git://git.exim.org
/
users
/
jgh
/
exim.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
a3df157
)
Docs: gsasl auth channel-binding now also usable under OpenSSL
author
Jeremy Harris
<jgh146exb@wizmail.org>
Sat, 23 Nov 2019 22:21:00 +0000
(22:21 +0000)
committer
Jeremy Harris
<jgh146exb@wizmail.org>
Sat, 23 Nov 2019 22:21:00 +0000
(22:21 +0000)
doc/doc-docbook/spec.xfpt
patch
|
blob
|
history
diff --git
a/doc/doc-docbook/spec.xfpt
b/doc/doc-docbook/spec.xfpt
index a93f611825df6d24e3590450db79fc250093d8a5..0e7d7655cafa69561d0af16371eb960b617a01ab 100644
(file)
--- a/
doc/doc-docbook/spec.xfpt
+++ b/
doc/doc-docbook/spec.xfpt
@@
-27460,9
+27460,11
@@
This should have meant that certificate identity and verification becomes a
non-issue, as a man-in-the-middle attack will cause the correct client and
server to see different identifiers and authentication will fail.
non-issue, as a man-in-the-middle attack will cause the correct client and
server to see different identifiers and authentication will fail.
-This is currently only supported when using the GnuTLS library. This is
+.new
+This is
only usable by mechanisms which support "channel binding"; at time of
writing, that's the SCRAM family.
only usable by mechanisms which support "channel binding"; at time of
writing, that's the SCRAM family.
+.wen
This defaults off to ensure smooth upgrade across Exim releases, in case
this option causes some clients to start failing. Some future release
This defaults off to ensure smooth upgrade across Exim releases, in case
this option causes some clients to start failing. Some future release