This month in Prosody trunk development brings a new channel binding method compatible with TLS 1.3. This brings MITM-resistant authentication for modern clients. The older channel binding method was not compatible with TLS 1.3. Many thanks to @mellium for help testing and IETF work on the new RFC and generally pushing things along!

Support for running on Lua 5.1 has been removed, because the subtle differences in language and API was getting in the way of future work.

@prosodyim @mellium What is the basic idea behind the reason MITM is a threat without channel binding?

@kaip @prosodyim Let's assume, for example, that someone compromises the TLS certificate of a server you're trying to authenticate against. They MITM the connection by making a connection to the upstream server and trick you into making a connection to them. Using channel binding means that the authentication attempt won't be valid to the upstream server and the connection won't complete because their TLS session won't have the same channel binding data as yours.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.