a96a3c1fd9747121c46e6507ed32
Parent:     a3df157980b463b89d71a3f12d88abe5bad857dc
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Sat Nov 23 22:21:00 2019 +0000
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Sat Nov 23 22:21:00 2019 +0000


    Docs: gsasl auth channel-binding now also usable under OpenSSL
---
 doc/doc-docbook/spec.xfpt | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)


diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index a93f611..0e7d765 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -27460,9 +27460,11 @@ This should have meant that certificate identity and verification becomes a
non-issue, as a man-in-the-middle attack will cause the correct client and
server to see different identifiers and authentication will fail.

-This is currently only supported when using the GnuTLS library. This is
+.new
+This is
only usable by mechanisms which support "channel binding"; at time of
writing, that's the SCRAM family.
+.wen

This defaults off to ensure smooth upgrade across Exim releases, in case
this option causes some clients to start failing. Some future release