On Thu, Jul 12, 2018 at 12:34:51PM +0300, Heikki Linnakangas wrote:
> Meh. We're not going implement tls-unique, anyway, in some of the upcoming
> non-OpenSSL TLS implementations that don't support it.
True enough. Only GnuTLS supports it:
https://www.gnutls.org/manual/html_node/Channel-Bindings.html
> Hmm. That is actually in a section called "Default Channel Binding". And the
> first paragraph says "A default channel binding type agreement process for
> all SASL application protocols that do not provide their own channel binding
> type agreement is provided as follows". Given that, it's not entirely clear
> to me if the requirement to support tls-unique is for all implementations of
> SCRAM, or only those applications that don't provide their own channel
> binding type agreement.
I am not sure, but I get that as tls-unique must be the default if
available, so if it is technically possible to have it we should have it
in priority. If not, then a channel binding type which is supported by
both the server and the client can be chosen.
--
Michael