diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2019-11-23 22:21:00 +0000 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2019-11-23 22:21:00 +0000 |
| commit | bda253e55534a96a3c1fd9747121c46e6507ed32 (patch) | |
| tree | c32f6969c0b548b1f41d6fe8ae54184294856ee5 | |
| parent | a3df157980b463b89d71a3f12d88abe5bad857dc (diff) | |
Docs: gsasl auth channel-binding now also usable under OpenSSL
| -rw-r--r-- | doc/doc-docbook/spec.xfpt | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index a93f61182..0e7d7655c 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -27460,9 +27460,11 @@ This should have meant that certificate identity and verification becomes a non-issue, as a man-in-the-middle attack will cause the correct client and server to see different identifiers and authentication will fail. -This is currently only supported when using the GnuTLS library. This is +.new +This is only usable by mechanisms which support "channel binding"; at time of writing, that's the SCRAM family. +.wen This defaults off to ensure smooth upgrade across Exim releases, in case this option causes some clients to start failing. Some future release |