RFC 9266: Channel Bindings for TLS 1.3 support

[Neustradamus]

Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?

• https://datatracker.ietf.org/doc/html/rfc9266

Little details, to know easily:

• tls-unique for TLS =< 1.2
• tls-server-end-point
• tls-exporter for TLS = 1.3

Thanks in advance.

Linked to:

• State of Play scram-sasl/info#1
• SCRAM-SHA-1-PLUS + SCRAM-SHA-256-PLUS + SCRAM-SHA-512-PLUS + SCRAM-SHA3-512(-PLUS) supports #1
• SCRAM-SHA-1-PLUS + SCRAM-SHA-256-PLUS + SCRAM-SHA-512-PLUS + SCRAM-SHA3-512(-PLUS) supports moxxmpp#2
• RFC 9266: Channel Bindings for TLS 1.3 support moxxmpp#3

[PapaTutuWawa]

While I'd like to implement this, I sadly cannot. Flutter/Dart don't give me enough control over the TLS negotiation to do things like channel binding. This would require moving the socket onto the native side where I'd have more possibilities. It's the same reasoning as with the SCRAM-*-PLUS variants.

[Neustradamus]

Thanks @PapaTutuWawa for your answer!

I have added a ticket in flutter and dart-lang orgs.