Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RFC 9266: Channel Bindings for TLS 1.3 #4191 #4772

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Commits on Sep 20, 2024

  1. RFC 9266: Channel Bindings for TLS 1.3 cyrusimap#4191

    TLS connections of the IMAPD service provide channel binding data
    for the SASL authentication layer. The current implementation
    sets the correct "tls-unique" channel binding data for TLS
    versions 1.2 and lower, however not for TLS version 1.3.
    
    TLS version 1.3 requires using specific exporter keying material
    (EKM) according to RFC 9266 Section 2:
    Label:      "EXPORTER-Channel-Binding"
    Context:    Zero-length string
    Key Length: 32 bytes
    
    Signed-off-by: Guido Kiener <[email protected]>
    GuidoKiener authored and rjbs committed Sep 20, 2024
    Configuration menu
    Copy the full SHA
    43aa26e View commit details
    Browse the repository at this point in the history