xsf · iNPUTmice · Apr 15, 2024 · Jan 30, 2024
diff --git a/xep-0440.xml b/xep-0440.xml
@@ -23,6 +23,14 @@
   <supersededby/>
   <shortname>sasl-cb-types</shortname>
   &flow;
+  <revision>
+    <version>0.4.1</version>
+    <date>2024-30-30</date>
+    <initials>fs</initials>
+    <remark>
+      Recommend the usage of tls-exporter over tls-server-end-point
+    </remark>
+  </revision>
   <revision>
     <version>0.4.0</version>
     <date>2022-09-21</date>
@@ -162,7 +170,9 @@
 
   <p>As further mitigation, servers MUST and clients are RECOMMENDED to
   at least implement the channel-binding type tls-server-end-point (&rfc5929;)
-  to increase the probability of a mutual supported channel-binding type.</p>
+  to increase the probability of a mutual supported channel-binding type. However,
+  due its improved security properties, the tls-exporter (&rfc9266;) channel-binding
+  type should be prefered over tls-server-end-point.</p>
 
 </section1>
 
@@ -189,8 +199,8 @@
   <p>Thanks to Sam Whited for the discussion about the underlying
   issue and incentivizing me to come up with this extension. Further
   thanks goes to Ruslan N. Marchenko for pointing out the possible
-  MITM attack vector. Last but not least, Dave Cridland and Thilo Molitor
-  provided valuable feedback.</p>
+  MITM attack vector. Last but not least, Dave Cridland, Thilo Molitor,
+  and Simon Josefsson provided valuable feedback.</p>
 
 </section1>