Re: Poll: use of TLS channel bindings in SCRAM

[Simon Josefsson <simon@xxxxxxxxxxxxx>]

Alexey Melnikov <alexey.melnikov@xxxxxxxxx> writes:

> I've discussed channel bindings with Nico in jabber and we agreed that
> we need to get WG consensus on how TLS channel bindings should be used
> with SCRAM.
> Please provide an orded list of alternatives you find acceptable from
> the choices listed below. (Please restrict discussions of variants of
> these choices at the moment. I will do another poll on such choices
> later, depending on the outcome of this poll. Also, please read notes
> for the choices before answering). Please answer the poll by the end
> of June 7th.
>
> 1). SCRAM should just use a single allowed TLS channel binding and
> don't have any negotiation of other TLS channel bindings (*) (**)
> a). the default is tls-unique
> b). the default is tls-server-end-point
> 2). SCRAM should just use tls-server-end-point, fallback to
> tls-unique, no negotiation of other TLS channel bindings (*)
> 3). SCRAM should always use channel binding negotiation (*)
> 4). SCRAM should have a default TLS channel binding with optional
> negotiation of TLS channel bindings (*)
> a). the default is tls-unique
> b). the default is
> 5). I have another opinion [this is for the case when there is some
> valid choice which you think should be considered by the WG]

My preferred order is as follows:

1a
4a
3
4b (I'm assuming it refers to tls-server-end-point)
1b
2
5 use YAP

/Simon